Last updated 1 month ago
In April 2026, the ultra-luxury hotel brand Aman was named by threat actor ShinyHunters as the target of a 'pay or leak' extortion campaign. The data, allegedly obtained from their Salesforce CRM, was subsequently leaked publicly and contained over 200k unique email addresses. The breach was disclosed via Have I Been Pwned, with the data set comprising 215,563 records.
The attack vector involved unauthorized access to Aman's Salesforce CRM instance, with ShinyHunters claiming responsibility for the data exfiltration. The exposed data includes email addresses, genders, physical addresses, phone numbers, nationalities, dates of birth, spouse names, and VIP status codes. No specific CVEs or MITRE ATT&CK techniques were cited in the available information.
No post-incident developments such as regulatory actions, litigation, ransom payment, or remediation milestones were reported in the article.
Data allegedly obtained from Salesforce CRM and leaked after extortion campaign
Sign in to join the discussion.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector
Threat Actor
Continent
Country
Industry
Attack Vector
Threat Actor