ShinyHunters didn't break the internet with novel exploits. They broke it with old passwords, missing MFA, and phone calls that sound like IT support. Six years in, the body count includes Wattpad, Ticketmaster, AT&T, Google, Cisco, Qantas, Louis Vuitton, ADT — and 15+ more in the first four months of 2026. Hundreds of companies. Over a billion people. Almost none of it required anything sophisticated.This timeline documents every confirmed and attributed breach from 2020 through 2026 YTD — the Snowflake sweep, the Salesforce campaign, the vishing pivots, the supply-chain hops through EPAM, Mixpanel, and Anodot. Read it the way the attackers do: as a list of mistakes that worked, then worked again, then worked at companies that should have known better. The one thing that hasn't changed in six years is the door they keep walking through.
Fill in your details to download the resource.