Whise.eu (European Real Estate CRM) Data Leak by ChimeraZ
The threat actor ChimeraZ claimed to have leaked a database from Whise, a Belgian CRM system for the real estate sector, on the dark web on June 23, 2026. The leaked data reportedly consists of 40.85 million records, approximately 15.8 GB of JSON files. Whise is a market leader in Belgium and also active in France.
Signal context
First seen: Jun 23, 2026
Last updated: Jun 26, 2026
Status: Public signal
Key points
- Threat actor ChimeraZ claimed responsibility for the data leak.
- A database from Whise, a real estate CRM system, was leaked on the dark web.
- The leaked data reportedly contains 40.85 million records (15.8 GB of JSON files).
Signal analysis
BetaIt helps compare this signal with other published signals without treating the labels as final determinations.
Likely country: 🇳🇱 Netherlands
inferred from source domains
Watch process controls, misconfiguration and accidental disclosure paths.
- Source type: outside the affected organization
Impact area: Confidentiality
Likely asset: Server or cloud data store
- 1 signal in the same sector
- 93 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Cyberaanvallen 2026 in Nederland en België - Cybercrimeinfohttps://www.ccinfo.nl/menu-nieuws-trends/actuele-cyberaanvallenPublic source from ccinfo.nl.
Cybercrime News For Jun. 22, 2026. Texans Hit by Cyberattack Tied To Licenses. WCYB Digital Radio. - YouTubehttps://www.youtube.com/watch?v=AcuBF8yJACgPublic source from youtube.com.
Related signals
Grouped by why the signal is relevant.
Madison Square Garden Entertainment Data Leak by ShinyHunters
ShinyHunters reportedly stole and leaked approximately 45 gigabytes of data related to Madison Square Garden Entertainment and its associated entities. The data release occurred around June 21, 2026, after the company allegedly declined to pay an extortion demand. The leaked information included corporate and customer data, as well as files referencing New York Knicks players.
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273)
The ShinyHunters threat group exploited a zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools, a critical remote code execution flaw with a CVSS score of 9.8. The campaign, observed between May 27 and June 9, 2026, targeted over 100 global organizations, with a significant focus on the higher education sector. The vulnerability allowed unauthenticated remote code execution without user interaction. Stolen data from compromised organizations was subsequently published on ShinyHunters' data leak site, and some victims received extortion demands. Oracle released a security advisory on June 10, 2026, after the exploitation was already underway.
DentaQuest Data Breach: ShinyHunters Threatens to Leak Data, Company Confirms Investigation
DentaQuest, a major U.S. dental and vision insurance provider, was reportedly hit by a data breach, with cybercriminal group ShinyHunters claiming responsibility. ShinyHunters threatened to release stolen information on May 27, 2026, after failed ransom negotiations. DentaQuest confirmed a cybersecurity incident involving unauthorized access to a portion of its network and initiated an investigation. The leaked data, reportedly over 234 GB, included 2.6 million unique email addresses, names, addresses, phone numbers, government-issued IDs, health insurance information, genders, and dates of birth.
Charter Communications (Spectrum) Data Breach by ShinyHunters
Charter Communications confirmed a data breach affecting Spectrum customers after the ShinyHunters group threatened to leak stolen data. The breach, which occurred around April 1, 2026, involved a vishing attack that compromised an employee's Microsoft Entra account, granting access to Salesforce data. Initially, Charter stated no sensitive personal information or CPNI was exfiltrated, but later breach monitoring indicated the exposed dataset affected approximately 4.9 million accounts, with some researchers reporting up to 13 million individuals and nearly 10 million customer-support records. Exposed data included names, email addresses, phone numbers, physical addresses, job titles, and customer support ticket information. Multiple federal lawsuits have since been filed against Charter for failing to protect customer data.
Lithuania National Registers Data Leak Affecting Over 600,000 Entries
Lithuanian authorities are investigating a major data breach affecting over 600,000 entries from its National Registers, managed by the State Enterprise Center of Registers. Officials suspect foreign involvement in the incident, noting that attackers used legitimate credentials from authorized institutions rather than directly hacking the center. The leaked data came from government databases containing citizen information, and while specific details about all exposed records were not fully disclosed, it is believed to include residential details of intelligence, military, diplomatic, political, and other public sector personnel, raising national security concerns.
Dutch civil servants from Authority for Consumers and Markets (ACM) affected by Microsoft data leak
Names of civil servants from the Authority for Consumers and Markets (ACM), involved in implementing the Digital Services Act (DSA), were reportedly shared by Microsoft with the U.S. House of Representatives without redaction.