Pitney Bowes Named in Alleged ShinyHunters Breach Affecting Millions
Shipping and logistics technology company Pitney Bowes appears to be the latest victim of ShinyHunters extorsion scheme, with millions of customers' personal information allegedly leaked in data breach.
Breach News reported the news last week, saying Pitney Bowes was being targeted by the threat group which claimed to have stolen over 25 million customer records from the company.
m00s3c
However, it's unclear if that number is accurate.
Data breach tracking site Have I Been Pwned officially added the incident to their site on April 27, saying "after negotiations allegedly failed, the group publicly released the data which included 8.2M unique email addresses, along with names, phone numbers and physical addresses. A subset of the data also included Pitney Bowes employee records with job titles."
And CyberInsider reported today that a Pitney Bowes spokesperson confirmed it suffered a cybersecurity incident involving unauthorized access to customer data stored in its Salesforce environment, but the company says sensitive personal data was not exposed.
Alex Lekander
“We immediately secured the environment, revoked the compromised access, and engaged leading cybersecurity experts and law enforcement to support our investigation...our investigation has found no evidence that the activity extended into other Pitney Bowes systems, and no indication that sensitive personal data was accessed” the spokesperson told CybersInsider.
Value Added Resource attempted to contact Pitney Bowes for comment to confirm these reports, but both a general media email address and the email for Communications Director, Marifer Rodriguez, currently listed on Pitney Bowes's website bounced - apparently Rodriguez has not worked at the company since 2024, according to her LinkedIn page.
A separate email sent to Pitney Bowes' investor relations contact has not received a response as of time of publishing.
