ShinyHunters Claims 297GB HR and Payroll Data from Council of Europe

A group known as ShinyHunters has claimed responsibility for stealing more than 297 GB of HR and payroll records from the Council of Europe, data that includes payslips, CVs, employee files, bank details, medical records and salary information for over 10,000 staff members and contractors.

Public reporting indicates the claim appeared on the group’s leak site around 13-14 June 2026. The files allegedly contain personal and financial information belonging to both current and former personnel as well as individuals who have worked with the organisation. The Council of Europe has not yet confirmed the breach, and the incident appears separate from other recent ShinyHunters activity. Available reporting describes the volume as 429,000-plus files, making it one of the larger caches of sensitive employment data offered for sale or extortion in recent months. Industry research from sources such as DoxxScan™ continuous monitoring indicates that HR and payroll breaches frequently expose combinations of full names, dates of birth, national identification numbers, home addresses, bank account details and health information.

This matters for you and your family because the same types of records that organisations hold about employees are often held about ordinary people by employers, schools, insurers, banks and government agencies. When that information leaks, it can be used to impersonate you, open accounts in your name, file fraudulent tax returns or pressure you with embarrassing medical or financial details. Children’s records sometimes appear in the same datasets through dependent coverage or family-linked employee files, giving attackers a head start on building profiles that follow your family for years.

The doxxing and identity-chain implications are particularly serious. A single leaked email or phone number from a payroll file can be correlated with gaming usernames, social-media handles and family addresses. Attackers then move from one platform to another, turning a workplace breach into harassment, account takeovers or physical threats. Credential leaks like this one routinely cascade into gaming account compromises because the same passwords or password patterns are reused across work systems, personal email and children’s online games.

What to do

• Run a DoxxScan to map every link between your emails, phone numbers, handles and real-world identity so you can see exactly what an attacker would discover from this type of breach.
• Rotate the passwords you used at any Council of Europe-related services or any workplace account and replace them with unique, strong passwords; enable two-factor authentication through an authenticator app rather than SMS.
• Enable continuous DoxxScan monitoring across 15.4 billion-plus breach records and more than 100 platforms so the next leak that touches your family is flagged within hours instead of months.
• Cover the household with DoxxScan family coverage that extends to dependents and children’s gaming accounts, which often chain back to the same addresses and parent emails exposed in HR data.
• Let remediation specialists handle the takedown requests across data brokers and leak sites for you while you focus on securing your own accounts.

The reality is that large organisations will continue to suffer breaches, but you do not have to remain exposed once the data appears in the wild. Start your DoxxScan trial today and combine continuous monitoring across 15.4B+ breach records and 100+ platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage—including your or your children’s gaming accounts—so that leaks like the Council of Europe incident become manageable incidents rather than life-altering events.

Source: https://databreaches.net/2026/06/14/shinyhunters-claims-theft-of-297gb-of-council-of-europe-data-claims-unconfirmed-as-yet/