The ShinyHunters extortion group has added Ingram Content Group and Fluke Corporation to its data leak site, alleging both organizations failed to reach ransom agreements following alleged cyberattacks.
The new entries appeared on July 2, 2026. In both listings, ShinyHunters claims the companies declined to negotiate despite what it described as multiple opportunities to reach an agreement. BreachNews has not independently verified the group’s claims or the authenticity of any purportedly stolen data.
Ingram Content Group listed after alleged failed negotiations
ShinyHunters claims Ingram Content Group did not reach a settlement after an extended negotiation process. The leak listing does not specify the amount of data allegedly stolen or identify the types of information purportedly affected.
Ingram Content Group is a major U.S. provider of book distribution, print-on-demand, publishing services, and digital content logistics, serving publishers, booksellers, libraries, and educational institutions worldwide.
Fluke listing claims 21 million Salesforce records
The posting for Fluke Corporation includes more detailed allegations. ShinyHunters claims to have stolen more than 100 GB of data, including over 21 million Salesforce records containing personally identifiable information (PII).
The group did not provide evidence sufficient for BreachNews to independently verify the scope or contents of the alleged dataset. Salesforce environments commonly contain customer, sales, and support information depending on how an organization configures the platform.
Fluke Corporation manufactures electronic testing and measurement equipment used by industrial, electrical, healthcare, and engineering organizations around the world.
Double extortion continues
The publication of alleged stolen data following unsuccessful negotiations reflects the continued use of double-extortion tactics, in which ransomware groups attempt to pressure victims by publicly leaking or threatening to sell stolen information after ransom demands are rejected.
Neither Ingram Content Group nor Fluke Corporation had issued any public statement regarding the alleged incidents at the time of publication.
BreachNews will post updates if either organization confirms the incidents, disputes the claims, or additional evidence becomes available.












