Search Results for "data leak"

ADT April 20, 2026 • [ data breach, extortion, data leak ] In April 2026, home security firm ADT confirmed a data breach by ShinyHunters, which listed the company on its website as part of a "pay or leak" extortion attempt. The breach impacted 5.5M unique email addresses along with names, phone numbers and physical addresses. ADT also advised that "in a small percentage of cases, dates of birth and the last four digits of Social Security numbers or Tax IDs were included" and that it had contacted all affected people.

Canada Life April 20, 2026 • [ extortion, data leak, phishing ] In April 2026, Canada Life was the victim of a "pay or leak" extortion campaign by the ShinyHunters group. The group subsequently published the data which contained over 200k unique email addresses along with names, phone numbers, physical addresses and, in some cases, customer support tickets. In their disclosure notice, Canada Life advised that "it is a small proportion of our customers who may have been impacted". In the wake of the incident, Canada Life also published an alert cautioning customers to be wary of phishing attacks, a pattern often seen after the public release of breached data.

Nordenta April 20, 2026 • [ ransomware, data leak ] The Danish dental supplier Nordenta was listed on the Kairos ransomware leak site around April 20, 2026, and Computerworld reported on April 22 that the company had been hit by ransomware. Kairos claimed to have stolen 1.68 TB of data and used the leak-site post to pressure company executives, but the specific data categories and operational impact were not confirmed in the reviewed sources.

Pitney Bowes April 20, 2026 • [ extortion, data leak, hacking collective ] In April 2026, the hacking collective ShinyHunters claimed to have obtained data from Pitney Bowes as part of a broader extortion campaign that also named several other organisations. After negotiations allegedly failed, the group publicly released the data which included 8.2M unique email addresses, along with names, phone numbers and physical addresses. A subset of the data also included Pitney Bowes employee records with job titles.

Aman Resorts April 18, 2026 • [ extortion, data leak, PII ] ShinyHunters named Aman Resorts in an April 2026 pay-or-leak extortion campaign and claimed compromise of over 500,000 Salesforce CRM records containing PII. DataBreach indexed 294,871 rows, while Have I Been Pwned reported over 200,000 unique email addresses and said the leaked data also included names, phone numbers, physical addresses, dates of birth, nationalities, spouse names, and VIP status codes. Public sources did not confirm encryption, data destruction, or operational disruption.

Carnival April 18, 2026 • [ phishing, extortion, data leak ] In April 2026, the notorious hacking collective ShinyHunters claimed they had obtained a substantial volume of data belonging to the Carnival cruise operator and attempted to extort the organisation to prevent the data from being leaked. The following week, the group published the data publicly, which contained 8.7M records with 7.5M unique email addresses. The data contained fields indicating it related to the Mariner Society loyalty program run by Holland America, a cruise line brand under Carnival, and included names, dates of birth, genders and data relating to status within the loyalty program. Carnival acknowledged a phishing incident involving a single user account and advised they were working to better understand the scope of the unauthorised activity.

The Canada Life Assurance Company April 17, 2026 • [ unauthorized access, data leak, personal information ] The Canada Life Assurance Company confirmed unauthorized access through an employee account that exposed personal information for up to 70,000 people.

Medtronic April 17, 2026 • [ data leak, unauthorized access, personal records ] ShinyHunters listed Medtronic on its leak site on April 17, 2026, claiming theft of more than 9 million personal records and terabytes of corporate information; Medtronic confirmed unauthorized access to corporate IT systems but had not confirmed data theft.

Inditex (Zara owner) April 15, 2026 • [ unauthorized access, third-party breach, customer transaction information ] Inditex reported unauthorized access to third-party-hosted databases containing customer transaction information; the company said the affected databases did not contain addresses, passwords, or bank card details and that it applied security protocols and notified authorities.

Kemper April 15, 2026 • [ ransomware, social engineering, extortion ] In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign. The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part of a broader campaign targeting hundreds of organisations using the same method. The group later published tens of gigabytes of data they claimed included internal directory data, Salesforce records and Stripe payment logs. Among the 269k unique email addresses were names, phone numbers, physical addresses and partial payment card data including the last 4 digits, expiry dates and card brands. Kemper confirmed the incident and stated they had engaged third-party cybersecurity experts and notified law enforcement.

