ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Baker Distributing Data Breach

bakerdist.com
Limited exposure
Verified breach
Accounts exposed 102,935
Breach date 23 May 2026
Added to tracker 07 Jun 2026
Data classes 5

What happened

In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site. In early June, the group publicly published data they claimed had been obtained from Baker's SharePoint and Salesforce infrastructure including 103k unique email addresses along with names, physical addresses, phone numbers and tickets relating to the company's HVAC contractor customer base. The exposed data was largely corporate contact and support information with limited sensitivity.

Exposed data

Email addresses Names Phone numbers Physical addresses Support tickets

Recommended actions

  • Watch for targeted phishing emails referencing Baker Distributing โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP