Madison Square Garden Entertainment Data Leak by ShinyHunters
ShinyHunters reportedly stole and leaked approximately 45 gigabytes of data related to Madison Square Garden Entertainment and its associated entities. The data release occurred around June 21, 2026, after the company allegedly declined to pay an extortion demand. The leaked information included corporate and customer data, as well as files referencing New York Knicks players.
Signal context
First seen: Jun 21, 2026
Last updated: Jun 26, 2026
Status: Public signal
Key points
- ShinyHunters group responsible for the leak.
- 45 gigabytes of data stolen and leaked.
- Data included corporate and customer information, and files related to New York Knicks players.
Signal analysis
BetaIt helps compare this signal with other published signals without treating the labels as final determinations.
Likely country: Location not provided
Watch process controls, misconfiguration and accidental disclosure paths.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: User or customer data
- 1 signal in the same sector
- 93 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Breach Roundup: ShinyHunters Leaks 26M MSG Records - BankInfoSecurityhttps://www.bankinfosecurity.com/breach-roundup-shinyhunters-leaks-26m-msg-records-a-25425Public source from bankinfosecurity.com.
How Hackers Broke into Madison Square Garden - Cyber Recapshttps://cyberrecaps.com/news/cybersecurity-news-june-24-2026/Public source from cyberrecaps.com.
Your Breaches of the Week! June 15 to June 21, 2026 - YouTubehttps://www.youtube.com/watch?v=T-lkUxwjwP8Public source from youtube.com.
SWK Cybersecurity News Recap June 2026https://www.swktech.com/swk-cybersecurity-news-recap-june-2026/Public source from swktech.com.
Related signals
Grouped by why the signal is relevant.
Whise.eu (European Real Estate CRM) Data Leak by ChimeraZ
The threat actor ChimeraZ claimed to have leaked a database from Whise, a Belgian CRM system for the real estate sector, on the dark web on June 23, 2026. The leaked data reportedly consists of 40.85 million records, approximately 15.8 GB of JSON files. Whise is a market leader in Belgium and also active in France.
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273)
The ShinyHunters threat group exploited a zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools, a critical remote code execution flaw with a CVSS score of 9.8. The campaign, observed between May 27 and June 9, 2026, targeted over 100 global organizations, with a significant focus on the higher education sector. The vulnerability allowed unauthenticated remote code execution without user interaction. Stolen data from compromised organizations was subsequently published on ShinyHunters' data leak site, and some victims received extortion demands. Oracle released a security advisory on June 10, 2026, after the exploitation was already underway.
DentaQuest Data Breach: ShinyHunters Threatens to Leak Data, Company Confirms Investigation
DentaQuest, a major U.S. dental and vision insurance provider, was reportedly hit by a data breach, with cybercriminal group ShinyHunters claiming responsibility. ShinyHunters threatened to release stolen information on May 27, 2026, after failed ransom negotiations. DentaQuest confirmed a cybersecurity incident involving unauthorized access to a portion of its network and initiated an investigation. The leaked data, reportedly over 234 GB, included 2.6 million unique email addresses, names, addresses, phone numbers, government-issued IDs, health insurance information, genders, and dates of birth.
Charter Communications (Spectrum) Data Breach by ShinyHunters
Charter Communications confirmed a data breach affecting Spectrum customers after the ShinyHunters group threatened to leak stolen data. The breach, which occurred around April 1, 2026, involved a vishing attack that compromised an employee's Microsoft Entra account, granting access to Salesforce data. Initially, Charter stated no sensitive personal information or CPNI was exfiltrated, but later breach monitoring indicated the exposed dataset affected approximately 4.9 million accounts, with some researchers reporting up to 13 million individuals and nearly 10 million customer-support records. Exposed data included names, email addresses, phone numbers, physical addresses, job titles, and customer support ticket information. Multiple federal lawsuits have since been filed against Charter for failing to protect customer data.
Lithuania National Registers Data Leak Affecting Over 600,000 Entries
Lithuanian authorities are investigating a major data breach affecting over 600,000 entries from its National Registers, managed by the State Enterprise Center of Registers. Officials suspect foreign involvement in the incident, noting that attackers used legitimate credentials from authorized institutions rather than directly hacking the center. The leaked data came from government databases containing citizen information, and while specific details about all exposed records were not fully disclosed, it is believed to include residential details of intelligence, military, diplomatic, political, and other public sector personnel, raising national security concerns.
Dutch civil servants from Authority for Consumers and Markets (ACM) affected by Microsoft data leak
Names of civil servants from the Authority for Consumers and Markets (ACM), involved in implementing the Digital Services Act (DSA), were reportedly shared by Microsoft with the U.S. House of Representatives without redaction.