Ameriprise data breach (2026)

In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign. The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePoint infrastructure,…

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2026-03-02, Ameriprise was affected by a data breach. Approximately 502,597 accounts were exposed. In March 2026, the financial services firm Ameriprise Financial was named by the ShinyHunters group in a "pay or leak" extortion campaign. The group claimed possession of more than 200GB of compressed data exfiltrated from Ameriprise's Salesforce environment and internal SharePoint infrastructure,…

Related incidents

Data breachOngoingJune 2, 2026

DentaQuest ShinyHunters data breach exposes 2.6 million accounts (2026)

Dental benefits administrator DentaQuest confirmed a network breach after the extortion group ShinyHunters leaked roughly 234 GB of stolen data, exposing personal, identity, and health-insurance information tied to about 2.6 million accounts.

Victim: DentaQuest
Records: 2.6M

Data breachUnknownMay 21, 2026

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA — a French real-estate tokenization and fractional-investment fintech — up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim: ATOA
Records: 23.7K

Data breachContainedMay 12, 2026

CARMF: 2.4 million doctor records leaked after a cyberattack

In May 2026, an actor using the alias lazasec claimed to have breached CARMF, France's pension and benefits fund for self-employed doctors, leaking a database of up to 2.4 million records with names, contributor codes, postal addresses and last-declaration dates; CARMF said the exposed data was public and non-sensitive.

Victim: CARMF

Data breachContainedMay 6, 2026

Cetelem: customer email addresses exposed after a cyberattack

Cetelem, the consumer-credit brand of BNP Paribas Personal Finance, confirmed a cyberattack on 20 April 2026 that exposed the email addresses of several hundred thousand customers; the company says no passwords, banking or payment data were compromised.

Victim: Cetelem

Sources

Related incidents

DentaQuest ShinyHunters data breach exposes 2.6 million accounts (2026)

23,685 records: claimed leak at ATOA

CARMF: 2.4 million doctor records leaked after a cyberattack

Cetelem: customer email addresses exposed after a cyberattack