What Happened
In the May 2026 bcdtravel.com (BCD Travel) data breach, the corporate travel management company was reportedly compromised as part of the ShinyHunters “pay or leak” extortion campaign, with attackers claiming to have exfiltrated over 30 GB of data including more than 700,000 Salesforce records and data from multiple SharePoint environments, such as internal corporate documents, customer records, and business-related data. According to breach aggregators drawing on the leaked dataset, the exposed information included names, email addresses, physical addresses, phone numbers, employers, job titles, and support ticket data, affecting approximately 396,000 unique email addresses in one corpus and around 803,799 rows in another related dataset. The breach is reported to have occurred in May 2026, with data subsequently published in early June 2026, and it impacted BCD Travel’s corporate and customer-related data rather than passwords, which were not listed among the compromised fields.
