Skip to content
The Nexus
DossierENTITY

shinyhunters

Coverage of shinyhunters in the Nexus archive.

Earliest in view: May 8 · 02:58 UTCMost recent: Jul 2 · 04:25 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 2 · 04:25 UTCBLEEPING COMPUTER
    Medtronic notifies customers impacted by ShinyHunters data breach

    Healthcare device company Medtronic is notifying affected customers about a data breach that exposed their personal information to an unauthorized third party. The breach is linked to ShinyHunters, a hacker group.

  • SECURITYJun 22 · 07:01 UTCMALWAREBYTES LABS
    A week in security (June 15 – June 21)

    Malwarebytes Labs reported cleaning nearly 15,000 infected websites in a SocGholish crackdown. Apple patched a Beats Studio Buds vulnerability, Microsoft addressed the RoguePlanet flaw, and retro gaming fans faced fake GitHub malware. Kodak confirmed a breach linked to ShinyHunters, Roblox developers lost games to malware, and 24 billion records were exposed online. Malwarebytes received AV-TEST awards for its security solutions.

  • SECURITYJun 17 · 07:07 UTCBLEEPING COMPUTER
    Kodak confirms data breach claimed by ShinyHunters extortion gang

    Kodak has confirmed a data breach claimed by the ShinyHunters extortion gang and is working with external cybersecurity experts to investigate. Hackers gained access to some of the company's data.

  • SECURITYJun 13 · 10:30 UTCWIRED
    The FCC Wants to Kill Burner Phones

    The FCC aims to restrict burner phones, Microsoft released a major security update linked to AI bug hunting, and the ShinyHunters ransomware group exploited an Oracle zero-day vulnerability.

  • SECURITYJun 12 · 20:26 UTCDARK READING
    ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

    ShinyHunters exploited a zero-day vulnerability in Oracle's ERP software to steal data from American universities. The attack took advantage of a critical bug that disproportionately impacted higher education institutions.

  • SECURITYJun 11 · 20:29 UTCTHE HACKER NEWS
    ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities

    ShinyHunters exploited an unpatched Oracle PeopleSoft zero-day (CVE-2026-35273) to breach enterprise systems, targeting universities most severely. Google's Mandiant linked the attacks to UNC6240, with activity occurring between May 27 and June 9, just one day before Oracle released its security advisory on June 10.

  • SECURITYJun 10 · 21:33 UTCTECHCRUNCH
    Cybercriminals claim breach of Oracle PeopleSoft servers at 100-plus organizations

    The ShinyHunters hacking gang claims to have compromised the Oracle PeopleSoft servers of more than 100 organizations, including many universities.

  • SECURITYJun 6 · 07:28 UTCTHE REGISTER
    Oxford Uni student data pwned yet again - this time via career platform breach

    Oxford University's CareerConnect platform, managed by Group GTI, suffered a data breach exposing users' full names and email addresses, with encrypted passwords leaked for non-SSO users. The breach, attributed to a fixed security vulnerability, is separate from a recent Canvas platform attack affecting 275 million users. Group GTI and Instructure have not disclosed full details of the incidents.

  • SECURITYJun 5 · 11:12 UTCFOX NEWS
    Carnival breach may put your travel data at risk

    Carnival Corporation confirmed a data breach affecting nearly 6 million people, caused by a social engineering attack on a single user account. The breach exposed personal data including names, addresses, email addresses, phone numbers, dates of birth, and government-issued IDs. Leaked data also impacted Holland America's loyalty program, potentially affecting non-Carnival customers.

  • SECURITYJun 4 · 22:16 UTCTHE REGISTER
    Pink is the latest goon squad to use fake helpdesk calls to steal creds

    Pink, a new extortion group possibly rebranded from BlackFile, uses voice phishing and fake helpdesk calls to steal credentials and extort organizations. Palo Alto Networks' Unit 42 and Google Threat Intelligence debate whether Pink is a new threat or an evolution of UNC6671, with similar tactics to groups like Lapsus$ and Scattered Spider.

