THU 02 JUL 2026 · GMT EDITION A WHITESTONE INTELLIGENCE PUBLICATION
MARKETS · CYBER · MEMOS · MODELS
DAILY ISSUES26 MAY27 MAY28 MAY29 MAY30 MAY31 MAY01 JUN02 JUN03 JUN04 JUN05 JUN06 JUN07 JUN08 JUN09 JUN10 JUN11 JUN12 JUN13 JUN14 JUN15 JUN16 JUN17 JUN18 JUN19 JUN21 JUN22 JUN23 JUN24 JUN25 JUN26 JUN27 JUN28 JUN29 JUN30 JUN01 JUN02 JUNALL ›
FRONT PAGE / CYBER / CYB-30D-007
CYBER · cves zero days · 2026-05-28SCOOP 66

Carnival Confirms ~6 Million Affected After April Social-Engineering Breach Claimed by ShinyHunters

Carnival Corporation confirmed a data breach affecting approximately six million individuals, stemming from a social-engineering attack on an employee in April 2026.

·FILED ISSUE 2026-05-28·1 MIN READ·RE-VERIFIED 2026-07-02 UTC·✓ RE-VERIFIED 2026-07-02

VERDICT — CONFIRMED

QA-reviewed confidence · primary + corroborating sources verified · re-verified 2026-07-02 UTC
Carnival Confirms ~6 Million Affected After April Social-Engineering Breach Claimed by Shi
Photo: Maryland GovPics · via Wikimedia Commons · CC BY 2.0

Carnival Corporation confirmed a data breach affecting approximately six million individuals, stemming from a social-engineering attack on an employee in April 2026. The company says an unauthorized actor used social engineering to deceive an employee and gain access to a limited portion of its IT systems on or around April 10, 2026; Carnival's security team identified the unauthorized activity on April 14, 2026, and determined on April 22, 2026 that personal information had been illegally copied. The figure comes from a Carnival filing with Maine's attorney general and is a reduction from the roughly 8.7 million records initially listed on Have I Been Pwned.

Stolen data included names, addresses, email addresses, phone numbers, dates of birth and state identification numbers. The extortion group ShinyHunters claimed responsibility, stating, 'The company failed to reach an agreement with us despite our incredible patience,' indicating Carnival declined to pay. Carnival began notifying affected individuals and offered two years of complimentary credit monitoring through TransUnion, and said it is strengthening security controls and monitoring.

The Carnival incident is part of a wave of ShinyHunters extortion breaches disclosed in the window that also hit telecom, retail and education targets; the group has reportedly compromised between 300 and 400 organizations over six years. Reporting noted Carnival declined to comment on the precise scale or to name ShinyHunters directly, and that the discrepancy between the actor's records claim and the company's notification figure mirrors a recurring pattern in ShinyHunters cases, where exfiltrated record counts exceed the number of distinct notified individuals.

Share
Filed by the Cyber desk · verified by the verification desk · re-verified 2026-07-02 · Our standards: the two-source rule ›
CITE THIS FILE — The Dossier Wire · cyb-30d-007 · filed 2026-05-28 · https://thedwire.com/wire/cyb-30d-007-carnival-confirms-6-million-affected-after-april-social.html · Primary and corroborating sources listed above; archived at publication. Republishing & licensing: hello@thedwire.com.
More from Cyber FULL DESK ›
FBI warns Silent Ransom Group is posing as IT helpdesks — and walking operatives
Getty Images via CyberScoop
CYBER · SCOOP 62

FBI warns Silent Ransom Group is posing as IT helpdesks — and walking operatives into US law firms

The FBI warned in a May 26 advisory that the Silent Ransom Group (SRG) — the data-theft extortion crew also tracked as Luna Moth, Chatty Spider and UNC3753 — has "consistently targeted U.S.-based law firms" and has recently begun posing as employees from victims' own IT departments, with the alert rippling through the legal and security t

✓ verifiednewSOURCE ↗
READ THE FILE ›
Charter (Spectrum) Confirms Breach After ShinyHunters Vishing Hits Salesforce; H
BleepingComputer
CYBER · SCOOP 75

Charter (Spectrum) Confirms Breach After ShinyHunters Vishing Hits Salesforce; Hackers Claim Up to 42M Records

Charter Communications confirmed a data breach after the extortion group ShinyHunters claimed to have stolen up to 40-42 million records in an attack dated on or around April 1, 2026. According to ShinyHunters' account to BleepingComputer, the actors used a voice-phishing (vishing) call to compromise an employee's Microsoft Entra account,

✓ verified
READ THE FILE ›
ShinyHunters Leaks 7-Eleven Franchise-Applicant Data on ~185,000 People After Fa
Help Net Security
CYBER · SCOOP 58

ShinyHunters Leaks 7-Eleven Franchise-Applicant Data on ~185,000 People After Failed Extortion

Data on approximately 185,000 people was exposed in a cyberattack on convenience-store chain 7-Eleven that was later claimed by the ShinyHunters extortion gang. 7-Eleven discovered unauthorized third-party access on April 8, 2026; on May 1, CISO Jim Kastle confirmed the breach involved documents individuals had submitted during the franch

✓ verified
READ THE FILE ›

The morning wire in your inbox — every brief, primary sources linked, no noise.

Free tier. The Wire — continuous desk briefs · Records archive · Bureau alerts.

Stored to the wire's subscriber list. No spam, unsubscribe any time.