Aman
What was exposed
Dates of birthEmail addressesGendersLanguage preferencesNamesNationalitiesPhone numbersPhysical addressesSpouses namesVIP statuses
What to do if you were affected
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Watch for text-message phishing and SIM-swap attempts on your phone number.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In April 2026, the ultra-luxury hotel brand Aman was named by ShinyHunters as the target of a "pay or leak" extortion campaign , with the data allegedly obtained from their Salesforce CRM. The data was subsequently leaked publicly and contained over 200k unique email addresses. Whilst not present on all records, the data also included genders, physical addresses, phone numbers, nationalities, dates of birth, spouse names and VIP status codes.
Frequently asked questions
What is the Aman data breach?
In April 2026, the ultra-luxury hotel brand Aman was named by ShinyHunters as the target of a "pay or leak" extortion campaign , with the data allegedly obtained from their Salesforce CRM. The data was subsequently leaked publicly and contained over 200k...
When did the data breach happen?
This data breach occurred around April 2026.
How many accounts were affected?
Around 215,563 accounts were affected.
What information was exposed?
Exposed data included Dates of birth, Email addresses, Genders, Language preferences, Names, Nationalities, Phone numbers and Physical addresses.
What should I do if I was affected?
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches