Jun 21, 2026 · 6 min read
ShinyHunters Dumps MSG's Facial Recognition Files
After Madison Square Garden missed a June 15 ransom deadline, ShinyHunters published 45GB of internal data — including biometric surveillance logs that rate celebrities as "high risk" or "low risk" with no documented criteria, VIP dossiers, and the personal data of what the group claims are 26 million people.
Madison Square Garden Entertainment has been secretly categorizing everyone who walks through its doors — celebrities, athletes, fans — inside a facial recognition system that assigns them internal risk scores. On June 16, 2026, those files became public. ShinyHunters exfiltrated 45 gigabytes of MSG data on June 5, set a ransom deadline of June 15, and published when MSG went silent. The dump includes biometric surveillance records, internal threat assessments, VIP dossiers with fields for "claim to fame" and "cost of talent," and customer complaints about the very facial recognition cameras that collected their data. A class action lawsuit was filed the same day.
Key Takeaways
- ShinyHunters published 45GB of MSG data on June 16, 2026, one day after MSG missed the group's ransom deadline.
- The dump contains facial recognition surveillance files and biometric tracking logs — not just customer PII — including internal risk ratings that classify celebrities as "low risk" or "high risk" with no documented criteria.
- Actor Ben Stiller is labeled "low risk" in the leaked files; rapper A Boogie wit da Hoodie is labeled "high risk" — neither has been told what behavior or attribute triggered the classification.
- ShinyHunters claims 26 million records; the verified sample includes VIP dossiers with "cost of talent" pricing and representative contact details.
- This is MSG's second major breach in 2026: a Cl0p attack via Oracle E-Business Suite between August and December 2025 already exposed 131,070 Social Security numbers.
What Did ShinyHunters Actually Steal?
The published dump goes well beyond the customer PII typical of retail breaches. According to The Next Web's analysis and 404 Media's reporting, the files contain:
- Facial recognition surveillance records and biometric tracking logs tied to individual identities
- Internal threat assessments classifying attendees by risk level
- Background check information on individuals flagged by MSG security
- VIP dossiers with structured fields for "claim to fame," "cost of talent," and direct representative contact details
- Customer emails in which fans expressed concern about being misidentified by MSG's facial recognition cameras — complaints MSG collected and stored alongside the biometric data itself
- Contact information for sports talent including former Knicks players and coaches
The celebrity risk ratings are particularly striking. Ben Stiller, a longtime Knicks fan, appears in the files as "low risk." A Boogie wit da Hoodie appears as "high risk." Neither classification comes with documented reasoning. MSG has not explained what inputs drive the ratings, what threshold separates the categories, or who reviews them.
Why Did MSG Have Facial Recognition Data in the First Place?
MSG has operated a facial recognition system at its venues since at least 2018. The program drew national attention in 2022 and 2023 when MSG used it to identify and physically remove attorneys whose law firms were involved in active litigation against the company — a practice that New York Attorney General Letitia James publicly criticized and that initially led a state court to rule the technology had been misused. An appeals court later reversed that ruling on narrower procedural grounds, leaving the surveillance program in place.
The leaked files suggest the system's scope is broader than previously understood. Risk ratings for celebrities and athletes — people who attend games but are not parties to any litigation — indicate MSG built a general purpose behavioral classification layer on top of its identification infrastructure. Fans who complained about being misidentified were not removed from the database. Their complaints were filed alongside their biometric records.
No one who attended a Knicks or Rangers game consented to being assigned a risk score. New York's Biometric Identifier Information Law (§ 25-a of the New York City Administrative Code) requires written consent before collecting biometric data. Whether MSG obtained that consent — or whether the consent disclosures were adequate — is now a central question in the class action filed June 16 in the Southern District of New York: Avalos v. MSG Entertainment Corp.
How Does the ShinyHunters Extortion Playbook Work?
