Aura customer data exposed after Aura breach
Data Leak
Summary
Hide ▲
Show ▼
Aura confirmed a data leak that exposed nearly 900,000 customer records, creating privacy and phishing risk for affected customers. The exposed set included names, email addresses, home addresses, and phone numbers, and Aura said the data came from a marketing tool tied to a business it acquired in 2021. Aura said SSNs, account passwords, and financial information were not compromised. The threat group ShinyHunters also claimed the theft and said it leaked 12GB of files.
Related Happenings
Infinite Campus hit by data theft breach linked to ShinyHunters
Incident
H score51
First: 15.06.2026 15:38
Last: 15.06.2026 15:38
Sources 1
About this happening:
**Infinite Campus** suffered a **Salesforce data theft breach** that exposed **more than 137,000 school staff accounts**, putting staff contact and account data at risk. The compr...
Infinite Campus hit by data theft breach linked to ShinyHunters
IncidentAbout this happening: **Infinite Campus** suffered a **Salesforce data theft breach** that exposed **more than 137,000 school staff accounts**, putting staff contact and account data at risk. The compr...
ShinyHunters Oracle PeopleSoft data theft and extortion campaign
Campaign
H score60
First: 10.06.2026 21:31
Last: 10.06.2026 21:31
Sources 1
About this happening:
**ShinyHunters**/**UNC6240** used **CVE-2026-35273** in **Oracle PeopleSoft Enterprise PeopleTools** as a **zero-day** to break into exposed systems, steal data, and extort victim...
ShinyHunters Oracle PeopleSoft data theft and extortion campaign
CampaignAbout this happening: **ShinyHunters**/**UNC6240** used **CVE-2026-35273** in **Oracle PeopleSoft Enterprise PeopleTools** as a **zero-day** to break into exposed systems, steal data, and extort victim...
Latest development: 29.06.2026 23:40
Nissan says attackers exploited an Oracle PeopleSoft vulnerability in a ShinyHunters-linked campaign and that the company was specifically targeted, with personal information for current and former employees in the United States, Canada, Mexico, and Brazil potentially exposed. Nissan says the material may include employee contact information, banking information, Social Security numbers, Social Insurance Numbers, National Identification Numbers, financial and tax information, and dependent and beneficiary information, and the company has activated incident response, engaged external cybersecurity experts, secured affected systems, and is working with Oracle.
Charter Communications hit by network compromise linked to ShinyHunters
Incident
H score70
First: 26.05.2026 22:46
Last: 26.05.2026 22:46
Sources 1
About this happening:
**Charter Communications** confirmed a **data breach** tied to **ShinyHunters** extortion, with the company saying it is **alerting authorities** and that **no sensitive personal...
Charter Communications hit by network compromise linked to ShinyHunters
IncidentAbout this happening: **Charter Communications** confirmed a **data breach** tied to **ShinyHunters** extortion, with the company saying it is **alerting authorities** and that **no sensitive personal...
Latest development: 29.05.2026 11:29
Have I Been Pwned analyzed leaked Charter Communications data and confirmed that the incident affected 4.9 million accounts, with exposed records including names, email addresses, job titles, phone numbers, and physical addresses. The published data also included a subset of about 85,000 records from an internal employee directory.
7-Eleven hit by network compromise
Incident
H score53
First: 19.05.2026 17:16
Last: 19.05.2026 17:16
Sources 1
About this happening:
**7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...
7-Eleven hit by network compromise
IncidentAbout this happening: **7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...
Grafana Labs Says GitHub hit by cyberattack
Incident
H score70
First: 17.05.2026 10:13
Last: 17.05.2026 10:13
Sources 1
About this happening:
A **Grafana Labs** incident was later tied to the **Mini Shai-Hulud** supply-chain campaign against **TanStack npm packages**. Grafana said an unauthorized party used a token to a...
Grafana Labs Says GitHub hit by cyberattack
IncidentAbout this happening: A **Grafana Labs** incident was later tied to the **Mini Shai-Hulud** supply-chain campaign against **TanStack npm packages**. Grafana said an unauthorized party used a token to a...
Timeline
-
19.03.2026 00:56 2 articles · 3mo ago
Aura confirms exposure of customer records and response steps
Initial DisclosureAura confirmed that an authorized party accessed nearly 900,000 customer records after a voice phishing attack targeting an employee, exposing names, email addresses, home addresses, and phone numbers while SSNs, account passwords, and financial information were not compromised. Aura said the exposed data came from a marketing tool tied to a company it acquired in 2021, while ShinyHunters separately claimed the theft of 12GB of files and leaked the stolen data on an extortion site. Aura said it is conducting an internal review with external cybersecurity experts, has informed law enforcement authorities, and will soon notify affected individuals.
Show sources
- Aura confirms data breach exposing 900,000 marketing contacts — www.bleepingcomputer.com — 19.03.2026 00:56
- Aura confirms data breach exposing 900,000 marketing contacts — www.bleepingcomputer.com — 19.03.2026 00:56