Aman, an ultra-luxury hotel brand, suffered a data breach in April 2026 when ShinyHunters obtained customer records from their Salesforce CRM and later leaked them publicly.
What happened
According to Have I Been Pwned, the ultra-luxury hotel brand Aman was targeted by ShinyHunters in April 2026 as part of a "pay or leak" extortion campaign. The threat actor allegedly obtained the data from Aman's Salesforce CRM system. The data was subsequently leaked publicly.
What was exposed
The breach exposed over 200,000 unique email addresses and additional personal information. According to the source, exposed data included names, dates of birth, genders, physical addresses, phone numbers, nationalities, spouse names, language preferences, and VIP status codes, though not all fields were present on every record.
Who is affected
Approximately 215,563 Aman customer accounts were affected by the breach.
What to do now
Affected individuals should monitor their accounts for suspicious activity and consider changing passwords if they reused credentials elsewhere. Those concerned about their personal information should watch for phishing attempts and unsolicited contact from parties claiming to have access to their data.