// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
ColdRecon / Breach Radar / Cushman & Wakefield
Breach Record

Cushman & Wakefield

DISCLOSED 2026-05-05 · STOLEN CREDS · 310,431 RECORDS EXPOSED

In May 2026, the real estate services firm Cushman & Wakefield was the target of a "pay or leak" extortion campaign by the ShinyHunters group. Following the threat, the group publicly published data they alleged had been obtained from the firm, consisting mostly of C&W email addresses along with tens of thousands of external email addresses and corporate contact records....

The record

What we know

Disclosed
2026-05-05
Attack vector
Stolen Creds
Records exposed
310,431
Domain
cushmanwakefield.com
Data classes exposed
Email addressesJob titlesNamesPhone numbersPhysical addressesSalutations
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Cushman & Wakefield disclosure. It updates if new public reporting emerges. All tracked breaches →

Cushman & Wakefield just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →