A Ralph Lauren dataset tied to a June 2026 ShinyHunters pay-or-leak incident contains 140,178 indexed records. Exposed data includes email addresses, names, phone numbers, country, gender, age group, and transaction or survey context.
Madison Square Garden Sports was hit in a June 2026 ShinyHunters extortion campaign, with leaksear.ch indexing 9,796,326 records. The data includes names, email addresses, phone numbers, physical addresses, dates of birth, usernames, and CRM or support details tied to customers and staff.
A June 2026 Nexstar Media Group Salesforce leak indexed by leaksear.ch contains 14,600 person-level CRM records. Public reporting tied the incident to a ShinyHunters extortion claim, while Nexstar's own confirmation and the full compromise path remain unclear.
A Pathstone leak indexed by leaksear.ch contains about 70,000 records tied to client CRM data and document-inventory metadata. Public reports attributed the incident claim to ShinyHunters, while the indexed fields include contact data, dates of birth, addresses and sensitive financial-document context.
A ShinyHunters-linked leak involving Inter-Con Security Systems exposed 285,983 indexed Salesforce and OneDrive records. The data includes names, emails, phones, addresses, usernames, Salesforce business records, and employee document inventory metadata.
A JCPenney leak indexed by leaksear.ch contains 138,226 HR-related records from employee, candidate, payroll, banking and HR exports. Public reporting and Have I Been Pwned link the exposure to ShinyHunters' June 2026 Oracle PeopleSoft extortion campaign.
A published Sysco dataset tied to ShinyHunters contains 7.7 million indexed records with customer and employee contact details. Public reporting links the incident to a Salesforce-focused extortion claim, while Have I Been Pwned reports 2.7 million unique email addresses in the published data.
A ShinyHunters-linked European Commission leak indexed by leaksear.ch contains 1,798 DIGIT SSO user records. The data includes names, email addresses, usernames, and user IDs, creating phishing and account-enumeration risk for affected users.
A Vodafone-labeled dataset indexed by leaksear.ch contains 1,000 records with email, password and username fields. The breach date is not supplied, and public reporting does not confirm whether this is a subset of earlier Vodafone incidents.