Industry - Data Breach
Executive Summary
In May 2026, real estate services firm Cushman & Wakefield was targeted by the ShinyHunters extortion group, which publicly leaked data affecting over 310,000 accounts after issuing a "pay or leak" demand. The exposed information consisted primarily of business contact data including email addresses, names, job titles, company addresses, and phone numbers from both Cushman & Wakefield employees and external corporate contacts. The breach primarily compromised professional rather than personal...
What Happened
In May 2026, the cybercriminal group ShinyHunters launched an extortion campaign against real estate services firm Cushman & Wakefield, demanding payment to prevent data publication. When the firm did not comply, ShinyHunters publicly released data affecting over 310,000 accounts. The leaked information included email addresses, names, job titles, company addresses, and phone numbers belonging to Cushman & Wakefield employees and external corporate contacts.
Who Is Affected
Approximately 310,400 individuals are affected, including Cushman & Wakefield employees and external business contacts from various companies who had professional relationships with the firm. The compromised data consists primarily of business contact information rather than sensitive personal or financial details. Both internal staff and corporate partners who shared their professional contact details with Cushman & Wakefield are impacted.
Why It Matters
This incident demonstrates the ongoing threat of extortion-based cyberattacks where criminal groups publicly weaponize stolen data when ransom demands are refused. While the exposed information is primarily professional rather than highly sensitive personal data, it creates risks for targeted phishing attacks and business email compromise schemes against the affected individuals and organizations. The breach affects a major global real estate firm, potentially exposing corporate relationship networks across multiple industries.
What You Should Do
If you are a Cushman & Wakefield employee or business contact, remain vigilant against phishing emails that may use your leaked contact information to appear legitimate. Enable two-factor authentication on all professional accounts, particularly email and business applications. Be cautious of unsolicited communications claiming to be from Cushman & Wakefield or business partners, and verify sender identities through separate communication channels before sharing any additional information or clicking links.
Summary generated from verified sources and reviewed before publication. How we summarize.
Sources
- Cushman & Wakefield - 310,431 breached accounts
- Xfinity Customer? You May Be Owed Money From a $117.5 Million Data Breach Settlement - CNET
- OpenLoop Health Data Breach Confirmed at 716,000 Individuals - Security Boulevard
- Developer of education tool Canvas issues apology after hack - Reuters
- American Lending Center Data Breach Impacts 123K, Lawsuit Possible - ClassAction.org
- Excelas Data Breach - ClassAction.org
- Canada Life - 237,810 breached accounts
- 716,000 Impacted by OpenLoop Health Data Breach - SecurityWeek
- OpenLoop Health confirms January 2026 Data breach affecting 716,000 - Security Affairs
- Cushman Hit With Class Action Suit Following Data Breach - The Real Deal
- Capitol Pain Institute Data Breach: Protected Health Information Exposed - Claim Depot
- Abrigo - 711,099 breached accounts
- 716,000 Impacted by OpenLoop Health Data Breach - SecurityWeek
- Developer of education tool Canvas issues apology after hack - Reuters
- RAW: COMCAST AGREES TO PAY $117M+ FOR DATA BREACH - Local 3 News
- Comcast is offering payouts in $117.M settlement over data breach – how to find out if you're eligible - New York Post
- Williams Architects Data Breach Affects Exposes Government IDs and More - Claim Depot
- Thompson Coburn $7,500,000 Data Breach Settlement - Claim Depot
- Excelas Data Breach Exposes Personal and Health Information - Claim Depot
- What to do after Canvas data breach: Wisconsin DATCP issues consumer alert - WKOW