01642 06 11 11 Arrange Call

Kemper Breach

Breached: Email addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases.

Kemper Breach Details

Domain: kemper.com
Breach Date: 15 April 2026

In April 2026, the American insurance holding company Kemper Corporation was named by the ShinyHunters ransomware group in a "pay or leak" extortion campaign. The attackers allegedly accessed Kemper's Salesforce environment via social engineering as part of a broader campaign targeting hundreds of organisations using the same method. The group later published tens of gigabytes of data they claimed included internal directory data, Salesforce records and Stripe payment logs. Among the 269k unique email addresses were names, phone numbers, physical addresses and partial payment card data including the last 4 digits, expiry dates and card brands. Kemper confirmed the incident and stated they had engaged third-party cybersecurity experts and notified law enforcement.

Breached Data:
• Email addresses
• Names
• Partial credit card data
• Phone numbers
• Physical addresses
• Purchases

Check Email Address

Similar Breaches