Data Breach

ZenBusiness Data Breach March 2026 - What Was Exposed and What To Do

5,118,184 records exposed

The ZenBusiness data breach exposed 5,118,184 records including Email addresses, Names, Phone numbers. This breach has been verified by HaveIBeenPwned. Affected users should check HaveIBeenPwned.com and take immediate steps to protect their accounts.

What Happened

In March 2026, the hacker and extortion group "ShinyHunters" claimed to have obtained a substantial corpus of data from ZenBusiness, a business formation and compliance platform. The group claimed the data had been exfiltrated from platforms including Snowflake, Mixpanel and Salesforce, and threatened to publish it if a ransom was not paid. The following month, after claiming payment had not been made, ShinyHunters publicly released the data. The collection amounted to many terabytes across thousands of files that appeared to originate from multiple systems and business functions, including leads, support records and other CRM-related data. The data contained approximately 5M unique email addresses, often accompanied by name and phone number depending on the source file.

Breach date
2026-03-27
Records affected
5,118,184
Verified
Yes
Domain
zenbusiness.com

What Was Exposed

The following data types were included in the breach:

  • Email addresses
  • Names
  • Phone numbers

What You Should Do

If you had an account with ZenBusiness, take these steps immediately:

  1. Check if your account was affected at HaveIBeenPwned.com
  2. Watch for phishing emails that reference the breach or impersonate the affected company
  3. Be alert for social engineering attempts using your exposed personal information
  4. Enable two-factor authentication on the affected service if available
  5. Consider using a password manager to generate unique passwords for each service

FAQ

Was my data in the ZenBusiness breach?
Check HaveIBeenPwned.com to see if your email address was included in the ZenBusiness breach. The breach exposed 5,118,184 records containing Email addresses, Names, Phone numbers.
What should I do if my data was exposed in the ZenBusiness breach?
Change your password on the affected service immediately. Enable two-factor authentication. If financial data or government IDs were exposed, place a fraud alert with credit bureaus and monitor your accounts for unauthorized activity.
When did the ZenBusiness data breach happen?
The ZenBusiness breach occurred on 2026-03-27. It was added to the HaveIBeenPwned database on 2026-05-02. The breach affected 5,118,184 accounts.

Need Incident Response?

Sherlock Forensics investigates data breaches for organizations. We determine scope of exposure, identify attack vectors, preserve evidence for legal proceedings and help you meet notification requirements.

Get Incident Response Help