ShinyHunters published 45GB of Madison Square Garden data, including facial recognition surveillance records

TL;DRShinyHunters leaked 45GB of MSG data after a missed ransom deadline, exposing facial recognition records and triggering a federal class action.

The cybercrime group ShinyHunters has published 45 gigabytes of data stolen from Madison Square Garden Entertainment after the company missed a June 15 ransom deadline. The dump includes facial recognition surveillance records, internal threat assessments, and personal information from what the hackers claim are 26 million customer and corporate records. A federal class action lawsuit was filed the following day.

The breach occurred on June 5, according to a ShinyHunters spokesperson who spoke to 404 Media. The data was published on June 16, days after the New York Knicks won the NBA Finals in five games against the Spurs, putting intense public attention on the arena and its owner, James Dolan.

What makes this breach unusual is the nature of the surveillance data it exposed. MSG has deployed facial recognition technology across its venues for years, using the system to screen visitors and, controversially, to ban lawyers from firms that have sued the company. The leaked files include biometric tracking logs, background check information, internal threat assessments, and what the class action complaint describes as detailed dossiers on attendees.