ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Sysco Data Breach

sysco.com
Significant exposure
Verified breach
Accounts exposed 2,691,852
Breach date 15 Jun 2026
Added to tracker 28 Jun 2026
Data classes 8

What happened

In June 2026, the food distribution company Sysco was targeted by a ShinyHunters "pay or leak" extortion campaign. Data was subsequently published containing 2.7M unique email addresses belonging to staff and customers. The data also contained largely corporate contact information including names, phone numbers, physical addresses, internal job titles, and customer feedback.

Exposed data

Customer feedback Email addresses Employers Job titles Names Phone numbers Physical addresses Usernames

Recommended actions

  • Watch for targeted phishing emails referencing Sysco โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP