ZenBusiness, a business formation platform, had data on approximately 5.1 million accounts exposed after the hacker group ShinyHunters claimed to have exfiltrated records from multiple platforms and publicly released the data following an unpaid ransom demand.
What happened
According to HIBP, in March 2026 the hacker and extortion group ShinyHunters claimed to have obtained a large volume of data from ZenBusiness, a business formation and compliance platform. The group stated the data was exfiltrated from platforms including Snowflake, Mixpanel, and Salesforce, and threatened to publish it unless a ransom was paid.
Reported by Cybernews, after ZenBusiness allegedly did not pay the ransom, ShinyHunters publicly released the data the following month. The release consisted of many terabytes of files spanning thousands of records that appeared to come from multiple internal systems and business functions.
What was exposed
According to HIBP, the released data included approximately 5 million unique email addresses. Depending on the source file, records were also accompanied by names and phone numbers. The data appeared to originate from leads, support records, and other CRM-related sources.
Who is affected
Approximately 5.1 million accounts are listed as affected. Those impacted are likely current or former ZenBusiness customers, leads, or individuals who interacted with the company's support systems.
What to do now
If you have ever used ZenBusiness or provided your contact information to the company, assume your email address, name, and phone number may be in circulation. Be alert for phishing emails and unsolicited calls that use your personal details to appear legitimate. Consider using a unique email alias for business services going forward, and enable spam filtering on your accounts.