Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Aura customer data exposed after Aura breach

Data Leak
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

Aura confirmed a data leak that exposed nearly 900,000 customer records, creating privacy and phishing risk for affected customers. The exposed set included names, email addresses, home addresses, and phone numbers, and Aura said the data came from a marketing tool tied to a business it acquired in 2021. Aura said SSNs, account passwords, and financial information were not compromised. The threat group ShinyHunters also claimed the theft and said it leaked 12GB of files.

Related Happenings

7-Eleven hit by network compromise

Incident
First: 19.05.2026 17:16 Last: 19.05.2026 17:16 Sources 1

About this happening: **7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...

Open Happening

Grafana Labs Says GitHub hit by cyberattack

Incident
First: 17.05.2026 10:13 Last: 17.05.2026 10:13 Sources 1

About this happening: A **Grafana Labs** incident was later tied to the **Mini Shai-Hulud** supply-chain campaign against **TanStack npm packages**. Grafana said an unauthorized party used a token to a...

Open Happening

Zara customer data leak exposing 197,400 people

Data Leak
First: 08.05.2026 13:42 Last: 08.05.2026 13:42 Sources 1

About this happening: The **Zara** customer-data leak now exposes **197,400 people**, creating privacy and phishing risk across multiple markets. The exposed records include **unique email addresses**,...

Open Happening

Instructure user personal information breach

Data Leak
First: 04.05.2026 01:16 Last: 04.05.2026 01:16 Sources 1

About this happening: Instructure confirmed a **data breach** that exposed **users' personal information**, putting students, teachers, and staff at risk across affected institutions. The exposed mater...

Open Happening

ShinyHunters data-theft extortion campaign targeting Salesforce customers

Campaign
First: 07.04.2026 22:39 Last: 07.04.2026 22:39 Sources 1

About this happening: The **ShinyHunters** extortion campaign is actively pressuring **numerous companies** with ransom demands tied to **stolen data**, increasing exposure for **Salesforce customers**...

Latest development: 11.05.2026 12:00

ShinyHunters' pay-or-leak campaign exposed data from Zara customers, with HaveIBeenPwned citing over 197,000 affected customers after an April 2026 incident that involved stolen Anodot authentication tokens reaching BigQuery and Snowflake, and the same operation later targeted Instructure's Canvas Learning Management System in late April 2026, affecting 8,809 users across 50 countries and aligning with other victims such as Vimeo, Rockstar Games and McGraw Hill.

Open Happening

Timeline

  1. 19.03.2026 00:56 2 articles · 2mo ago

    Aura confirms exposure of customer records and response steps

    Initial Disclosure

    Aura confirmed that an authorized party accessed nearly 900,000 customer records after a voice phishing attack targeting an employee, exposing names, email addresses, home addresses, and phone numbers while SSNs, account passwords, and financial information were not compromised. Aura said the exposed data came from a marketing tool tied to a company it acquired in 2021, while ShinyHunters separately claimed the theft of 12GB of files and leaked the stolen data on an extortion site. Aura said it is conducting an internal review with external cybersecurity experts, has informed law enforcement authorities, and will soon notify affected individuals.

    Show sources
    Open in new tab