ShinyHunters vendor breach wave (Udemy/ADT/Carnival/Medtronic/Ameriprise)
Key Questions
Who is ShinyHunters and what recent breaches have they claimed?
ShinyHunters is a hacking group behind a wave of vendor breaches, including claims on Udemy (1.4M user PII, ransom deadline 4/27/26), ADT PII leak (4/20/26), and Carnival Corp (8.7M PII). They target third-party vulnerabilities, amplifying cybersecurity gaps. This primes FTC, ICO, and HIPAA enforcement scrutiny.
What happened in the Medtronic data breach?
Medtronic confirmed hackers breached its network, exfiltrating about 9M records due to Salesforce misconfigurations involving 4TB of data. The incident highlights third-party risks in vendor ecosystems. It adds to ShinyHunters' breach wave.
How many customers were affected by the Ameriprise breach?
Ameriprise Financial disclosed a data breach impacting 48,000 customers, notified via Maine AG in March 2026. It underscores repeat actor threats from groups like ShinyHunters. Vendor compliance audits are now in focus.
What is Carnival Corp investigating regarding data breach?
Carnival Corp is probing an alleged breach by ShinyHunters, involving over 8.7M PII records posted online as part of 40 victims. The incident occurred around 4/27. It contributes to the vendor breach pattern.
What are the broader implications of the ShinyHunters breaches?
The breaches across Udemy, ADT, Carnival, Medtronic, and Ameriprise expose third-party cybersecurity gaps and repeat offender risks. They prime regulatory watchlists like FTC/ICO/HIPAA for vendor audits and compliance. Affected parties face PII exposures and potential enforcement.
ShinyHunters claims Udemy 1.4M user PII breach with ransom deadline 4/27/26, ADT PII leak (4/20/26), Carnival Corp 8.7M PII probe (4/27), Medtronic 9M records confirmed (Salesforce misconfigs, 4TB), Ameriprise 48k customers (March 2026, Maine AG notice); amplifies repeat actor/third-party cybersecurity gaps. Primes FTC/ICO/HIPAA enforcement watchlist for vendor audits/compliance.