The Aman data breach exposed 215,563 records including Dates of birth, Email addresses, Genders, Language preferences, Names, Nationalities, Phone numbers, Physical addresses, Spouses names, VIP statuses. This breach has been verified by HaveIBeenPwned. Affected users should check HaveIBeenPwned.com and take immediate steps to protect their accounts.
What Happened
In April 2026, the ultra-luxury hotel brand Aman was named by ShinyHunters as the target of a "pay or leak" extortion campaign, with the data allegedly obtained from their Salesforce CRM. The data was subsequently leaked publicly and contained over 200k unique email addresses. Whilst not present on all records, the data also included genders, physical addresses, phone numbers, nationalities, dates of birth, spouse names and VIP status codes.
- Breach date
- 2026-04-20
- Records affected
- 215,563
- Verified
- Yes
- Domain
- aman.com
What Was Exposed
The following data types were included in the breach:
- Dates of birth
- Email addresses
- Genders
- Language preferences
- Names
- Nationalities
- Phone numbers
- Physical addresses
- Spouses names
- VIP statuses
What You Should Do
If you had an account with Aman, take these steps immediately:
- Check if your account was affected at HaveIBeenPwned.com
- Watch for phishing emails that reference the breach or impersonate the affected company
- Be alert for social engineering attempts using your exposed personal information
- Enable two-factor authentication on the affected service if available
- Consider using a password manager to generate unique passwords for each service
FAQ
Was my data in the Aman breach?
What should I do if my data was exposed in the Aman breach?
When did the Aman data breach happen?
Need Incident Response?
Sherlock Forensics investigates data breaches for organizations. We determine scope of exposure, identify attack vectors, preserve evidence for legal proceedings and help you meet notification requirements.
Get Incident Response Help