verified2026-04-15

KemperKemper breach

kemper.com · 269,299 records compromised

Records
269K
Breach date
2026-04-15
Domain
kemper.com
Data classes
6

Description

In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign . The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part of a broader campaign targeting hundreds of organisations using the same method. The group later published tens of gigabytes of data they claimed included internal directory data, Salesforce records and Stripe payment logs. Among the 269k unique email addresses were names, phone numbers, physical addresses and partial payment card data including the last 4 digits, expiry dates and card brands. Kemper confirmed the incident and stated they had engaged third-party cybersecurity experts and notified law enforcement.

Compromised data classes· 6

Email addressesNamesPartial credit card dataPhone numbersPhysical addressesPurchases

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
Ameriprise
Breach
Cushman & Wakefield
Breach
Marcus & Millichap
Breach
Woflow
Breach
Canada Life
Breach
Pitney Bowes
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.