Key developments
ShinyHunters leaks Hallmark Salesforce data
On April 12, ShinyHunters publicly released a 9.59 GB Hallmark dataset after Hallmark reportedly refused extortion demands tied to a March 9, 2026 breach. The data came from Hallmark's Salesforce environment and is said to contain about 6.2 million records across 20 files, exposing more than 1.73 million unique users. Exposed fields include full names, verified email addresses, phone numbers, physical addresses, and historical support tickets.
Why it matters
The leak combines direct identifiers with support-ticket context, raising phishing, vishing, and identity-theft risk for affected customers.
Sources & driving stories
BRINZTECH
Brinztech coverageFebruary healthcare breaches hit 8.1 million
February 2026 saw 63 healthcare breaches affecting 500 or more individuals, up 14.5 percent from January and involving at least 8,134,378 people, according to OCR reporting summarized by calHIPAA. Hacking and other IT incidents accounted for 57 breaches and 8,020,208 affected individuals, with TriZetto Provider Solutions and QualDerm Partners among the largest incidents. The report also says OCR expanded its risk-analysis enforcement initiative to include risk management under HIPAA.
Why it matters
It underscores both the scale of current healthcare exposure and a broader enforcement posture from OCR.
Sources & driving stories
CALHIPAA · Christine Garcia
calHIPAA coveragePrivacy Guides rounds up fresh breach reports
Privacy Guides' April 3-9 roundup says new breach disclosures emerged across Germany and the U.S. The incidents include a Qilin ransomware attack on Die Linke, a supply-chain leak at Mercor that reportedly exposed Slack messages, internal tickets, source code, database records, and videos, and leaked LAPD-related records tied to the Los Angeles City Attorney's Office. The roundup suggests several privacy incidents remain active and still being clarified.
Why it matters
It shows multiple newly reported exposure events unfolding outside the largest headline breaches.
Sources & driving stories
PRIVACY GUIDES · Nate Bartram
Privacy Guides coverageWorth noting
WORTH NOTING
Aroostook breach notice exposes personal identifiers
The notice said names or other personal identifiers were involved and advised credit freezes plus monitoring if Social Security numbers were exposed.
WORTH NOTING
Avis settlement sets June claims deadline
The settlement covers an August 2024 breach and offers up to $5,000 for documented losses, with claims due June 21 and final approval set for July 28.
Still unclear
OPEN QUESTION
How did Hallmark's Salesforce access get abused?
Determining whether the entry point was stolen credentials, API keys, or a SaaS misconfiguration will shape the remediation story.
OPEN QUESTION
Will OCR's risk-management focus drive new enforcement?
The February breach surge gives OCR a large set of cases to test its expanded HIPAA enforcement posture.