Grafana Labs
May 11, 2026
•[ source code leak, extortion, compromised credentials ]
Grafana Labs confirmed that a cybercrime group used a compromised GitHub token to access its GitHub repositories and download its codebase and internal GitHub repository content. The attackers demanded ransom to prevent disclosure, but Grafana said customer production systems, Grafana Cloud, customer operations, customer data, and personal information from production systems were not compromised.
7-Eleven
April 8, 2026
•[ unauthorized access, data leak, ransom ]
7-Eleven discovered on April 8, 2026 that an unauthorized third party accessed systems used to store franchisee documents. ShinyHunters claimed responsibility, claimed theft of more than 600,000 Salesforce records, and leaked a 9.4 GB archive after ransom demands were not met; Have I Been Pwned identified 185,300 exposed individuals in the leaked data.
Waltio
January 24, 2026
•[ data leak, extortion, cryptocurrency ]
French crypto tax platform Waltio reported being targeted by the ShinyHunters group, which claimed to possess personal data for nearly 50,000 users and threatened to leak users 2024 tax reports unless a ransom was paid. Waltio stated that its services and production systems remained secure and that no sensitive banking credentials or crypto access data was compromised. The incident primarily involves alleged data theft and extortion threats rather than service disruption, with the full scope of stolen fields not detailed in the summary.
Russian Ministry of Construction, Housing and Utilities (minstroyrf.gov.ru)
June 4, 2022
•[ hack, defacement, ransom ]
The Russian Ministry of Construction, Housing and Utilities (minstroyrf.gov.ru) is hacked. When searched on the internet, the sites address leads to a sign in the Ukrainian language that read- Glory to Ukraine.'' The attackers also demanded ransom to prevent the leaking of personal data of the site users.
