ShinyHunters Threatens ZenBusiness with Data Leak Deadline The notorious ransomware group ShinyHunters has issued a "final warning" to ZenBusiness, a U.S.-based platform supporting small businesses with LLC formation, compliance, and back-office tools. The group threatened to leak terabytes of stolen data and create "several annoying (digital) problems" if a ransom is not paid by March 25. Security researchers believe ShinyHunters gained access through vishing (voice phishing), impersonating IT staff to trick employees into granting remote access. Once inside, the group likely compromised platforms like Salesforce or Snowflake to exfiltrate sensitive data potentially including customer PII, employee records, and internal operations details, which could undermine ZenBusiness’s competitive edge. ZenBusiness, which serves freelancers, startups, and small businesses with an estimated $75 million in annual revenue, is the latest in a string of ShinyHunters targets. Recent victims include Infinite Campus (11 million affected), Telus Digital, Wynn Resorts, and Crunchyroll, highlighting the group’s aggressive and persistent campaign. The breach remains unconfirmed by ZenBusiness, but researchers warn of potential exposure risks.

Cybersecurity Breach Exposes Sensitive Data of Adult Platform’s Premium Users A cyberattack targeting an adult platform’s Premium service has sparked extortion threats and heightened privacy concerns after the hacking group ShinyHunters claimed to have stolen over 201 million records of user activity logs. The company confirmed the breach stemmed from a third-party analytics vendor, Mixpanel, but clarified that only Premium users were affected and that no passwords or payment details were exposed. The stolen data reportedly includes email addresses, search queries, video titles, timestamps, and IP-based geolocation—information that, while not directly financial, could enable de-anonymization, targeted phishing, or blackmail. ShinyHunters has allegedly used the dataset to pressure the company, mirroring tactics seen in past breaches involving sensitive content, such as the 2015 Ashley Madison hack. The incident underscores the risks of supply chain vulnerabilities, where even secure primary systems can be compromised through third-party integrations. While Mixpanel denied its systems were breached, the event highlights the dangers of unchecked telemetry data collection, which can inadvertently expose sensitive behavioral logs. Privacy advocates warn that such datasets can reveal personal preferences, relationships, or routines, making them prime targets for extortion. Regulatory scrutiny is likely, with potential investigations under laws like GDPR or California’s privacy statutes. The company has pledged to audit its analytics pipeline, reduce data retention, and implement stronger safeguards for personally identifiable information. For affected users, the breach serves as a reminder of the persistent risks tied to behavioral tracking—even when financial data remains secure.

Data analytics company Mixpanel suffered a security breach in November 2025, exposing account information for some OpenAI API users. OpenAI has since terminated its relationship with Mixpanel and begun notifying affected customers. Mixpanel Smishing Attack: How the Breach Happened Mixpanel is a product analytics platform that helps enterprises track user behavior across websites, apps, and APIs. The company analyzes key metrics, including retention rates, conversion rates, feature usage, and user journeys. OpenAI used Mixpanel as a third-party web analytics provider to understand product usage and improve its API platform (platform.openai.com), which powers text generation, natural language processing, and computer vision. On November 8, 2025, Mixpanel detected a smishing campaign — a type of phishing attack conducted via SMS text messages designed to trick employees into revealing their login credentials. The following day, November 9, Mixpanel discovered that an attacker had gained unauthorized access to part of their systems and exported a dataset containing customer information. Mixpanel immediately launched its incident response process, which included: Securing affected accounts and revoking all active sessions and sign-ins Rotating compromised Mixpanel credentials for impacted accounts Blocking malicious IP addresses Registering indicators of compromise (IOCs) on its SIEM platform Performing global password resets for all Mixpanel employees Engaging a third-p

Threat actors breached Mixpanel, a third-party analytics service used by OpenAI, exposing personally identifiable information (PII) of OpenAI’s customers. The compromised data includes names, email addresses, approximate coarse locations (e.g., city or region), device details (operating system and browser), browsing history (websites visited), and organization or user IDs linked to OpenAI’s API accounts. While the breach did not involve highly sensitive financial or health-related data, the exposure of such PII—particularly email addresses, locations, and API-associated identifiers—poses risks of targeted phishing, identity profiling, or unauthorized access to linked services. The incident highlights vulnerabilities in third-party dependencies and the cascading impact on clients like OpenAI, whose users’ trust and operational security may be undermined by the leak. No ransomware was involved, but the scale of exposed data could enable follow-on attacks or reputational harm.

OpenAI User Dismisses Class Action Over Mixpanel Data Breach A proposed class action lawsuit against OpenAI and data analytics provider Mixpanel was voluntarily dismissed in the U.S. District Court for the Northern District of California. The case centered on a data breach that exposed analytics data from OpenAI’s API users, as well as some ChatGPT users who submitted help center tickets or were logged into the API service. The lawsuit, filed by California resident Jon Woodard, alleged that OpenAI and Mixpanel failed to adequately protect user data from hackers. Mixpanel, which OpenAI used for analytics, experienced a cybersecurity incident that triggered the legal action. The dismissal was issued without prejudice, meaning the case could potentially be refiled, with both parties bearing their own legal costs. The breach highlights ongoing concerns about third-party data handling in AI services and the potential risks to user privacy.