Advertisement Advertisement Skip to content
Home About the Author Advertising/Speaking Please Don’t Feed the Scattered Lapsus ShinyHunters February 2, 2026 26 Comments A prolific data ransom gang calling itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening, and even contacting law enforcement against executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims reportedly are paying — perhaps as much to contain the stolen data as to stop the escalating personal attacks. But a top SLSH expert warns that engaging at all beyond a “We’re not paying” response only encourages further harassment, noting that the group’s fractious and unreliable history means the only winning move is not to pay.
Please Don’t Feed the Scattered Lapsus ShinyHunters
Summary: The Scattered Lapsus ShinyHunters (SLSH) are a notorious data ransom gang known for their aggressive tactics and unreliable behavior. They harass, threaten, and even contact law enforcement against the executives of victim firms to force payment. Experts warn that engaging with SLSH only encourages further harassment.
Key facts
- SLSH uses aggressive tactics like harassment and contacting law enforcement to extort payments from victim firms.
- Experts warn that engaging with SLSH only encourages further harassment and is not in the best interest of victims.
- Victims are often notified by SLSH about data breaches through threats made on public Telegram channels.
Why it matters
The Scattered Lapsus ShinyHunters’ aggressive tactics can lead to significant disruption for victim firms, including personal attacks on executives and their families. Engaging with this gang only exacerbates these issues, making it crucial for organizations to maintain a firm stance of non-payment.
Key metrics
- Number of known SLSH members: Unknown (The exact number is not specified in the source article, but multiple experts have identified and tracked individual members.)
- Victims affected by recent attacks: Multiple companies (Several victim organizations have reported breaches stemming from SLSH's latest round of attacks as of January 30, 2026.)