In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters “pay or leak” extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data allegedly...
In January 2026, the automotive research and car-shopping platform Edmunds was listed by the ShinyHunters hacking group as having been breached. Data purportedly obtained in the incident was later published publicly and included...
In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service’s database to a public GitHub repository. The...
In May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a “pay or leak” extortion...
In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a “pay or leak” extortion campaign. The attackers allegedly accessed Kemper’s...
In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters “pay or leak” extortion group. After the ransom deadline passed, the group publicly released the data which...
In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a “pay or leak” extortion campaign. The group claimed possession of more than 200GB of compressed data...
In April 2026, 7-Eleven was the victim of a “pay or leak” extortion campaign by ShinyHunters, with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical...
In December 2025, the European Dragonica private server Dragonica Lunaris suffered a data breach. The incident exposed 126k email addresses, usernames, dates of birth and bcrypt password hashes. The service operator confirmed...
In January 2021, the parody site Windows93 suffered a data breach of the Myspace93 sub-site after a beta application was exploited to download server files. The compromised data was later leaked in June and included 46k...
In April 2026, data allegedly obtained from CTT, Portugal’s national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking...
In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that “it is possible that your personal information may have been compromised”. The “pay...
