Cyber-crime Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak Names, phone numbers, physical addresses also included in Shiny Hunters alleged data dump Connor Jones Tue 28 Apr 2026 // 14:15 UTC Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations. Data breach tracker Have I Been Pwned (HIBP) confirmed the breach on April 27, with 8.2 million unique email addresses included in the dump alongside names, phone numbers, and physical addresses. A smaller subset of the entire data trove pertained to company employment records, which included job titles. Murder, she wrote: Ex-FBI chief wants some ransomware crims charged with homicide READ MORE The Register contacted Pitney Bowes for more information. Attempts to reach its press-specific email addresses led to bouncebacks. Its investor relations contact is active, but did not immediately respond to our request. Pitney Bowes may not be a household name, but it's a substantial US-based tech firm producing shipping software and mailing technologies used in everyday shipping centers. The company claims more than 600,000 clients worldwide and posted $1.9 billion in revenue in 2025. ShinyHunters has been on a tear in recent weeks, with HIBP tracking and verifying the group's claims as they land. Confirmed cases include Grand Theft Auto developer Rockstar Games and physical security giant ADT , while the list of companies it claims to have attacked is considerably longer. In just the past week, the cybercrime collective has claimed responsibility for attacks on the likes of Udemy, Carnival Cruises , and the Asian Football Confederation, allegedly leaking tens of thousands of professional footballers' personal information and document scans. The Register asked the Asian Football Confederation for comment yesterday, though it has yet to respond. Two different attackers poisoned popular open source tools - and showed us the future of supply chain compromise US cybercrime losses pass $20B for first time as AI boosts online fraud Researchers didn't want to glamorize cybercrims. So they roasted them Jaguar Land Rover's cyber bailout sets worrying precedent, watchdog warns Prior to the latest wave of breaches, ShinyHunters was also behind the attacks on Match Group and Dutch telco Odido. The group also told The Register in March that it accessed the data belonging to nearly 400 companies via a Salesforce breach. Some of you may remember that ShinyHunters was also (partly) behind the sprawling attacks on Salesloft Drift last year – as it worked in tandem with other crime crews as Scattered Lapsus$ Hunters – and hundreds more Salesforce customers later in 2025. ® Share More about Cybercrime Data Breach More like these × More about Cybercrime Data Breach Narrower topics NCSC Broader topics Security More about Share POST A COMMENT More about Cybercrime Data Breach More like these × More about Cybercrime Data Breach Narrower topics NCSC Broader topics Security TIP US OFF Send us news