LAST UPDATED Loading...

ShinyHunters Adds Ingram Content Group and Fluke Corporation to Leak Site

ShinyHunters has listed Ingram Content Group and Fluke Corporation on its leak site, alleging failed ransom negotiations and claiming to hold more than 21 million Salesforce records from Fluke.
ShinyHunters leak site showing new listings for Ingram Content Group and Fluke Corporation, alleging failed ransom negotiations, with Fluke claimed to involve more than 21 million Salesforce records.
ShinyHunters added Ingram Content Group and Fluke Corporation to its leak site, alleging negotiations failed and claiming the theft of corporate data, including more than 21 million Salesforce records from Fluke.

The ShinyHunters extortion group has added Ingram Content Group and Fluke Corporation to its data leak site, alleging both organizations failed to reach ransom agreements following alleged cyberattacks.

The new entries appeared on July 2, 2026. In both listings, ShinyHunters claims the companies declined to negotiate despite what it described as multiple opportunities to reach an agreement. BreachNews has not independently verified the group’s claims or the authenticity of any purportedly stolen data.

Ingram Content Group listed after alleged failed negotiations

ShinyHunters claims Ingram Content Group did not reach a settlement after an extended negotiation process. The leak listing does not specify the amount of data allegedly stolen or identify the types of information purportedly affected.

Ingram Content Group is a major U.S. provider of book distribution, print-on-demand, publishing services, and digital content logistics, serving publishers, booksellers, libraries, and educational institutions worldwide.

Fluke listing claims 21 million Salesforce records

The posting for Fluke Corporation includes more detailed allegations. ShinyHunters claims to have stolen more than 100 GB of data, including over 21 million Salesforce records containing personally identifiable information (PII).

The group did not provide evidence sufficient for BreachNews to independently verify the scope or contents of the alleged dataset. Salesforce environments commonly contain customer, sales, and support information depending on how an organization configures the platform.

Fluke Corporation manufactures electronic testing and measurement equipment used by industrial, electrical, healthcare, and engineering organizations around the world.

Double extortion continues

The publication of alleged stolen data following unsuccessful negotiations reflects the continued use of double-extortion tactics, in which ransomware groups attempt to pressure victims by publicly leaking or threatening to sell stolen information after ransom demands are rejected.

Neither Ingram Content Group nor Fluke Corporation had issued any public statement regarding the alleged incidents at the time of publication.

BreachNews will post updates if either organization confirms the incidents, disputes the claims, or additional evidence becomes available.

Picture of m00s3c

m00s3c

Moose (@m00s3c) is the author of BreachNews, focusing on data breach intelligence, dark web monitoring, and threat analysis. His work involves analyzing breach claims, reviewing leaked datasets, and tracking threat actor activity to provide clear, factual reporting.

Latest News

Newsletter signup

Get the latest data breach and security news.

Please wait...

Thank you for signing up!

BREACHNEWS.COM/SUPPORT/

Support Independent News.

Help support breach monitoring, investigations, infrastructure, and reporting.

Support the site
INTEL.BREACHNEWS.COM

Live Cyber
Threat Map

Explore live cyber activity, recent breach reports, KEV alerts, and public threat feeds from a single interactive dashboard.

Launch Threat Map