THREAT OPS › Threat News › [Breach] JCPenney — 368,418 accounts exposed
[Breach] JCPenney — 368,418 accounts exposed
Breached service: JCPenney Domain: jcpenny.com Accounts exposed: 368,418 Breach date: 2026-06-12 Added to HIBP: 2026-06-20T03:02:45Z Data classes leaked: Dates of birth, Email addresses, Government issued IDs, Job titles, Names, Phone numbers, Physical addresses, Usernames Description: In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion cam
MITRE ATT&CK techniques
- Email AddressesT1589.002
Indicators of compromise
- jcpenny.comdomain
Original source: https://haveibeenpwned.com/PwnedWebsites#JCPenney