verified2026-04-12

MytheresaMytheresa breach

mytheresa.com · 84,108 records compromised

Records
84.11K
Breach date
2026-04-12
Domain
mytheresa.com
Data classes
7

Description

In April 2026, the luxury fashion e-commerce platform Mytheresa was listed as a victim of the ShinyHunters "pay or leak" extortion group . After the ransom deadline passed, the group publicly released the data which contained 84k unique email addresses. The exposed data also included names, phone numbers, physical addresses, purchases and partial credit card data including card type, last 4 digits and expiry date.

Compromised data classes· 7

Email addressesNamesPartial credit card dataPhone numbersPhysical addressesPurchasesSalutations

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
Zara
Breach
SHEIN
Breach
Woflow
Breach
Udemy
Breach
Neiman Marcus
Breach
7-Eleven
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.