Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Checkout.com hit by cyberattack linked to ShinyHunters

Incident
First reported
Last updated
Happening score
H score 51
1 unique sources, 1 articles

Summary

Hide ▲

Checkout.com disclosed an unauthorized-access breach of a legacy third-party cloud file storage system that exposed merchant data from 2020 and earlier and triggered a ShinyHunters ransom demand. The exposure affects less than 25% of the current merchant base and also reaches past customers. The stolen material included internal operational documents and onboarding materials, increasing fraud and trust risk in the payments ecosystem. Checkout.com said it will not pay the ransom and will instead harden security.

Related Happenings

7-Eleven hit by network compromise

Incident
First: 19.05.2026 17:16 Last: 19.05.2026 17:16 Sources 1

About this happening: **7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...

Open Happening

Rising encryptionless extortion incidents against enterprises in 2025

Target Trend
First: 15.01.2026 17:45 Last: 15.01.2026 17:45 Sources 1

About this happening: **Encryptionless extortion** surged in **2025** as attackers increasingly skipped ransomware encryption and instead stole data to pressure victims across **enterprise environments...

Open Happening

Barts Health NHS Trust invoice leak on Cl0p leak portal

Data Leak
First: 05.12.2025 20:55 Last: 05.12.2025 20:55 Sources 1

About this happening: The **Barts Health NHS Trust** data leak became public when **Cl0p** posted stolen **invoice files** on its **dark-web leak portal**, exposing **full names and addresses** linked...

Latest development: 08.12.2025 11:30

Barts Health NHS Trust is seeking a High Court order to stop the sharing, publication or use of invoice files stolen from its Oracle E-business Suite (EBS) database; the trust says Cl0p posted the files on the dark web, and it is working with NHS England, the National Cyber Security Centre, the Metropolitan Police and regulators including the Information Commissioner’s Office while its clinical systems remain unaffected.

Open Happening

Mixpanel hit by network compromise

Incident
First: 27.11.2025 13:27 Last: 27.11.2025 13:27 Sources 1

About this happening: Mixpanel disclosed a smishing (SMS phishing) compromise that affected a limited number of customers and prompted containment steps. The attack was detected on November 8, 2025, an...

Latest development: 15.12.2025 23:27

Mixpanel's systems were compromised on November 8, 2025 after an SMS phishing (smishing) attack, and the breach affected a limited number of customers.

Open Happening

Envoy Air Oracle E-Business Suite data leak

Data Leak
First: 17.10.2025 22:11 Last: 17.10.2025 22:11 Sources 1

About this happening: The **Clop** gang is **leaking data tied to Envoy Air's Oracle E-Business Suite**, exposing a limited set of business and commercial contact details. **Envoy Air** confirmed the c...

Open Happening

Timeline

  1. 14.11.2025 18:25 2 articles · 6mo ago

    Checkout.com discloses ShinyHunters ransom extortion

    Initial Disclosure

    Checkout.com disclosed that ShinyHunters breached a legacy third-party cloud file storage system used in 2020 and prior years, accessed merchant data from 2020 and earlier including internal operational documents and onboarding materials, and is now extorting the company for a ransom. Checkout.com said the exposure affects less than 25% of its current merchant base, also reaches some past customers, and it will not pay the ransom while strengthening its security posture.

    Show sources
    Open in new tab