CyberSecurityBoard
Sponsor Register Login

ShinyHunters Wage Broad Corporate Extortion Spree

The ShinyHunters hacking group has launched an extensive corporate extortion campaign targeting multiple organizations worldwide. This cybercrime collective is known for breaching corporate networks, stealing sensitive data, and demanding hefty ransoms to prevent public data leaks. Their recent spree highlights the growing threat of ransomware and data extortion in the cybersecurity landscape. Companies across various sectors have reported incidents linked to ShinyHunters, emphasizing the need for robust cybersecurity measures and incident response strategies. The group exploits vulnerabilities in corporate systems, often leveraging stolen credentials and phishing attacks to gain initial access. Once inside, they exfiltrate valuable data and threaten to release it unless their demands are met. This trend underscores the importance of proactive threat intelligence, employee training, and advanced detection technologies to mitigate such risks. Organizations are urged to review their security postures, implement multi-factor authentication, and maintain regular backups to reduce the impact of potential attacks. The ShinyHunters case serves as a stark reminder of the evolving tactics used by cybercriminals and the critical need for continuous vigilance and preparedness in the face of sophisticated extortion threats.

This Cyber News was published on krebsonsecurity.com. Publication date: Tue, 07 Oct 2025 22:50:06 +0000


Cyber News related to ShinyHunters Wage Broad Corporate Extortion Spree

ShinyHunters Wage Broad Corporate Extortion Spree - The ShinyHunters hacking group has launched an extensive corporate extortion campaign targeting multiple organizations worldwide. This cybercrime collective is known for breaching corporate networks, stealing sensitive data, and demanding hefty ...
11 hours ago Krebsonsecurity.com ShinyHunters
ShinyHunters behind Salesforce data theft attacks at Qantas, Allianz Life, and LVMH - A wave of data breaches impacting companies like Qantas, Allianz Life, LVMH, and Adidas has been linked to the ShinyHunters extortion group, which has been using voice phishing attacks to steal data from Salesforce CRM instances. These breaches have ...
2 months ago Bleepingcomputer.com Hunters Scattered Spider
Alleged ShinyHunters Hacker Pleads Not Guilty After US Extradition - The ShinyHunters group is known for some of the largest data breaches in 2021-2022, in which the personal data of hundreds of millions of users was leaked on the now-seized Raidforums. In July 2022, HackRead.com reported on Sebastian Raoult, an ...
2 years ago Hackread.com Hunters
CVE-2021-41275 - spree_auth_devise is an open source library which provides authentication and authorization services for use with the Spree storefront framework by using an underlying Devise authentication framework. In affected versions spree_auth_devise is subject ...
2 years ago
Red Hat data breach escalates as ShinyHunters joins extortion - Red Hat, a leading provider of open-source software solutions, is currently grappling with an escalating data breach incident. The breach initially involved unauthorized access to sensitive data, but the situation has intensified as the notorious ...
1 day ago Bleepingcomputer.com ShinyHunters
Security hacker ShinyHunters Pleads Not Guilty of Stealing Data from Just Eat, PicsArt, ChatBooks and HomeChef - A security hacker, ShinyHunters, has recently pled not guilty for stealing data from Just Eat, PicsArt, ChatBooks and HomeChef. ShinyHunters is accused of cyberattacks and illegal activities, including obtaining unauthorised access to sensitive data, ...
2 years ago Blog.cloudflare.com Hunters
ShinyHunters serial cybercrim gets three years in slammer The Register - A key member of the ShinyHunters cybercrime group is facing three years in the slammer and being forced to return $5 million in criminal proceeds. Sebastien Raoult, 22, was in charge of developing websites for ShinyHunters that mimicked the real ...
1 year ago Go.theregister.com Hunters
Google Sheds Light on ShinyHunters’ Salesforce Tactics - Google has recently provided new insights into the tactics used by the ShinyHunters threat group targeting Salesforce environments. ShinyHunters, known for their data theft and extortion campaigns, have been exploiting vulnerabilities and ...
6 days ago Darkreading.com ShinyHunters
ShinyHunters member gets 3 years in prison for breaching 60 firms - The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution of $5,000,000. Previously, in September 2023, Raoult pleaded guilty to conspiracy to commit wire fraud and aggravated ...
1 year ago Bleepingcomputer.com Hunters
