ShinyHunters - Geek Feed

CarGurus data breach exposes information of 12.4 million accounts

February 28, 2026February 28, 2026 geekfeed0Tagged CarGurus, data breach, Data Leak, Extortion, Have I Been Pwned, ShinyHunters

The ShinyHunters extortion group has published personal information in more than 12 million records allegedly stolen from CarGurus, a U.S.-based digital auto platform. CarGurus is a publicly traded automotive research and shopping company that operates in the U.S., Canada, and the U.K. Its website has an estimated 40 million monthly visitors and helps people find, compare, and […]

2 mins read

Data breach at fintech firm Figure affects nearly 1 million accounts

February 22, 2026February 22, 2026 geekfeed0Tagged Breach, data breach, Data Leak, Figure, FinTech, ShinyHunters

Hackers have stolen the personal and contact information of nearly 1 million accounts after breaching the systems of Figure Technology Solutions, a self-described blockchain-native financial technology company. Founded in 2018, Figure uses the Provenance blockchain for lending, borrowing, and securities trading, and has unlocked over $22 billion in home equity with over 250 partners, including […]

2 mins read

Canada Goose investigating as hackers leak 600K customer records

February 20, 2026February 20, 2026 geekfeed0Tagged Canada Goose, Data Leak, Extortion, Ransom, ShinyHunters

ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told GeekFeed the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. Founded in 1957, Canada Goose is […]

3 mins read

Panera Bread breach impacts 5.1 million accounts, not 14 million customers

February 3, 2026February 3, 2026 geekfeed0Tagged Breach, data breach, Have I Been Pwned, Panera Bread, ShinyHunters

The data breach notification service Have I Been Pwned says that a data breach at the U.S. food chain Panera Bread affected 5.1 million accounts, not 14 million customers as previously reported. Founded in 1987, the company operates nearly 2,300 bakery-cafes across 48 U.S. states and in Ontario, Canada, under the names Panera Bread or […]

3 mins read

Mandiant details how ShinyHunters abuse SSO to steal cloud data

February 2, 2026February 2, 2026 geekfeed0Tagged Data Theft, google, IoC, Mandiant, Microsoft Entra, Okta, ShinyHunters, Single Sign-On

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. As first reported by GeekFeed, threat actors are impersonating corporate IT and helpdesk staff and calling employees directly, claiming that MFA settings […]

6 mins read

Match Group breach exposes data from Hinge, Tinder, OkCupid, and Match

February 1, 2026February 1, 2026 geekfeed0Tagged Customer Data, data breach, Data Leak, Dating, Match Group, phishing, ShinyHunters

Match Group, the owner of multiple popular online dating services, Tinder, Match.com, Meetic, OkCupid, and Hinge, confirmed a cybersecurity incident that compromised user data. The company stated that hackers stole a “limited amount of user data” after the ShinyHunters threat group leaked 1.7 GB of compressed files allegedly containing 10 million records of Hinge, Match, […]

3 mins read

Have I Been Pwned: SoundCloud data breach impacts 29.8 million accounts

January 29, 2026January 29, 2026 geekfeed0Tagged data breach, Extortion, Have I Been Pwned, Security Breach, ShinyHunters, SoundCloud

Hackers have stolen the personal and contact information belonging to over 29.8 million SoundCloud user accounts after breaching the audio streaming platform’s systems. SoundCloud was founded in 2007 as an artist-first platform that now provides access to over 400 million tracks from more than 40 million artists worldwide. The company confirmed the breach on December 15, following widespread reports from users […]

2 mins read

ShinyHunters claim to be behind SSO-account data theft attacks

January 26, 2026January 26, 2026 geekfeed0Tagged google, microsoft, Microsoft Entra, Okta, ShinyHunters, SSO, Vishing

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them into entering their […]

5 mins read

BreachForums hacking forum database leaked, exposing 324,000 accounts

January 12, 2026January 12, 2026 geekfeed0Tagged BreachForums, data breach, Database, Forums, hacking forum, MyBB, ShinyHunters

The latest incarnation of the notorious BreachForums hacking forum has suffered a data breach, with its user database table leaked online. BreachForums is the name of a series of hacking forums used to trade, sell, and leak stolen data, as well as sell access to corporate networks and other illegal cybercrime services. The site was […]

4 mins read

The biggest cyber security and cyberattack stories of 2025

January 3, 2026January 3, 2026 geekfeed3Tagged 2025, cyber security, cybersecurity, ddos, Oracle, Outage, Salesforce, security, ShinyHunters, Supply Chain Attack, Telecommunications

2025 was a big year for cyber security, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents. Some stories, though, were more impactful or popular with our readers than others. Below are fifteen of what GeekFeed believes are the most impactful cyber security topics of […]

19 mins read