// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-newsDTG 0600Z
ColdRecon / Breach Radar / Cushman & Wakefield
Breach Record

Cushman & Wakefield

DISCLOSED 2026-05-25 · RANSOMWARE · RANSOMWARE

Real estate firm Cushman & Wakefield was targeted by two ransomware groups, ShinyHunters and Qilin, in a double extortion attack. The incident involved an access broker and resulted in data theft and encryption. Details on the breach date, exposed records, and initial access vector are not provided.

The record

What we know

Disclosed
2026-05-25
Attack vector
Ransomware
Sector
real estate
RANSOMWARE ENDPOINT INVOLVED
ColdRecon assessment

Could a positive-security control have prevented this?

Verdict · unclear · opinion

The article does not detail the initial access method or whether the ransomware executed on endpoints, so it is unclear if a positive-security model would have prevented the attack.

Our assessments are opinion, grounded in the cited public facts. Read them critically.

Sources

Cited reporting

Similar vector · recent

Other ransomware breaches on file

This page is the permanent ColdRecon entry for the Cushman & Wakefield disclosure. It updates if new public reporting emerges. All tracked breaches →

Cushman & Wakefield just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →