What Happened
In January 2026, the notorious cybercriminal group ShinyHunters breached Edmunds.com, a major American car-shopping platform, exposing sensitive user data including 146,000 to millions of records totaling approximately 12GB of compressed data. The leaked information included usernames, email addresses, passwords, and vehicle reports from 2018 to 2022. According to Cybernews researchers, the data sample appeared legitimate, with some passwords encrypted using base64 hashes while others remained unhashed. The breach was discovered and posted on underground forums like Breachforums.bf on January 25-26, 2026, and ShinyHunters claimed the intrusion was unrelated to their simultaneous attacks on Panera Bread and CarMax. The exposed credentials pose significant risks to affected users, including account takeover, credential stuffing on other services, phishing attacks, and identity theft.
