verified2026-04-20

AmanAman breach

aman.com · 215,563 records compromised

Records
216K
Breach date
2026-04-20
Domain
aman.com
Data classes
10

Description

In April 2026, the ultra-luxury hotel brand Aman was named by ShinyHunters as the target of a "pay or leak" extortion campaign , with the data allegedly obtained from their Salesforce CRM. The data was subsequently leaked publicly and contained over 200k unique email addresses. Whilst not present on all records, the data also included genders, physical addresses, phone numbers, nationalities, dates of birth, spouse names and VIP status codes.

Compromised data classes· 10

Dates of birthEmail addressesGendersLanguage preferencesNamesNationalitiesPhone numbersPhysical addressesSpouses namesVIP statuses

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
Cushman & Wakefield
Breach
Zara
Breach
Ameriprise
Breach
Mytheresa
Breach
Amtrak
Breach
Udemy
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.