#shinyhunters
9 articles
Over the past month, ZCyberNews has tracked nine incidents linked to ShinyHunters, spanning April 13 to May 12, 2026. This threat actor has been observed targeting sectors including education, consumer services, entertainment, gaming, and healthcare, with affected regions in North America and globally. The severity mix includes one critical and eight high-severity reports, reflecting a concentrated period of activity from this single actor.
CRITICALInstructure Pays Ransom to ShinyHunters After Canvas Breach
Instructure paid ShinyHunters after two Canvas intrusions stole data from 9,000 institutions. Congress launched an investigation into the ed-tech vendor's incident response.
HIGHInstructure Pays ShinyHunters to Halt 3.65TB Canvas Data Leak
ShinyHunters agreed to delete 3.65TB of stolen Canvas data after Instructure paid an undisclosed ransom. The breach affects thousands of schools and universities worldwide.
HIGHShinyHunters Breaches Vimeo, Leaks 119K User Records
ShinyHunters leaked a 106GB archive of Vimeo data after breaching Anodot, exposing emails and names of 119,200 users. No credentials or payment info compromised.
HIGHInstructure Data Breach: ShinyHunters Claims Theft
ShinyHunters claims to have stolen data from Instructure, the edtech firm behind Canvas LMS. Instructure confirms a breach involving unauthorized access to certain systems and…
HIGHShinyHunters Breaches Medtronic, Steals 9M Records
ShinyHunters claims to have stolen 9 million records from medical device maker Medtronic, including personal information. The group threatens to leak the data.
HIGHADT Breach: ShinyHunters Steals Data of 5.5 Million
ShinyHunters breached ADT, stealing personal data of 5.5 million individuals — names, emails, phone numbers, and addresses — from internal systems. No payment data compromised.
HIGHADT Confirms Breach as ShinyHunters Leaks Customer Data
ADT confirmed a data breach after ShinyHunters leaked 30,000+ customer records including names, emails, and account details from a compromised Salesforce instance.
HIGHMcGraw Hill Breach: ShinyHunters Leaks 13.5M User Records
ShinyHunters published data from 13.5 million McGraw Hill accounts — names, emails, institutional affiliations — stolen from a misconfigured Salesforce instance.
HIGHShinyHunters Breaches Rockstar Games via Third-Party SaaS Platform
ShinyHunters breached Rockstar Games by exploiting the Anodot SaaS platform, accessing the company's Snowflake data environment and threatening to leak stolen data unless a ransom is paid.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.