Ransomware victim disclosure
← All victimsGAP, INC.
Claimed by Shinyhunters · listed 9 months ago
Status timeline
- ListedOct 3, 2025
- Data leakeddate unknown
At a glance
- Group
- Shinyhunters
- Status
- Data leaked
- Country
- United States
- Sector
- Consumer Services
- Listed on leak site
- Oct 3, 2025
About the victim
AI dossier — public-source company profileGap, Inc. is an American multinational clothing and accessories retailer headquartered in San Francisco, California, founded in 1969 by Donald Fisher and Doris F. Fisher. The company operates several major retail brands including Gap, Banana Republic, Old Navy, and Athleta, among others. It is one of the largest apparel retailers in the world with thousands of stores globally.
- Industry
- Apparel & Accessories Retail
- Address
- 2 Folsom Street, San Francisco, California 94105, United States
- Employees
- 95000
- Founded
- 1969
Attack summary
Severity: medium — Data is marked as published by a known exfiltration-focused group (ShinyHunters), which typically steals and releases sensitive data; however, the leak post contains no specifics on data type, volume, or proof, preventing a higher severity classification. ShinyHunters has a credible history of large-scale breaches, but the lack of any disclosed data inventory or proof keeps this from reaching high or critical.ShinyHunters claims to have compromised Gap, Inc. with a disclosed status of data_published, indicating data has been exfiltrated and released; however, the leak post provides no specific details on the type or volume of data stolen, methods used, or proof files advertised.
Original description
AI-summarised, not from the leak postGAP, INC. is an American multinational clothing and accessories retailer. The company was founded in San Francisco, California by Donald Fisher and Doris F. Fisher in 1969. The company operates several well-known brands apart from Gap itself, including Banana Republic, Old Navy, Intermix, Hill City and Athleta. Known for its casual style, Gap is one of the largest apparel retailers in the world.
Sources
- Leak posthttps://breachforums.hn//gap.html
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

