Madison Square Garden Data Leak by ShinyHunters After Ransom Deadline Missed
The ShinyHunters hacking group published nearly 45GB of allegedly stolen Madison Square Garden (MSG) data, including 26 million customer records, customer support emails, and internal 'Talent' files, after MSG reportedly missed a ransom deadline.
Signal context
First seen: Jun 17, 2026
Last updated: Jun 19, 2026
Status: Public signal
Key points
- Data published by ShinyHunters on June 17, 2026, following an intrusion on June 5, 2026.
- Approximately 45GB of data leaked, containing 26 million customer records.
- Exposed data includes ticketing operations, customer account details, internal corporate documents, and 'Talent' files with addresses, appearance fees, and risk-level ratings for high-profile individuals.
Signal analysis
BetaIt helps compare this signal with other published signals without treating the labels as final determinations.
Likely country: Location not provided
Watch process controls, misconfiguration and accidental disclosure paths.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 1 signal in the same sector
- 22 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Related signals
Grouped by why the signal is relevant.
Kodak Confirms Breach Amid ShinyHunters Leak Threat
Kodak confirmed a data breach on June 18, 2026, after the ShinyHunters group claimed to have stolen 2.2 million records and threatened to leak them.
Council of Europe Hacked by ShinyHunters, 297 GB of Data Stolen
The notorious extortion group ShinyHunters claimed to have hacked the Council of Europe, stealing nearly 300 gigabytes of data, including employee personal information, payroll data, CVs, and medical records. The group threatened to leak the data if negotiations were not initiated.
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273)
The ShinyHunters threat group exploited a zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools, a critical remote code execution flaw with a CVSS score of 9.8. The campaign, observed between May 27 and June 9, 2026, targeted over 100 global organizations, with a significant focus on the higher education sector. The vulnerability allowed unauthenticated remote code execution without user interaction. Stolen data from compromised organizations was subsequently published on ShinyHunters' data leak site, and some victims received extortion demands. Oracle released a security advisory on June 10, 2026, after the exploitation was already underway.
U.S. Immigration and Customs Enforcement (ICE) Data Leak
An online database containing sensitive information on U.S. Immigration and Customs Enforcement (ICE) department workers was leaked in January 2026. The incident exposed data on 2,000 agents and 150 supervisors, potentially being the largest breach of department staff information. The database itself experienced a cyberattack on January 13, 2026.
Oracle Affected by FortiBleed Campaign
Oracle was identified as one of over 22,000 corporate domains affected by the FortiBleed campaign. A Russian-speaking criminal group compromised Fortinet firewall and VPN devices globally, exfiltrating credentials and potentially gaining full network access.
Paywall Bypass Vulnerability
Tweakers.net has identified a vulnerability that allows for the bypass of its paywall. This issue is listed as a 'Known issue' within their bug bounty program, indicating that the company is aware of the flaw and is seeking ethical hackers to report findings related to it. A successful bypass could allow unauthorized access to premium content.