Who are ShinyHunters?

ShinyHunters is a cybercriminal group active since 2020, specializing in breaching SaaS platforms and cloud environments to steal and sell user data. Members have been linked to France and other countries.

What companies did ShinyHunters breach in 2026?

In 2026, ShinyHunters breached Vercel (customer credentials and API keys), Rockstar Games (80M records via Snowflake), and McGraw Hill (13.5M accounts via Salesforce misconfiguration).

How do I know if my data was exposed?

Check haveibeenpwned.com for your email. Use an identity theft protection service like Aura for real-time dark web monitoring. Change passwords on any affected platforms immediately.

How can I protect myself from data breaches?

Use a password manager for unique passwords, enable 2FA everywhere, subscribe to an identity theft protection service for dark web monitoring, and use a VPN on public networks.

ShinyHunters 2026: The Hacking Group Behind the Vercel, Rockstar & McGraw Hill Breaches

By Sarah Chen • April 22, 2026 • 8 min read

⚠️ Developing Story — This article is updated as new information becomes available. Last update: April 22, 2026.

In the first four months of 2026, one name keeps appearing in breach after breach: ShinyHunters. The group has claimed responsibility for compromising Vercel, Rockstar Games, and McGraw Hill — exposing over 90 million records combined. If you use any cloud-based service, this matters to you.