By Waqas
Publication Date: 2026-04-02 19:43:00
The threat group known as ShinyHunters has issued what it calls a final warning to Cisco (Cisco Systems, Inc.), setting a deadline of April 3, 2026, before it begins leaking data it claims to have stolen. The message appeared on the group’s dark web leak site, where it has already been publishing data linked to earlier Salesforce-related incidents affecting companies worldwide.
According to the post, the group claims access to data from three separate breach paths, identified as UNC6040, Salesforce Aura, and compromised AWS accounts. In total, it alleges more than three million Salesforce records were taken, along with personally identifiable information, GitHub repositories, AWS storage buckets, and internal corporate data.
The group has described the warning as final and warns Cisco to make contact before the stated deadline, adding that failure to do so will lead not only to data leaks but also unspecified “digital problems.”