Cybercriminal group ShinyHunters has claimed responsibility for a major data breach involving Alert 360, one of the largest home and business security providers in the United States. The group alleges that over 2.5 million records were exposed after the company refused to meet ransom demands.
According to the hackers, approximately 10GB of compressed data—containing personally identifiable information (PII) and internal corporate files—has been published on the dark web. The breach reportedly followed failed negotiations, with ShinyHunters stating the leak occurred after communication with the company broke down.
While the full scope of the breach remains unconfirmed, stolen security system data can be especially sensitive. Beyond basic customer information, modern surveillance platforms may store video footage, behavioral analytics, access logs, and even employee activity insights—creating significant privacy and security risks if exposed.
Security experts warn that today’s systems generate valuable intelligence through features like heat mapping, people counting, and behavioral tracking. In the wrong hands, this data could be used for surveillance, fraud, or targeted attacks.
This incident is part of a broader surge in cyberattacks attributed to ShinyHunters in 2026. The group has recently targeted several high-profile organizations, raising concerns about increasingly sophisticated tactics. Researchers link these attacks to social engineering campaigns, including vishing schemes that trick employees into revealing credentials, often exploiting identity platforms like Okta.
Alert 360 has not publicly confirmed the breach at this time. As investigations continue, the incident highlights the growing risks facing companies that store large volumes of sensitive customer and surveillance data.