Key developments
ShinyHunters dumps Hallmark Salesforce data
Brinztech reported that on April 12, 2026, ShinyHunters publicly released a 9.59 GB Hallmark dataset after Hallmark allegedly declined extortion demands tied to a March 9 breach. The leak came from Hallmark's Salesforce environment and was said to contain about 6.2 million records across 20 files, exposing more than 1.73 million unique users. The data included full names, verified email addresses, phone numbers, physical addresses, and historical support tickets.
Why it matters
The combination of direct contact data and support history raises the risk of targeted phishing, identity theft, and account verification bypass.
Sources & driving stories
BRINZTECH
Brinztech coverageBooking.com confirms reservation data access
Booking.com confirmed unauthorized third parties may have accessed some booking information linked to user reservations, according to BleepingComputer's Bill Toulas and Techzine Global's Erik van Klinken. The company said it reset PINs for existing and past reservations and emailed potentially affected guests, but it did not disclose how many customers were affected or when the intrusion occurred. Reported exposure included names, email addresses, physical addresses, phone numbers, booking details, and information shared with accommodations.
Why it matters
The incident is active enough to trigger PIN resets, but the lack of scope and timeline leaves the risk of follow-on abuse unresolved.
Sources & driving stories
BLEEPINGCOMPUTER · Bill Toulas
BleepingComputer coverageTECHZINE GLOBAL · Erik van Klinken
Techzine Global coverageFebruary healthcare breaches hit 8.1 million people
calHIPAA's Christine Garcia reported that February 2026 saw 63 healthcare breaches affecting 500 or more people, exposing protected health information for at least 8,134,378 individuals. That was a 14.5% increase in breach count from January and a 436% jump in affected individuals. Hacking and other IT incidents drove 57 of the 63 cases, and OCR said it expanded its risk-analysis enforcement initiative to include risk management under the HIPAA Security Rule.
Why it matters
The numbers show a sharp monthly escalation in PHI exposure and signal tighter regulatory scrutiny on HIPAA security programs.
Sources & driving stories
CALHIPAA · Christine Garcia
calHIPAA coverageWorth noting
WORTH NOTING
Adobe patches Acrobat Reader zero-day
The flaw has been exploited since at least December and can read arbitrary local files or exfiltrate data when a malicious PDF is opened.
WORTH NOTING
Storm infostealer shifts decryption server-side
It collects browser passwords, session cookies, tokens, documents, and messaging app data while reducing local detection signals.
Still unclear
OPEN QUESTION
What access path enabled Hallmark's Salesforce leak?
Knowing whether credentials, tokens, or misconfiguration were involved will determine how broadly other SaaS-hosted customer datasets are at risk.
OPEN QUESTION
How broad was Booking.com's exposure?
The company has not disclosed the number of affected customers or the intrusion date, leaving users unable to judge their fraud and account risk.