Zara April 15, 2026 • [ extortion, data leak, third-party risk ] In April 2026, the fashion brand Zara was among a number of organisations targeted by the ShinyHunters extortion group as part of their "pay or leak" campaign. The group claimed the breach was related to a compromise of the Anodot analytics platform and subsequently published a terabyte of data allegedly including 95M support ticket records. The data contained 197k unique email addresses alongside product SKUs, order IDs and the market the support ticket originated in. Zara's parent company Inditex advised that the incident didn't affect passwords or payment information.

Agence nationale des titres sécurisés (ANTS) April 15, 2026 • [ unauthorized access, data leak, identity document theft ] On April 15, 2026, ANTS, also known as France Titres, detected unauthorized access to the ants.gouv.fr portal. The agency confirmed a data breach involving citizen identity-document portal data, while breach3d claimed to have stolen up to 19 million records and offered them for sale; ANTS did not specify the total number of affected citizens.

Empower Group April 15, 2026 • [ data leak, personally identifiable information, finance ] DragonForce reportedly claimed responsibility for a breach of Empower Group, a New York-based alternative financing provider, and claimed to have exfiltrated approximately 316GB of data. DataBreach later indexed 6,691,415 rows allegedly tied to the breach, including Social Security numbers, dates of birth, email addresses, phone numbers, names, and street addresses. Public sources did not confirm file encryption or operational disruption.

Abrigo April 14, 2026 • [ extortion, data leak, fintech ] In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data allegedly taken from the company's Salesforce instance was published publicly and contained over 700k unique email addresses belonging to both Abrigo staff and external contacts. Whilst separate from Abrigo's Salesforce compromise via the Drift application connector the previous year, the data fields described in that incident are consistent with the ShinyHunters data, namely that it was "business contact information" including "institution name, employee name, email addresses, and phone numbers".

McGraw Hill April 14, 2026 • [ misconfiguration, data leak, extortion ] McGraw Hill confirmed that a Salesforce-hosted webpage misconfiguration exposed limited contact data, while ShinyHunters claimed millions of Salesforce records and attempted extortion.

Gastroenterology & Hepatology of CNY April 14, 2026 • [ ransomware, data-extortion, healthcare ] Exitium claimed responsibility for a ransomware and data-extortion attack against Gastroenterology & Hepatology of CNY on April 14, 2026, claiming it had encrypted systems and threatened to sell patient records if its demands were not met. DataBreach.com later indexed 196,959 rows associated with the leak, while other public reporting described Exitium's claim as involving approximately 167,303 patient records.

Basic-Fit April 13, 2026 • [ unauthorized access, data breach, data leak ] Basic-Fit detected unauthorized access to the system that records member visits and stopped the intrusion within minutes, but external security experts determined that data for active members in several countries had been downloaded, affecting about 1 million members overall, including around 200,000 in the Netherlands.

Marcus & Millichap April 12, 2026 • [ hacking, extortion, data leak ] In April 2026, the commercial real estate brokerage firm Marcus & Millichap was named as one of multiple alleged victims of the ShinyHunters hacking and extortion group. Data alleged to have been obtained from the company was subsequently released publicly and included 1.8M unique email addresses, along with names, phone numbers and employment-related information including employer, job title and physical company address. In their disclosure notice, Marcus & Millichap advised that data which may have been accessed appeared limited to "company forms, templates, marketing materials, and general contact information".

Mytheresa April 12, 2026 • [ extortion, data leak, ShinyHunters ] In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group. After the ransom deadline passed, the group publicly released the data which contained 84k unique email addresses. The exposed data also included names, phone numbers, physical addresses, purchases and partial credit card data including card type, last 4 digits and expiry date.

Morocco’s Office of Vocational Training and Employment Promotion (OFPPT) April 12, 2026 • [ data leak, compromised account, user data ] OFPPT disclosed that data from about 100,000 MyWay platform users was leaked after likely misuse of a compromised account.

Search Results (data leak)