ShinyHunters leaks 33 million Twilio Authy phone numbers, Neiman Marcus and Truist Bank data

ShinyHunters hackers have claimed responsibility for three high-profile data breaches at Neiman Marcus, Truist Bank, and Twilio Authy, compromising the personal information of millions of users and tens of thousands of employees.

The notorious hacker group ShinyHunters, known for their recent Ticketmaster data leakhas struck again with a series of new attacks. This time, they targeted Neiman Marcus, a renowned American luxury department store chain based in Dallas, Texas, as well as Truist Financial Corporation, a large bank holding company based in Charlotte, North Carolina, and extracted 33 million phone numbers from Twilio's Authy service.

Data leak at Neiman Marcus

On Thursday, June 27, 2024, ShinyHunters launched the Neiman Marcus database on the Breach Forums Cybercrime platform. In their post, the hackers criticized Neiman Marcus for not paying a “small fee to delete” the database, referring to the common ransom tactic: “Pay to have the data deleted or don't pay and risk a leak.”

“Neiman Marcus did not pay the small fee for the deletion and hid behind legal terms they invented. So we decided that Neiman Marcus can instead pay a penalty of $200 million and we will provide the hottest base (of the hour) for free.”


As seen by, the leaked Neiman Marcus database contains personal information of over 40 million customers, including 29.7 million unique email addresses. The compromised data includes the following information:

  • Full names
  • IP addresses
  • Dates of birth
  • Telephone numbers
  • Payment histories
  • Account balances
  • Payment card details
  • Payment Methods
  • physical addresses
  • Browser user agent details
  • Gift card numbers (without PINs)

and much more…

In a Data breach notification Neiman Marcus, filed with the Maine Attorney General's Office, confirmed the incident and blamed Snowflake, a cloud computing-based data company. According to the report, the data breach occurred between April and May 2024, and affected customers were notified on June 24, 2024.

ShinyHunters announces and reveals the Neiman Marcus database in the Breach forums (Screenshot:

Truist Bank Employee Database

On Thursday, June 27, 2024, ShinyHunters leaked another database on Breach Forums, this time owned by Truist Bank, or Truist Financial Corporation, an American bank holding company headquartered in Charlotte, North Carolina.

It is important to note that the database only contains employee information; customers were not affected. According to the hacker group, the data breach occurred in October 2023 and the database contained 79,000 unique email addresses of the bank's employees. Other data included in the leak includes the following:

  • Job titles
  • Full names
  • Dates of birth
  • Telephone numbers
  • Account balances
  • Partial credit card data

And more…

Like Neiman Marcus, Truist Bank has also admitted to the breach. The company released the following statement:

“In October 2023, we experienced a cybersecurity incident that was quickly contained… Working with third-party security advisors, we conducted a thorough investigation, took additional steps to secure our systems, and notified a small number of customers last fall.”

However, this is not the first time Truist Bank has suffered a data breach. In December 2021 confirmed a security incident in which hackers managed to steal customer names and other personal identifiers in combination, including the Social Security Number (SSN).

ShinyHunters leaks 33 million Twilio Authy phone numbers, Neiman Marcus and Truist Bank data
ShinyHunters reveal and expose the Truist Bank database in breach forums (Screenshot:

Twilio Authy Phone Numbers

On Thursday, June 27, 2024, ShinyHunters leaked another dataset. This time it was 33 million phone numbers from Twilio Authy, a two-factor authentication (2FA) service provided via a free mobile app.

ShinyHunters leaks 33 million Twilio Authy phone numbers, Neiman Marcus and Truist Bank data
ShinyHunters post and disclose Twilio Authy phone numbers in breach forums (Screenshot:

In response to the group's allegations, Twilio announced on July 1, 2024 accepted that threat actors were able to access data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint. However, the company said there was no evidence that the hackers gained access to Twilio's systems or other sensitive data.

Twilio urges users to update their Twilio Authy app on iOS and Android to the latest version. The American cloud communications giant also advises its users to be vigilant against smishing (SMS phishing) and phishing attacks.

Nevertheless, all three data breaches expose unsuspecting users and employees to various cybersecurity and physical threats. Users and employees of Twilio, Neiman Marcus and Truist Bank should change their passwords for all services, enable 2FA through another service and be vigilant against malicious emails and Social media fraud cases target them.

  1. BreachForums returns among ShinyHunters hackers
  2. Suspected member of hacker group ShinyHunters arrested
  3. ShinyHunters hacks Santander Bank: 30 million user data for sale
  4. ShinyHunters leak database of Indian wedding site WedMeGood
  5. AT&T data leak: ShinyHunters sells AT&T database with 70 million SSNs