Fluke Corporation Data Breach

Alleged

Ransomware claim involving Fluke Corporation.

Published: Jul 1, 2026 ShinyHunters
Threat Level
High
Confidence: High

Quick Summary

Alleged
Company
Fluke Corporation
Industry
Business Services
Threat Actor
ShinyHunters
Date of Incident
Jul 1, 2026

Executive Summary

Fluke Corporation, a manufacturing company based in the United States, was listed on the ShinyHunters extortion group’s dark web portal on July 1, 2026, according to SOCRadar’s Dark Web Monitoring service. While Fluke operates in the manufacturing sector, which is less common for ShinyHunters, it aligns with the group’s primary geographic focus on the United States. ShinyHunters has been active in targeting the education, healthcare, and business services sectors, with victims also concentrated in the United Kingdom and Netherlands.

Technical Analysis

SOCRadar’s analysis identified an exposure related to the fluke.com domain in their stealer-log telemetry. This exposure contained corporate credentials for identity and SaaS identity-provider endpoints, as well as a third-party service, alongside a significant number of external or consumer accounts on target subdomains. However, it is noted that ShinyHunters’ operations have historically focused on SaaS-tenant credential abuse and social engineering, rather than initial access via stealers. The identified exposure may be coincidental and might not have directly contributed to the listing.