ShinyHunters does not typically attack primary targets directly. The group identifies vendor systems and unpatched infrastructure that large organizations depend on, gains access through those weaker entry points, exfiltrates data, sets a deadline, and publishes when payment does not arrive. The MSG breach fits this pattern precisely: the intrusion was detected June 5, the group set June 15 as the deadline, and the dump appeared June 16.
The group's 2026 campaign has been unusually prolific. In March, ShinyHunters claimed 350 gigabytes from 42 European Commission internal clients. In April, an attack on Instructure Canvas produced 3.65 terabytes of data from 275 million users across 9,000 schools. The Oracle PeopleSoft zero-day CVE-2026-35273 gave the group access to more than 100 organizations in a matter of weeks. ShinyHunters also ran the 2024 Snowflake supply chain campaign that compromised Ticketmaster and AT&T.
The MSG breach is the third time in 2026 that ShinyHunters has published data after a target declined to pay — a meaningful shift. The group is demonstrating that non-payment reliably results in publication, which functions as advertising for the next campaign. Every organization that ignores a deadline makes the threat more credible for every organization that receives one next.
MSG's Second Breach in Six Months
The ShinyHunters dump is not MSG's first 2026 breach — it is the second. Between August and December 2025, Cl0p exploited CVE-2025-61882, a 9.8 severity zero-day in Oracle's E-Business Suite, to breach an MSG vendor managing HR and payroll data. MSG disclosed the incident in February 2026 and began notifying 131,070 employees and contractors that their Social Security numbers, addresses, and financial records had been stolen. That data has been publicly accessible since November 2025, when Cl0p published it after MSG declined to pay.
Two ransomware group wins against a single organization within six months is a vendor risk and incident response failure at scale. The Cl0p breach was a third party vendor problem — MSG did not control the Oracle EBS instance. But the ShinyHunters breach involved MSG's own internal systems. The combination raises a pointed question for security teams doing vendor due diligence on entertainment venues and large event operators: are you treating them as high risk data processors, or assuming their guest management systems are out of scope?
Biometric data, by definition, cannot be reset. A stolen password gets changed. A stolen facial recognition template is permanent. Anyone whose face is in MSG's system — athlete, celebrity, or fan who complained about a misidentification — has no remediation path for the biometric component of this breach.
Why Email Users Should Care
The VIP dossiers in this dump are particularly dangerous as phishing source material. Each record ties a name to a "claim to fame," a representative's direct contact details, and pricing information. A threat actor targeting talent agents, publicists, or sports representatives now has structured, verified data to craft spear phishing emails that reference accurate personal and financial details — the kind of specificity that defeats most fraud detection instincts.
The customer complaint emails in the dump are a second attack surface. Anyone who contacted MSG about a facial recognition misidentification included their own contact information, the venue they attended, and the date. That data is now public and can be used to send targeted follow up messages impersonating MSG, law firms handling the class action, or government regulators. The Council of Europe breach — also claimed by ShinyHunters — showed how quickly stolen contact data becomes the basis for follow on email attacks against the same victim pool.
If you attended a MSG venue and submitted any complaint or inquiry about facial recognition, or if you are a talent representative whose contact details appear in VIP booking records, treat unsolicited emails referencing MSG, the Knicks, or the class action as high risk regardless of how accurately they describe your situation. Accuracy is now a red flag, not a reassurance.
What Happens Next
The class action Avalos v. MSG Entertainment Corp., filed June 16 in the U.S. District Court for the Southern District of New York, seeks at least $5 million in initial damages. The plaintiff, Carlos Avalo, attended a concert at MSG in September 2025 — meaning his biometric data was collected, classified, and subsequently breached without his knowledge or documented consent. If the suit proceeds to class certification, the plaintiff pool could include anyone who attended a MSG venue since the facial recognition program began in 2018.
For security professionals tracking the ShinyHunters campaign: the group is actively exploiting unpatched vendor systems and demonstrating consistent follow through on publication deadlines. Any organization whose third party vendors have not fully remediated CVE-2026-35273 or CVE-2025-61882 should treat those gaps as active exposure, not theoretical risk. ShinyHunters has already proven, twice against the same target, that it will publish.