Zara Data Breach Impacts Nearly 200,000 Customers

ShinyHunters leveraged stolen Anodot authentication tokens in April 2026 to access downstream BigQuery and Snowflake instances, exfiltrating a reported 140GB of data and impacting organizations including Zara/Inditex and Instructure; the group publicized leaks (support tickets, emails, student IDs) and used portal defacements and ransom threats to pressure victims.