Skip to content
Cyber Breaches
Search
Data breachResolved

Pitney Bowes data breach (2026)

In April 2026, the hacking collective ShinyHunters claimed to have obtained data from Pitney Bowes as part of a broader extortion campaign that also named several other organisations.

Victim
Pitney Bowes
records
8.2M
SectorMedia

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2026-04-20, Pitney Bowes was affected by a data breach. Approximately 8,243,989 accounts were exposed. In April 2026, the hacking collective ShinyHunters claimed to have obtained data from Pitney Bowes as part of a broader extortion campaign that also named several other organisations.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#PitneyBowes
  2. pitneybowes.comhttps://pitneybowes.com

Related incidents

Data breachResolved

BCD Travel data breach (2026)

In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from BCD was subsequently published publicly in early June and contained 396k unique email addresses.

Victim
BCD Travel
Records
396.3K
Data breachResolved

Cushman & Wakefield data breach (2026)

In May 2026, the real estate services firm Cushman & Wakefield was the target of a "pay or leak" extortion campaign by the ShinyHunters group. Following the threat, the group publicly published data they alleged had been obtained from the firm, consisting mostly of C&W email addresses along with…

Victim
Cushman & Wakefield
Records
310.4K
Data breachContained

Acrimed: online shop hit by a cyberattack

On 29 April 2026, French media-criticism association Acrimed disclosed a cyberattack on its online shop that exposed customers' email addresses, encrypted passwords and order history; names, postal addresses, phone numbers and banking details were said to be unaffected.

Victim
Acrimed
Data breachResolved

CTT data breach (2026)

In April 2026, data allegedly obtained from CTT, Portugal's national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking numbers which can be used to retrieve the tracking history of the parcel.

Victim
CTT
Records
468.1K