Tag: shinyhunters
76 articles

Microsoft Tracks ShinyHunters' Salesforce Data Theft Via OAuth Flaws
Microsoft uncovered a sneaky year-long operation by the ShinyHunters extortion group, who exploited trust in Salesforce's OAuth system to steal sensitive data, using clever vishing tactics to trick employees into granting access to a malicious app. The attackers posed as IT support, convincing victims to authorize a fake Data Loader tool that allowed them to make API calls and search for valuable credentials.

Multiple Breaches Expose Millions in June
A massive data breach at Madison Square Garden put over 26 million records at risk after a threat actor group, ShinyHunters, made a ransom demand and released the data when it wasn't met. This alarming incident highlights the growing threat of data breaches and the importance of robust cybersecurity measures.

ShinyHunters Breach Exposes 2.3M Moody Bible Institute Accounts
A massive data breach at Moody Bible Institute has exposed the sensitive information of over 2.3 million people, including names, addresses, phone numbers, and more, after being targeted by the notorious extortion group ShinyHunters. The stolen data, which was leaked on June 23, puts countless individuals at risk of identity theft and cyber attacks.

ShinyHunters Breach Exposes NAIC's Public Data
The National Association of Insurance Commissioners (NAIC) revealed that a breach exposed its public data after an unauthorized third party exploited a PeopleSoft vulnerability, identified as CVE-2026-35273, tied to the notorious ShinyHunters extortion group. This security issue allowed attackers to gain access to a portion of NAIC's IT systems, compromising sensitive information.

ShinyHunters Breach Exposes Madison Square Garden Data
A recent cyberattack by ShinyHunters has exposed sensitive data from Madison Square Garden, highlighting a growing concern about cyber risk in the professional sports industry. The breach, which included over 26 million records, is a stark reminder of the importance of robust cybersecurity measures.

Kodak Breach Exposes 2.2M Records to ShinyHunters Threat Group
Kodak has confirmed a major data breach, with the ShinyHunters threat group claiming to have stolen 2.2 million records, including sensitive customer information. The company is working closely with law enforcement and cybersecurity experts to address the breach.

Kodak Breach Exposes Sensitive Data After ShinyHunters Hack
Kodak recently suffered a data breach at the hands of hackers known as ShinyHunters, who gained temporary access to sensitive company data. The company has launched a swift investigation with external cybersecurity experts and is working closely with law enforcement to mitigate the impact.

ShinyHunters Breach Council of Europe in Oracle PeopleSoft Heist
The Council of Europe has fallen victim to a massive data breach, with hackers claiming to have stolen a whopping 297 GB of sensitive information, including HR records, payslips, and medical data, by exploiting a zero-day flaw in Oracle PeopleSoft. The ShinyHunters extortion group is behind the breach, boasting a haul of 429,000 files from the attack.

Council of Europe Probes ShinyHunters Data Breach Claims
The Council of Europe is actively investigating claims by the ShinyHunters extortion group that sensitive internal documents were stolen, and is working to assess the situation. The organization, which represents 46 European member states, has confirmed the probe but declined to provide further comment at this stage.

ShinyHunters Breach Exposes 137,000 Infinite Campus Staff Accounts
A massive data breach at Infinite Campus has exposed the sensitive information of 137,000 staff members, including names, email addresses, phone numbers, and physical addresses, after the ShinyHunters extortion group hacked into the company's Salesforce instance. The stolen data has been published online, putting staff at risk of identity theft and phishing scams.

ShinyHunters Exploits Oracle Flaw to Breach Universities
A zero-day flaw in Oracle PeopleSoft PeopleTools, known as CVE-2026-35273, has been exploited by ShinyHunters, potentially infiltrating over 100 organizations, with universities being the hardest hit. This vulnerability allows attackers to execute remote code and take over affected servers, posing a significant threat to higher education institutions.

ShinyHunters Exploits Oracle PeopleSoft Vulnerability in Education Sector Attacks
ShinyHunters hackers have exploited a critical Oracle PeopleSoft vulnerability, CVE-2026-35273, to launch targeted attacks on US organizations, particularly in the higher education sector. The attacks, which involved data theft and extortion, hit a whopping 68% of US higher education institutions.

