The cybersecurity firm Resecurity has reported that it was not breached as claimed by the group known as Scattered Lapsus$ Hunters. Instead, Resecurity asserts that the hackers only accessed a honeypot designed to gather intelligence on potential threats. The incident, which was made public on January 3, 2026, involved the publication of screenshots purportedly showing stolen data, including employee information and internal communications.
According to the threat actors, they accessed comprehensive internal data, including threat intelligence reports and client details. They stated their actions were a response to Resecurity's alleged attempts to spy on their operations, claiming that Resecurity employees had posed as buyers to extract information during a database sale. However, a spokesperson for ShinyHunters clarified that their group was not involved in this particular incident, despite previously being linked to Scattered Lapsus$ Hunters.
This situation highlights ongoing tensions between cybersecurity firms and hacker groups, with Resecurity maintaining that the accessed data was intentionally misleading, aimed at monitoring hacker activities rather than containing real sensitive information.