Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Mixpanel hit by network compromise

Incident
First reported
Last updated
Happening score
H score 12
1 unique sources, 2 articles

Summary

Hide ▲

Mixpanel disclosed a smishing (SMS phishing) compromise that affected a limited number of customers and prompted containment steps. The attack was detected on November 8, 2025, and Mixpanel described the incident as a third-party provider compromise that created downstream exposure risk for customers using its analytics service. Later reporting added that ShinyHunters sent extortion emails to Mixpanel customers and claimed access to historical analytics data tied to the incident. Mixpanel said it could not verify that the claimed data came from its November 2025 security incident, and the exposed material was described as historical activity rather than payment or financial information.

Related Happenings

OpenAI API users customer data exposed after OpenAI breach

Data Leak
First: 27.11.2025 13:15 Last: 27.11.2025 13:15 Sources 1

About this happening: OpenAI warned that **API users** may have had limited account and analytics data exposed after **Mixpanel** suffered unauthorized access. The exposure matters because the exported...

Open Happening

CrowdStrike customer data exposed after CrowdStrike breach

Data Leak
First: 21.11.2025 18:48 Last: 21.11.2025 18:48 Sources 1

About this happening: **CrowdStrike** confirmed that a **suspicious insider** externally shared **screenshots from internal systems**, exposing internal material to **unnamed threat actors** and trigge...

Open Happening

Checkout.com hit by cyberattack linked to ShinyHunters

Incident
First: 14.11.2025 18:25 Last: 14.11.2025 18:25 Sources 1

About this happening: **Checkout.com** disclosed an **unauthorized-access breach** of a **legacy third-party cloud file storage system** that exposed **merchant data from 2020 and earlier** and trigger...

Open Happening

Avnet EMEA sales tool data leak

Data Leak
First: 07.10.2025 19:19 Last: 07.10.2025 19:19 Sources 1

About this happening: Avnet confirmed a **data breach** involving **externally hosted cloud storage** supporting an internal sales tool used in **EMEA**. The company said the stolen data is **not easil...

Open Happening

ShinyHunters publicly operates extortion-as-a-service with partner crews

Threat Actor Meta
First: 07.10.2025 00:08 Last: 07.10.2025 00:08 Sources 1

About this happening: ShinyHunters publicly framed itself as an **extortion-as-a-service (EaaS)** operator, a shift that can scale **multi-victim extortion** and blur attribution across partner breache...

Open Happening

Timeline

  1. 15.12.2025 23:27 2 articles · 5mo ago

    Mixpanel systems compromised in smishing attack

    Exploitation Observed

    Mixpanel's systems were compromised on November 8, 2025 after an SMS phishing (smishing) attack, and the breach affected a limited number of customers.

    Show sources
    Open in new tab
  2. 15.12.2025 23:27 1 articles · 5mo ago

    ShinyHunters extorts PornHub over alleged Mixpanel records

    Attribution Update

    ShinyHunters began sending extortion emails to Mixpanel customers and claimed it stole 94GB containing 201,211,943 records of historical search, watch, and download activity for PornHub Premium members; PornHub said the exposed records were historical analytics data from 2021 or earlier and that passwords, payment details, and financial information were not exposed, while Mixpanel said it could not verify that the data came from its November 2025 security incident.

    Show sources
    Open in new tab
  5. 27.11.2025 13:27 2 articles · 6mo ago

    OpenAI notifies ChatGPT API customers of data exposure

    Initial Disclosure

    OpenAI notified some ChatGPT API customers that limited identifying information was exposed after a breach at third-party analytics provider Mixpanel. The exposed data was limited to API users and did not include chat content, API requests, API usage data, passwords, credentials, API keys, payment details, or government IDs. OpenAI removed Mixpanel from production services, began an investigation, and warned users to watch for phishing or social-engineering messages while enabling 2FA and verifying links or attachments from official OpenAI domains.

    Show sources
    Open in new tab