Skip to content
Cyber Breaches
Search
Data breachResolved

CarMax data breach (2026)

In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt. The data included 431k unique email addresses along with names, phone numbers and physical addresses.

Victim
CarMax
records
431.4K
SectorRetail

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2026-01-24, CarMax was affected by a data breach. Approximately 431,371 accounts were exposed. In January 2026, data allegedly sourced from US automotive retailer CarMax was published online following a failed extortion attempt. The data included 431k unique email addresses along with names, phone numbers and physical addresses.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#CarMax
  2. carmax.comhttps://carmax.com

Related incidents

Data breachResolved

Atlas Menu data breach (2026)

In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub repository.

Victim
Atlas Menu
Records
63.9K
Data breachOngoing

1,528 contacts at Nature & Cie, claimed leak

In late May 2026, a B2B commercial database attributed to French organic-food distributor Nature & Cie surfaced on a cybercriminal forum, exposing roughly 5,635 stores, over 1,500 professional contacts and around 1,500 sales-visit reports covering Biocoop, Naturalia and La Vie Claire partners.

Victim
Nature & Cie
Records
1.5K