Vimeo
April 28, 2026
•[ unauthorized access, data leak, stolen data ]
Vimeo confirmed that an unauthorized actor accessed certain user and customer data through the Anodot breach; ShinyHunters later leaked 106GB of stolen data affecting 119,200 email addresses.
Udemy, Inc.
April 24, 2026
•[ data leak, extortion, ShinyHunters ]
ShinyHunters listed Udemy in a pay-or-leak extortion attempt on April 24, 2026 and subsequently leaked data containing 1.4 million unique email addresses belonging to customers and instructors, along with names, physical addresses, phone numbers, employer information, and instructor payout methods. Public reporting did not confirm encryption, deletion, or operational disruption.
Booking.com
April 15, 2026
•[ unauthorized access, data breach, PII leak ]
Booking.com detected suspicious activity affecting a number of reservations and notified customers that unauthorized third parties may have accessed booking details, names, email addresses, addresses, phone numbers, and information shared with properties; financial information was not accessed, and Booking.com reset reservation PINs for affected users.
Rituals
April 1, 2026
•[ data breach, unauthorized access, PII ]
Rituals confirmed that an unauthorized download of My Rituals membership data occurred in April 2026, affecting customers in Europe, the United Kingdom, and the United States. The downloaded data included names, dates of birth, gender, postal and email addresses, phone numbers, preferred store locations, and account types; Rituals did not disclose the exact number of affected members, and reporting stated that passwords and payment data were not accessed.
Hallmark
March 31, 2026
•[ data leak, extortion, support tickets ]
In March 2026, Hallmark suffered an alleged breach and subsequent extortion after attackers gained access to data stored within Salesforce. The data was later published after the extortion deadline passed, exposing 1.7M unique email addresses across both Hallmark and the Hallmark+ streaming service, along with names, phone numbers, physical addresses and support tickets.
Elecq
March 7, 2026
•[ ransomware, data breach, cloud security ]
Fleet World reported that EV charging solutions provider Elecq suffered a ransomware attack on its AWS cloud platform discovered on March 7, 2026 after unusual activity. A notice to customers said compromised information included customer names, email addresses, phone numbers, home addresses, and location data. The company stated that no payment/financial information was accessed and that the physical charging devices were not affected and remained secure and operational.
Murata Manufacturing Co., Ltd.
February 28, 2026
•[ unauthorized access, data leak, IT environment breach ]
Murata Manufacturing confirmed unauthorized third-party access to its IT environment and improper access to data, with later updates identifying possible leakage of employee, associated-person, customer, supplier, stakeholder, and business partner information.
PcComponentes
January 22, 2026
•[ data breach, investigation, customer data ]
TechRadar reported that the PC-components retailer PcComponentes was looking into online claims of a breach while the company denied that a confirmed customer data breach had occurred. The article focused on the investigation and the companys public position. In the accessible page text used here, there was no definitive disclosure of an attacker, a verified data set, or a confirmed number of affected customers, so the impact to customer data is coded as undetermined.
McDonald's India
January 20, 2026
•[ ransomware, data leak, data exfiltration ]
HackRead reported that on January 20, 2026 the Everest ransomware group claimed it breached McDonalds India and exfiltrated 861 GB of customer data and internal documents. The report described screenshots purportedly showing internal financial reports (20232026), audit trails, cost tracking, ERP migration files, pricing data, and other internal communications, as well as a Contact Database spreadsheet with investor/business-partner contact details and store-level manager contact information. Everest reportedly issued a short deadline and threatened to leak data; the article noted the claim was unverified at the time.
Netstar Australia
January 5, 2026
•[ ransomware, data leak, financial data ]
Netstar Australia, a Melbourne-based telematics and GPS fleet tracking provider, was named on a ransomware leak site in December 2025 by the Black Shrantac ransomware group. The threat actors alleged they compromised Netstars systems and stole customer, financial, and database information, claiming roughly 800GB of data and posting sample files said to include internal records related to staff, tax, equipment, and customers. Public reporting noted that Netstar had not provided a detailed public statement confirming the claims at the time of publication.
Brightspeed
January 5, 2026
•[ cybersecurity event, extortion, data breach ]
Brightspeed said it is investigating reports of a cybersecurity event after the Crimson Collective extortion group claimed it breached the company and stole personal data tied to more than one million residential customers. Reporting described the attackers claimed dataset as including names, emails, phone numbers, postal addresses, user account information linked to session or user IDs, payment history, partial payment card information, and appointment or order records containing customer information. Brightspeed publicly stated it takes security seriously and is investigating the reports and would keep customers, employees, and authorities informed as it learns more.
Bouygues Telecom
August 4, 2025
•[ cyberattack, data leak, IBAN ]
Bouygues Telecom, Frances third-largest mobile operator, detected a cyberattack on August 4, 2025, which exposed personal and contractual customer data including IBANs for approximately 6.4 million accounts; passwords and payment card details were not compromised.
Philadelphia Insurance
June 9, 2025
•[ unauthorized access, data leak, customer data ]
Philadelphia Insurance Companies detected unauthorized access to its systems late on June 9, 2025; it proactively disconnected affected systems, stated the incident was not ransomware and involved no encryption, and later disclosed that customer data had been accessed.
Well.ca
February 18, 2014
•[ data breach, credit card information, customer data ]
Well.ca, a Canadian online retailer for health and beauty products, declares to have suffered a data breach, compromising the credit card information of a few thousand of its customers.
