Baker Distributing Company had data on approximately 103,000 accounts exposed after the ShinyHunters extortion group published information allegedly taken from the company's SharePoint and Salesforce systems in May 2026.
What happened
According to Have I Been Pwned, in May 2026 the HVAC/R wholesale distributor Baker Distributing Company appeared on the ShinyHunters data extortion group's "pay or leak" site. When no payment was made, the group publicly released the data in early June 2026, claiming it had been obtained from Baker's SharePoint and Salesforce infrastructure.
What was exposed
Reported by HIBP, the published data included approximately 103,000 unique email addresses along with names, physical addresses, phone numbers, and support tickets. The exposed information was described as largely corporate contact and support data with limited sensitivity, relating primarily to Baker's HVAC contractor customer base.
Who is affected
Around 102,935 accounts are affected, according to HIBP. Those impacted appear to be HVAC contractor customers and business contacts of Baker Distributing Company rather than individual consumers.
What to do now
If you are a Baker Distributing customer or business contact, be alert to phishing emails or phone calls that use your name and company details to appear legitimate. Consider reviewing any accounts where you used the same email address. Monitor for unsolicited contact referencing your support history or business relationship with Baker Distributing.