Last updated 1 month ago
ZenBusiness, a US-based business formation and compliance platform, suffered a data breach in March 2026 involving the exfiltration of approximately 5.1 million unique email addresses. The breach was publicly disclosed in April 2026 after the threat group ShinyHunters released the data following an unpaid ransom demand. The exposed records also included names and phone numbers, varying by source file.
The attack was carried out by the hacker and extortion group ShinyHunters, who claimed to have obtained data from ZenBusiness's Snowflake, Mixpanel, and Salesforce platforms. The group threatened to publish the data if a ransom was not paid, and after claiming payment was not made, they publicly released the data in April 2026. The exfiltrated data amounted to many terabytes across thousands of files, originating from multiple systems and business functions, including leads, support records, and other CRM-related data.
No post-incident developments such as regulatory actions, litigation, or remediation milestones were reported in the article.
Data exfiltrated from Snowflake, Mixpanel, and Salesforce platforms by extortion group
Sign in to join the discussion.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector
Threat Actor
Continent
Country
Industry
Attack Vector
Threat Actor