// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
Breach Record

Aman

DISCLOSED 2026-04-20 · STOLEN CREDS · 215,563 RECORDS EXPOSED

In April 2026, the ultra-luxury hotel brand Aman was named by ShinyHunters as the target of a "pay or leak" extortion campaign, with the data allegedly obtained from their Salesforce CRM. The data was subsequently leaked publicly and contained over 200k unique email addresses. Whilst not present on all records, the data also included genders, physical addresses, phone...

The record

What we know

Disclosed
2026-04-20
Attack vector
Stolen Creds
Records exposed
215,563
Domain
aman.com
Data classes exposed
Dates of birthEmail addressesGendersLanguage preferencesNamesNationalitiesPhone numbersPhysical addressesSpouses namesVIP statuses
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Aman disclosure. It updates if new public reporting emerges. All tracked breaches →

Aman just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →