American Tower had data on over 216,000 employees, contractors, customers, and leads exposed after a ShinyHunters extortion campaign in June 2026.
What happened
According to Have I Been Pwned, in June 2026 the ShinyHunters hacking group targeted American Tower, a telecommunications tower infrastructure company, with a "pay or leak" extortion campaign. When the company did not comply, the group published data allegedly taken from American Tower's systems.
What was exposed
Reported by HIBP, the published data contained more than 200,000 unique email addresses along with names, physical addresses, phone numbers, and job titles.
Who is affected
According to HIBP, the exposed records belong to a mix of American Tower employees, contractors, customers, and sales leads — totaling approximately 216,601 accounts.
What to do now
If you have ever interacted with American Tower as an employee, contractor, or customer, assume your contact details may be exposed. Be alert for phishing emails or phone calls that use your name or job title to appear legitimate. Consider using a unique email alias for business communications going forward, and report any suspicious contact attempts to your email provider or employer's security team.