ShinyHunters is a financially motivated criminal extortion group that emerged on dark web forums in May 2020, offering millions of stolen user records from more than a dozen companies in a single two-week burst. Believed to have formed as early as 2019, the group operates under a pay-or-leak model: breach an organization, issue a private ransom demand, and publish or auction the stolen data if payment is refused. That model, refined over six years, has made ShinyHunters one of the most prolific data theft operations on record, with attributed breaches spanning retail, finance, aviation, education, defense contracting, telecommunications, and sovereign government infrastructure.

A working reference for the language of modern cybersecurity — organized by threat surface and defensive domain. Definitions are written for security professionals, technical managers, and informed practitioners who need precision without padding. Threat Actors and Motivation Advanced Persistent Threat (APT) A sophisticated, long-duration cyberattack campaign — typically state-sponsored — characterized by stealth, patience, and a specific high-value target. APT actors infiltrate networks and maintain persistent access for months or years before executing their objective.