Data attributed to Hallmark has been published on a leak site and separately listed for sale on a cybercrime forum, according to findings from security researchers.
The exposure follows earlier claims linked to the group ShinyHunters, which had previously threatened to release a large dataset associated with the company. Earlier reporting indicated that the group claimed to hold nearly 8 million records and issued a deadline for response before publishing the data.
Researchers stated that the dataset published on the leak site and the data offered for sale on the forum appear to originate from the same source. Analysis of samples from both locations showed matching content, suggesting a single breach rather than multiple unrelated incidents.
The data samples reviewed include both customer and internal company information. According to the analysis, limited records shared on the forum contain metadata, account-related flags, home addresses, and, in some cases, phone numbers. Additional entries appear to come from customer feedback forms and include ratings, comments, and associated metadata.
The larger dataset published on the leak site is described as more extensive. Researchers reported that it includes customer email addresses, corporate email accounts, employee names, and information about internal departments. The dataset also contains business-related details such as operating hours and customer support ticket records.
The listing on the hacking forum advertises what appears to be the same dataset, with samples provided to potential buyers. Researchers stated that these samples align with the information found in the leaked dataset, reinforcing the assessment that both exposures are linked.
No public confirmation of the breach has been issued by Hallmark. The combination of customer and internal organisational data increases the range of possible misuse scenarios, according to the analysis. Researchers stated that datasets containing both types of information can be used in fraud and credential-related campaigns when combined with other previously exposed data.