ADVERTISEMENT

Zara, Carnival, 7-Eleven hit by ShinyHunters, 9M+ records at risk in “pay or leak” warning

Zara, Carnival, and 7-Eleven are the latest brands named by ShinyHunters on Friday, with the ransomware gang threatening to dump troves of data unless the companies pay up by an April 21st deadline.

Zara, 7-Eleven, Carnival Cruise

Images by J2R | onapalmtree | Ceri Breeze | Shutterstock

Stefanie Schappert
Stefanie Schappert Senior Journalist
Apr 18, 2026 Updated: 18 April 2026 4 min read
Key takeaways:
ShinyHunters claims nine victims - Zara, Carnival, 7-Eleven
ShinyHunters lists Zara, Carnival, and 7-Eleven on its dark leak site. Image by Cybernews

Zara leads with Snowflake-fueled leak threat

Zara, Inditex ShinyHunters  breach
ShinyHunters claims Zara data was exposed through the Anodot compromise. Image by Cybernews | Chris Dorney/Shutterstock
Snowflake cloud platform
The Anodot-linked attack wave hit Snowflake customer environments. Image by T. Schneider | Shutterstock
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

7-Eleven pulled into Salesforce-linked breach

ADVERTISEMENT
7-Eleven ShinyHunters post
ShinyHunters says 7-Eleven was breached through its Salesforce environment. Image by Cybernews | Sorbis/Shutterstock
  • The Canada Life Assurance Company – insurance and financial services company, 5.6M Salesforce records containing PII
  • Pitney Bowes Inc. – global ecommerce shipping, 25M Salesforce records containing PII
  • Marcus & Millichap, Inc. – commercial real estate brokerage, 30M Salesforce records containing PII, internal corporate data
  • Aman Resorts – ultra-luxury hospitality brand, 500k Salesforce records containing PII
Salesforce data leak
Millions of Salesforce records were posted by the ransomware gang after victims allegedly refused to negotiate. Image by Cybernews.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.
18,611,353,922
Breached accounts
36,030
Breached websites

Carnival joins widening ShinyHunters "pay or leak" list

Carnival Corporation ShinyHunters
ShinyHunters claims Carnival data theft as its latest “pay or leak” pressure campaign. Image by Cybernews | Darryl Brooks/Shutterstock

ADVERTISEMENT