  • SECURITYJun 4 · 16:00 UTCFOX NEWS
    Charter breach warning: What customers should know

    Charter Communications (Spectrum) confirmed a cybersecurity incident after ransomware group ShinyHunters listed it on a leak site. Hackers claimed to steal millions of customer records via a vishing attack, but Charter stated sensitive data like private telecom account information was not released.

  • SECURITYJun 1 · 14:15 UTCTHE REGISTER
    GTA cheat service Atlas Menu hacked as attacker alleges screenshot spying

    Atlas Menu, a Grand Theft Auto V and Counter-Strike 2 cheat service, experienced a data breach in May exposing 64,000 email addresses, usernames, IP addresses, passwords, and internal records. An attacker leaked the database on GitHub, claiming access to all Atlas systems, while users noted this breach contained more sensitive data than prior incidents.

  • SECURITYMay 29 · 10:22 UTCTHE REGISTER
    ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak

    ShinyHunters leaked 4.9 million Charter Communications customer records, including names, email addresses, phone numbers, and physical addresses, after the company allegedly refused their extortion demands. Charter confirmed an investigation but claimed no sensitive data was exfiltrated, while the breach is part of a broader pattern of ShinyHunters targeting organizations, including a recent Carnival Corporation data theft.

  • SECURITYMay 29 · 08:29 UTCBLEEPING COMPUTER
    Charter Communications data breach affects 4.9 million accounts

    The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking U.S. telecom company Charter Communications. The breach was reported by data breach notification service Have I Been Pwned.

  • SECURITYMay 28 · 16:23 UTCFOX NEWS
    Could the 7-Eleven breach affect you?

    7-Eleven experienced a data breach exposing 185,000 unique email addresses and personal information like names, dates of birth, and physical addresses. The breach, linked to a 2026 extortion campaign by ShinyHunters, involved unauthorized access to systems storing franchisee documents, not customer purchase data.

  • SECURITYMay 28 · 12:10 UTCTHE REGISTER
    Carnival confirms ShinyHunters cruised off with 6M customer records after April breach

    Carnival Corporation confirmed a data breach affecting nearly 6 million customers after a social engineering attack on April 14. Hacking group ShinyHunters claimed to have stolen terabytes of data, including personal information like names, addresses, and identification numbers. Carnival is offering free credit monitoring to affected individuals and has enhanced its security measures.

  • SECURITYMay 26 · 19:46 UTCBLEEPING COMPUTER
    Charter confirms data breach after ShinyHunters extortion threat

    Charter Communications, a U.S. telecommunications giant, confirmed a data breach following an extortion threat from the ShinyHunters group, which demanded a ransom to prevent stolen data from being leaked.

  • SECURITYMay 26 · 07:01 UTCBLEEPING COMPUTER
    7-Eleven data breach exposes personal information of 185,000 people

    The ShinyHunters extortion gang hacked 7-Eleven's systems in April, stealing personal information of over 183,000 people, as reported by Have I Been Pwned.

  • SECURITYMay 20 · 16:05 UTCRECORDED FUTURE NEWS
    7-Eleven confirms breach after ShinyHunters claims

    7-Eleven confirmed a breach after ShinyHunters claimed it, discovering the breach on April 8 and determining that cybercriminals accessed certain systems used to store franchisee documents. The breach notification letters were sent out following an investigation. Cybercriminals gained access to sensitive information.

  • SECURITYMay 19 · 14:16 UTCBLEEPING COMPUTER
    7-Eleven confirms data breach claimed by the ShinyHunters gang

    7-Eleven confirmed a data breach claimed by the ShinyHunters gang, which occurred last month. The breach affected the convenience store chain's systems. The ShinyHunters extortion group is responsible for the cyberattack.