ShinyHunters Breaches Universities via Oracle PeopleSoft Zero-Day Exploit
Hackers have struck 68% of breached organizations in the higher education sector, with a whopping majority being US universities, by exploiting a critical zero-day vulnerability in Oracle PeopleSoft. This severe flaw, rated 9.8/10, allows for remote code execution with no login or user interaction required.

Oracle Discloses Zero-Day Flaw in PeopleSoft Exploited in Data Theft Attacks
A critical zero-day flaw in Oracle PeopleSoft, known as CVE-2026-35273, has been exploited by hackers to steal sensitive data from over 100 organizations, with a staggering 300 instances affected. Oracle has issued emergency mitigations and is working on a patch to address this highly vulnerable issue.

ShinyHunters Exploits Oracle PeopleSoft Zero-Day to Breach 100 Orgs
ShinyHunters, a notorious data theft group, claims to have exploited a critical Oracle PeopleSoft zero-day vulnerability, CVE-2026-35273, to breach over 100 organizations, including the University of Nottingham. The group allegedly stole sensitive data, posting some of it on their leak site.

ShinyHunters Breach Exposes 454,600 University of Nottingham Records
The University of Nottingham has confirmed a major data breach, with a notorious cybercriminal group gaining access to a massive 454,600 student records, affecting both current students and alumni. The university is working closely with authorities and experts to investigate the incident and mitigate its impact.

ShinyHunters Targets Oracle PeopleSoft Servers in Widespread Data Theft Attacks
ShinyHunters, a notorious extortion group, has launched a massive data theft campaign targeting Oracle PeopleSoft servers, compromising over 300 instances across 100+ organizations, with a significant impact on the education sector. The attackers have brazenly claimed responsibility, boasting of their exploits in a chilling conversation with BleepingComputer.

DentaQuest Breach Exposes 2.6M Accounts
A massive data breach at dental benefits provider DentaQuest has exposed a staggering 2.6 million accounts, after hackers stole over 234 GB of sensitive information and released it following failed negotiations with the company.

DentaQuest Breach Exposes 2.6 Million Accounts
A major data breach at DentaQuest has exposed a staggering 2.6 million accounts, after an extortion group called ShinyHunters claimed to have stolen over 234 GB of sensitive data. The breach was confirmed by DentaQuest on June 2, who assured customers they are actively managing the cybersecurity incident.

ShinyHunters Breaches Charter, Exposes 4.9M Customer Records
A massive data breach at Charter has exposed a whopping 4.9 million customer records, with hackers from the notorious ShinyHunters group proudly adding the telco to their "trophy shelf" and making sensitive info like names, addresses, and phone numbers publicly available. Charter has downplayed the incident, claiming no sensitive data was taken, but the reality is that millions of customers are now at risk.

Charter Communications Breach Exposes 4.9 Million Accounts
A shocking data breach at Charter Communications has left 4.9 million customer accounts vulnerable, with hackers gaining access to sensitive information including names, email addresses, phone numbers, and physical addresses. The breach occurred after a clever voice phishing attack on April 1 allowed cybercriminals to tap into the company's Salesforce database.

Carnival Cruise Data Breach Exposes 6 Million Customers
A recent data breach at Carnival Cruise, affecting 6 million customers, highlights the vulnerability of traditional security controls to social engineering tactics, where a single compromised employee device can lead to devastating consequences. This incident serves as a stark reminder of the human factor in cybersecurity, where threat actors exploit trust and impersonation to gain access to sensitive information.

Carnival Breach Exposes 6M Customer Records to ShinyHunters
A massive data breach at Carnival has exposed a staggering 6 million customer records, thanks to a cyberattack by the notorious hacker collective ShinyHunters. The travel and leisure giant confirmed the theft, which occurred in April, leaving millions of customers' sensitive information at risk.

Charter Breach Exposes Millions of Customer Records
Millions of customer records have been exposed in a shocking data breach at Charter Communications, with the company swiftly confirming the incident and assuring customers that sensitive personal info remains safe. The breach, reportedly involving 40 million records, has triggered a thorough investigation and cooperation with authorities.