ShinyHunters claims to have breached CarMax, Inc. in the United States, exfiltrating 1.7 GB (compressed) of data comprising 500,000 records as of 24 Jan 2026. The claim implies ransomware activity with potential leakage or public release of the stolen data if a ransom is not paid. #UnitedStates
Incident Details
- Victim: CarMax, Inc.
- Sector: Consumer Services
- Country: US
- Actor: shinyhunters
- Source:
- Discovered: 2026-01-24 00:35:38.718199
- Published: 2025-09-29 11:10:00.000000
Information
- Threat actor: shinyhunters
- Data size: 1.7 GB (compressed)
- Records: 500k
- Updated: 24 Jan 2026
Disclaimer: This post is based on public claims made by the ransomware group "shinyhunters". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.