Lithuania National Registers Data Leak Affecting Over 600,000 Entries
Lithuanian authorities are investigating a major data breach affecting over 600,000 entries from its National Registers, managed by the State Enterprise Center of Registers. Officials suspect foreign involvement in the incident, noting that attackers used legitimate credentials from authorized institutions rather than directly hacking the center. The leaked data came from government databases containing citizen information, and while specific details about all exposed records were not fully disclosed, it is believed to include residential details of intelligence, military, diplomatic, political, and other public sector personnel, raising national security concerns.
Signal context
First seen: May 26, 2026
Last updated: Jun 26, 2026
Status: Public signal
Key points
- Disclosed on May 26, 2026.
- Over 600,000 entries from Lithuania's National Registers affected.
- Attackers used legitimate credentials from authorized institutions.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Public Administration
Likely country: Location not provided
Watch process controls, misconfiguration and accidental disclosure paths.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 2 signals in the same sector
- 93 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Related signals
Grouped by why the signal is relevant.
Whise.eu (European Real Estate CRM) Data Leak by ChimeraZ
The threat actor ChimeraZ claimed to have leaked a database from Whise, a Belgian CRM system for the real estate sector, on the dark web on June 23, 2026. The leaked data reportedly consists of 40.85 million records, approximately 15.8 GB of JSON files. Whise is a market leader in Belgium and also active in France.
Madison Square Garden Entertainment Data Leak by ShinyHunters
ShinyHunters reportedly stole and leaked approximately 45 gigabytes of data related to Madison Square Garden Entertainment and its associated entities. The data release occurred around June 21, 2026, after the company allegedly declined to pay an extortion demand. The leaked information included corporate and customer data, as well as files referencing New York Knicks players.
CISA Contractor Nightwing Exposed Sensitive Government Credentials on Public GitHub
A public GitHub repository named 'Private-CISA', maintained by a contractor from Nightwing, a government defense contractor, was found to have exposed highly sensitive internal credentials and systems used by the US Cybersecurity and Infrastructure Security Agency (CISA). The repository, publicly accessible from November 13, 2025, until May 18, 2026, contained 844 MB of CISA's internal DevSecOps infrastructure, including administrative credentials for AWS GovCloud accounts, plaintext usernames and passwords for internal CISA systems, SSH keys, and an RSA private key. The contractor reportedly disabled GitHub's default secret-scanning push protections. Public reporting and analysis of the exposure occurred around May 18-29, 2026.
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273)
The ShinyHunters threat group exploited a zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools, a critical remote code execution flaw with a CVSS score of 9.8. The campaign, observed between May 27 and June 9, 2026, targeted over 100 global organizations, with a significant focus on the higher education sector. The vulnerability allowed unauthenticated remote code execution without user interaction. Stolen data from compromised organizations was subsequently published on ShinyHunters' data leak site, and some victims received extortion demands. Oracle released a security advisory on June 10, 2026, after the exploitation was already underway.
DentaQuest Data Breach: ShinyHunters Threatens to Leak Data, Company Confirms Investigation
DentaQuest, a major U.S. dental and vision insurance provider, was reportedly hit by a data breach, with cybercriminal group ShinyHunters claiming responsibility. ShinyHunters threatened to release stolen information on May 27, 2026, after failed ransom negotiations. DentaQuest confirmed a cybersecurity incident involving unauthorized access to a portion of its network and initiated an investigation. The leaked data, reportedly over 234 GB, included 2.6 million unique email addresses, names, addresses, phone numbers, government-issued IDs, health insurance information, genders, and dates of birth.
Charter Communications (Spectrum) Data Breach by ShinyHunters
Charter Communications confirmed a data breach affecting Spectrum customers after the ShinyHunters group threatened to leak stolen data. The breach, which occurred around April 1, 2026, involved a vishing attack that compromised an employee's Microsoft Entra account, granting access to Salesforce data. Initially, Charter stated no sensitive personal information or CPNI was exfiltrated, but later breach monitoring indicated the exposed dataset affected approximately 4.9 million accounts, with some researchers reporting up to 13 million individuals and nearly 10 million customer-support records. Exposed data included names, email addresses, phone numbers, physical addresses, job titles, and customer support ticket information. Multiple federal lawsuits have since been filed against Charter for failing to protect customer data.