Key Findings ShinyHunters group conducted two separate "pay or leak" extortion campaigns against major companies in early 2026 Mytheresa luxury fashion platform: 84,108 breached accounts containing emails, names, phone numbers, addresses, purchase history, and partial credit card data Ameriprise Financial: 502,597 breached accounts with emails, names, phone numbers, addresses, and employer information from Salesforce and SharePoint systems Both companies had ransom demands th