A ransomware claim reports that Ameriprise Financial, Inc., in the United States, Salesforce records containing PII and over 200GB compressed SharePoint internal corporate data have been compromised by the threat actor shinyhunters. It is a final warning to contact by 25 March 2026 to prevent leaks and related digital problems #UnitedStates
Incident Details
- Victim: Ameriprise Financial, Inc.
- Sector: Financial Services
- Country: US
- Actor: shinyhunters
- Source:
- Discovered: 2026-03-22 21:09:04.059634
- Published: 2026-03-22 21:09:01.405647
Information
- Ameriprise Financial, Inc.
- US
- Actor: shinyhunters
- Salesforce records containing PII compromised
- Over 200GB of compressed SharePoint internal corporate data compromised
- Final warning to be contacted by 25 Mar 2026 or data will be leaked
- Threat of additional digital disruptions if contact is not made
- Message: βMake the right decision, donβt be the next headline.β
- Updated: 23 Mar 2026 β Warning: FINAL WARNING
Disclaimer: This post is based on public claims made by the ransomware group "shinyhunters". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.