Hallmark Suffers Alleged Breach, 1.7M Accounts Exposed
Hallmark, the greeting card and media giant, reportedly fell victim to an alleged data breach in March 2026, leading to an extortion attempt. According to Have I Been Pwned, attackers gained access to data stored within Salesforce, a widely used CRM platform. When the extortion deadline passed without payment, the compromised data was subsequently published.
The breach exposed a significant trove of personal information from approximately 1.7 million unique accounts. This includes email addresses associated with both Hallmark and its streaming service, Hallmark+. Beyond emails, names, phone numbers, physical addresses, and even support tickets were compromised. This incident underscores the persistent threat of data exfiltration and the subsequent pressure tactics, like extortion, that often follow.
What This Means For You
- If you have a Hallmark or Hallmark+ account, your personal data, including email, name, phone, and address, may be exposed. You should immediately change your password for Hallmark and any other services where you might have reused that password. Stay vigilant for phishing attempts or other social engineering tactics that leverage this exposed information.
๐ก๏ธ Detection Rules
2 rules ยท 5 SIEM formats2 auto-generated detection rules for this incident, mapped to MITRE ATT&CK. Available in Sigma, Splunk SPL, Sentinel KQL, Elastic Lucene, and QRadar AQL.
Monitor Authentication from Breached Vendor โ Hallmark
Get this rule in your SIEM's native format โ copy, paste, detect. No manual conversion.
2 Sigma rules mapped to the ATT&CK techniques from this breach โ pick your SIEM and get a ready-to-paste query.
Get Detection Rules โRelated Posts
My Lovely AI Breach Exposes User Prompts and NSFW Content
Have I Been Pwned is reporting a significant data breach affecting the NSFW AI girlfriend platform, My Lovely AI. The incident, which occurred in April...
Crunchyroll Breach Exposes Millions of User Support Data
The popular anime streaming service Crunchyroll has been implicated in a significant data breach, with reports indicating that approximately 1.2 million accounts were compromised. While...
๐ New breach: SongTrivia2 - 291,739 breached accounts
๐ New breach: SongTrivia2 - 291,739 breached accounts In April 2026, the music trivia platform SongTrivia2 suffered a data breach that was subsequently published to...