  • SECURITYMay 18 · 10:00 UTCCYBERSCOOP
    The Canvas breach proved that prevention is no longer enough

    The Canvas breach resulted in 3.65 terabytes of data stolen from approximately 275 million users, highlighting the need for improved security measures. The attack was carried out by ShinyHunters, who compromised 'Free-For-Teacher' accounts and escalated rapidly. This incident exposes the gap in enterprise security frameworks, which still treat SaaS platforms primarily as availability problems.

  • SECURITYMay 14 · 22:42 UTCTHE REGISTER
    Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data

    Instructure reached an agreement with data theft and extortion crew ShinyHunters after a breach of Canvas user data, but experts doubt that stolen data was deleted. The incident affects nearly 9,000 universities and K-12 schools, and around 275 million students, teachers, and staff. Experts expect further phishing attacks using leaked information.

  • SECURITYMay 14 · 20:19 UTCDARK READING
    Congress Puts Heat on Instructure After Canvas Outage

    The House Committee on Homeland Security sent a letter regarding the Canvas cyberattack, which occurred on the same day that Canvas reached an agreement with the ShinyHunters cybercriminal group. The incident has put pressure on infrastructure. The edtech company is dealing with the aftermath of the attack.

  • SECURITYMay 12 · 23:09 UTCBLEEPING COMPUTER
    US govt seeks Instructure testimony on massive Canvas cyberattack

    The US House Committee on Homeland Security is seeking testimony from Instructure executives regarding two cyberattacks on the Canvas platform by the ShinyHunters extortion group, which resulted in stolen student data and school disruptions. The attacks occurred during final exams and targeted the company's platform. The committee's call for testimony indicates a growing concern over cybersecurity threats in educational institutions.

  • SECURITYMay 12 · 16:14 UTCTHE REGISTER
    Congress investigates Canvas breach as company pays ransom

    The US Congress is investigating a breach of Instructure's Canvas online platform, which was hacked twice in two weeks, and the company has paid a ransom to extortion crew ShinyHunters. The breach affected up to 275 million students, teachers, and staff. Instructure's CEO Steve Daly has been summoned to explain the circumstances of the intrusions.

  • SECURITYMay 12 · 14:23 UTCCBS NEWS
    Canvas' parent company strikes deal with hackers to delete stolen data

    A hacking group named ShinyHunters claimed responsibility for the Canvas breach and threatened to leak data involving 275 million individuals if schools did not pay a ransom. The parent company of Canvas has struck a deal with the hackers to delete the stolen data. This deal aims to prevent the sensitive information from being leaked.

  • SECURITYMay 12 · 13:23 UTCTHE VERGE
    Canvas owner reaches ‘agreement’ with hackers to secure stolen data

    Instructure, the company behind Canvas, reached an agreement with hackers to secure stolen data, preventing a leak of 3.5 terabytes of student data. The agreement came after the ShinyHunters hacking group claimed responsibility for the attack and threatened to publish the data. Instructure claims no customers will be extorted as a result.

  • SECURITYMay 12 · 09:23 UTCBLEEPING COMPUTER
    Instructure reaches 'agreement' with ShinyHunters to stop data leak

    Instructure reached an agreement with ShinyHunters to stop a data leak from being leaked online after a recent breach, involving the Canvas learning management system. The agreement aims to prevent stolen data from being published. Instructure is an edtech giant.

  • SECURITYMay 12 · 07:37 UTCTHE HACKER NEWS
    Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

    Instructure reached a ransom agreement with ShinyHunters to stop a 3.65TB Canvas leak after a network breach. The breach threatened to leak stolen information from thousands of schools and universities. Instructure is the parent company of Canvas.

  • SECURITYMay 11 · 23:31 UTCCYBERSCOOP
    Pressure mounts on Canvas as data leak extortion deadline looms

    Cybercriminals are threatening to leak sensitive data from Canvas, a widely used education tech platform, after a prolonged cyberattack. The company behind Canvas, Instructure, has taken the platform offline following malicious activity. A decentralized crew of cybercriminals, ShinyHunters, is attempting to extort the company for an unknown ransom amount.

