ShinyHunters — every breach we're tracking
Running log of incidents attributed to or claimed by ShinyHunters in public reporting, with what was exposed and what victims should do. Updated as new incidents are ingested.
Groups like ShinyHunters steal data first and extort second — and the stolen records rarely stay private. Once a victim organization's data hits a leak site, the personal details inside (names, emails, phones, addresses) get scraped into the same broker-and-dump ecosystem every doxxer searches. If an organization you've used appears below, treat your data as circulating.
Tracked incidents
Zara Data of 197K Customers Exposed in ShinyHunters Ransomware Attack
ShinyHunters claimed responsibility for compromising Zara (Inditex) via a former technology provider (Anodot/Snowflake-related). They leaked…
Cushman & Wakefield confirms vishing breach claimed by ShinyHunters and Qilin
Commercial real estate firm Cushman & Wakefield confirmed a vishing-related cyber incident after being listed by both ShinyHunters and Qilin…
Kodak Confirms Data Breach Claimed by ShinyHunters
Kodak confirmed that an unauthorized third party gained temporary access to a limited amount of company data. The company engaged external c…
Both halves of the chain, cleaned once.
A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.