Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Grubhub Salesforce and Zendesk data extortion leak

Data Leak
First reported
Last updated
Happening score
H score 23
1 unique sources, 1 articles

Summary

Hide ▲

Grubhub is facing a data leak extortion attempt after stolen Salesforce and Zendesk data were tied to a February 2025 breach and a more recent compromise. The exposed material is being used in Bitcoin payment demands to stop its release, creating a clear risk of further disclosure. Grubhub said unauthorized individuals recently downloaded data from certain systems and that it has moved to contain the incident.

Related Happenings

Instructure hit by cyberattack

Incident
First: 04.05.2026 01:16 Last: 04.05.2026 01:16 Sources 1

About this happening: **Instructure** disclosed a **cybersecurity incident** that exposed user information and prompted an investigation with outside experts and law enforcement. The event matters beca...

Latest development: 14.05.2026 23:19

The House Committee on Homeland Security and the US Senate Committee on Health, Education, Labor, and Pensions sought briefings from Instructure over the Canvas compromise, pressing the edtech vendor on whether it paid a ransom, what data was affected, how it handled the recent attacks, and whether the incident was linked to a prior Salesforce compromise.

Open Happening

BlackFile victims' Salesforce and SharePoint data leak

Data Leak
First: 24.04.2026 21:26 Last: 24.04.2026 21:26 Sources 1

About this happening: BlackFile's **stolen documents** were published on a **dark web leak site**, exposing employee and business records taken from **Salesforce** and **SharePoint** environments. The...

Open Happening

Aura hit by network compromise

Incident
First: 19.03.2026 00:56 Last: 19.03.2026 00:56 Sources 1

About this happening: **Aura** confirmed a **voice-phishing breach** that gave an unauthorized party access to customer records, exposing data tied to **20,000 current** and **15,000 former customers**...

Open Happening

Aura customer data exposed after Aura breach

Data Leak
First: 19.03.2026 00:56 Last: 19.03.2026 00:56 Sources 1

About this happening: Aura confirmed a **data leak** that exposed nearly **900,000 customer records**, creating privacy and phishing risk for affected customers. The exposed set included **names**, **e...

Open Happening

Wynn Resorts hit by cyberattack

Incident
First: 24.02.2026 23:51 Last: 24.02.2026 23:51 Sources 1

About this happening: **Wynn Resorts** confirmed an **employee data breach** after an unauthorized third party stole data from its systems, creating exposure risk for staff records. The company said it...

Open Happening

Timeline

  1. 15.01.2026 23:38 2 articles · 4mo ago

    Grubhub confirms recent data theft and extortion demands

    Initial Disclosure

    Grubhub confirmed that unauthorized individuals recently downloaded data from certain systems, while sources said the company is facing extortion demands from ShinyHunters. The reported demands seek a Bitcoin payment to stop release of older Salesforce data from a February 2025 breach and newer Zendesk data from a recent breach. Grubhub said it stopped the activity, is working with a third-party cybersecurity firm, notified law enforcement, and did not find financial information or order history affected.

    Show sources
    Open in new tab