Ransom! JCPenney & several other subsdiaries under Catalyst Brands & Authentic Brands Group (JUN-2026)

Ransom! JCPenney & several other subsdiaries under Catalyst Brands & Authentic Brands Group (JUN-2026)

JCPenney, along with several subsidiaries of Catalyst Brands and Authentic Brands Group in the US, was targeted by the ransomware threat actor shinyhunters, with hundreds of thousands of records exposed, including PII such as SSNs and DOBs, W-2 tax records, pay data, and scans of government-issued identity documents (e.g., driver’s licenses). A final warning was issued on 12 June 2026 demanding contact by 15 June 2026 to prevent data leakage and associated disruptions. #UnitedStates

Incident Details

Information

  • Hundreds of thousands of records containing sensitive personal information were compromised, including SSNs, dates of birth, W-2 tax records, pay data, and physical scans of government identity documents such as driver’s licenses.
  • A final warning was issued to make contact by 15 June 2026 to prevent the information from being leaked.
  • The threat included additional disruptive digital actions if demands were not met.
  • Updated: 12 June 2026
  • Warning: FINAL WARNING PAY OR LEAK.

Disclaimer: This post is based on public claims made by the ransomware group "shinyhunters". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.

monitored by: ransomware.live