  • SECURITYMay 11 · 23:16 UTCTHE REGISTER
    Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline

    Instructure's online learning platform Canvas experienced two rounds of unauthorized activity, with data theft and extortion crew ShinyHunters threatening to leak data of over 275 million students and staff. The breach affected nearly 9,000 schools worldwide, including Harvard and Stanford universities. Instructure has taken measures to contain the incident and notified the FBI and US Cybersecurity and Infrastructure Security Agency.

  • SECURITYMay 11 · 14:56 UTCFOX NEWS
    School app Canvas breach hits during finals

    Canvas, a school platform used by colleges and universities, experienced a breach during finals week, causing stress and confusion among students and teachers. The outage was caused by unauthorized activity detected by Instructure, the company behind Canvas. Instructure temporarily took Canvas offline to contain the activity and apply additional safeguards.

  • SECURITYMay 9 · 09:01 UTCAL JAZEERA
    Hacked educational platform partially restored for millions of students

    The educational platform Canvas was breached by hacker group ShinyHunters, who threatened to leak student data. The platform has been partially restored for millions of students. The breach and restoration affect students' access to educational resources.

  • SECURITYMay 8 · 20:08 UTCDARK READING
    ShinyHunters Claims Second Attack Against Instructure

    ShinyHunters has claimed a second attack against Instructure, an edtech company struggling to regain control from hackers, putting personally identifiable information of hundreds of millions of people at risk. The attack highlights the severe security challenges faced by the company. Instructure's ability to protect user data is being questioned.

  • SECURITYMay 8 · 18:33 UTCARS TECHNICA
    Chaos erupts as cyberattack disrupts learning platform Canvas amid finals

    A cyberattack disrupted the online learning platform Canvas, causing chaos at schools and colleges throughout the US as students were due to take final exams. The platform was taken offline temporarily after identifying unauthorized activity in its network. Canvas parent company Instructure reported that the platform was back online as of Friday morning.

  • SECURITYMay 8 · 17:50 UTCAXIOS
    Canvas outage delays college finals across the country

    A cyberattack on Canvas, a learning platform used by thousands of schools, has caused universities across the country to reschedule or cancel finals. The attack was detected in late April and resulted in the breach of personal information. Canvas is back online after being shut down.

  • SECURITYMay 8 · 13:29 UTCCYBERSCOOP
    ShinyHunters claims nearly 9,000 schools affected by Canvas data breach

    ShinyHunters claims that nearly 9,000 schools have been affected by a data breach involving Canvas. The breach reportedly compromises sensitive information from the affected schools. ShinyHunters is a cybersecurity company that tracks and reports on data breaches.

  • SECURITYMay 8 · 10:59 UTCTHE REGISTER
    Hackers ate my homework: Educational SaaS Canvas down after cyberattack

    Canvas, an educational SaaS, was down after a cyberattack by hacking crew ShinyHunters, affecting students and universities worldwide. The attack has led to concerns about data leakage and phishing risks. Institutions are taking precautions and extending assignment deadlines.

  • SECURITYMay 8 · 05:02 UTCWIRED
    The Canvas Hack Is a New Kind of Ransomware Debacle

    Thousands of US schools were affected by a ransomware attack on the Canvas platform, prompting Instructure to shut down access. The breach was carried out by hackers calling themselves ShinyHunters. This incident has significant implications for the education sector.

  • SECURITYMay 8 · 02:58 UTCKREBS ON SECURITY
    Canvas Breach Disrupts Schools & Colleges Nationwide

    A cybercrime group called ShinyHunters has breached the education technology platform Canvas, disrupting classes and coursework at schools and universities across the US, and is demanding a ransom to prevent the publication of stolen data. The breach affects nearly 9,000 educational institutions and millions of students and faculty. Canvas parent firm Instructure has disabled the platform in response.

shinyhunters · Dossier · The Nexus