ShinyHunters Suspect Extradited to United States - The notorious hacking group, ShinyHunters, has been suspected of being extradited to the United States to face criminal charges. The news comes after a string of high-profile breaches attributed to the hacker collective. ShinyHunters are believed to ...
2 years ago Tripwire.com Hunters
Louis Vuitton says regional data breaches tied to same cyberattack - Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident, which is believed to be linked to the ShinyHunters extortion group. "Despite all security measures ...
2 months ago Bleepingcomputer.com Hunters
CVE-2020-26223 - Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status ...
4 years ago
Allianz Life confirms data breach impacts majority of 1.4 million customers - ShinyHunters is a group of threat actors who are linked to multiple high-profile data breaches and attacks, including those against PowerSchool and the SnowFlake attacks, which ...
2 months ago Bleepingcomputer.com Hunters
Extradition of Alleged Member of ShinyHunters Cybercrime Group to US - An alleged member of the ShinyHunters cybercrime gang, Sebastien Raoult, has been extradited from Morocco to the United States. The 22-year-old French national was arrested at Rabat international airport in Morocco on May 31, 2022, while attempting ...
2 years ago Securityaffairs.com Hunters
Data of 560 million Ticketmaster customers for sale after alleged breach - A threat actor known as ShinyHunters is selling what they claim is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000. The allegedly stolen databases, which ...
1 year ago Bleepingcomputer.com Hunters
Surge of swatting attacks targets corporate executives and board members - At around 8:45 pm on February 1, 2023, a caller to the Groveland, Massachusetts, 911 emergency line told dispatchers that he harmed someone in a home on Marjorie Street in the upscale small town 34 miles north of Boston. The caller also said he would ...
2 years ago Csoonline.com Cloak
Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion - The year 2023 has been a record-breaking year for cyber extortion, according to Orange Cyberdefense. The cybersecurity branch of the French internet service provider launched its Security Navigator 2024 on November 30, 2023. In this fifth edition of ...
1 year ago Infosecurity-magazine.com LockBit
Hacker 'ShinyHunters' Pleads Not Guilty in Cybercrime Case - A hacker known as 'ShinyHunters' has pleaded not guilty in a case of cybercrime. The hacker is accused of taking part in illegal activities to steal data from victims, including passwords, credit card information, and other personal details. The ...
2 years ago Blog.cloudflare.com Hunters
ShinyHunters Hacker Pleads Not Guilty to Data Theft Charges - A hacker associated with the ShinyHunters group, identified as Paul Gubarev, has pleaded not guilty to data theft charges as pleaded in a recent court hearing. The hacker is accused of stealing over 500 million sensitive information belonging to ...
2 years ago Blog.cloudflare.com Hunters
ShinyHunters starts leaking data stolen in Salesforce attacks - ShinyHunters, a notorious cybercriminal group, has begun leaking data stolen from recent Salesforce attacks. This development marks a significant escalation in the ongoing cyber threats targeting major cloud service providers. The leaked data ...
4 days ago Bleepingcomputer.com ShinyHunters
CVE-2013-1656 - Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/controllers/spree/admin/payment_methods_controller.rb; ...
4 years ago
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks - In a significant cybersecurity incident, the hacking group ShinyHunters has claimed responsibility for stealing 1.5 billion Salesforce records through breaches involving the company Drift. This massive data breach highlights the increasing risks ...
2 weeks ago Bleepingcomputer.com ShinyHunters
Google says hackers are sending extortion emails to executives - Reuters - Google has revealed that hackers are targeting its executives with extortion emails, marking a significant cybersecurity threat to high-profile individuals within the company. These emails are part of a broader trend where cybercriminals use ...
6 days ago Reuters.com
Why Biden's EO on AI Conflates the Role of Red-Teaming - The recent release of president Joe Biden's executive order on artificial intelligence marks a pivotal step toward establishing standards in an industry that has long operated without comprehensive regulations. What's concerning is the order's broad ...
1 year ago Securityboulevard.com
Ransomware victims targeted in follow-on extortion attacks The Register - Ransomware victims already reeling from potential biz disruption and the cost of resolving the matter are now being subjected to follow-on extortion attempts by criminals posing as helpful security researchers. Researchers at Arctic Wolf Labs ...
1 year ago Go.theregister.com LockBit Akira

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)