For artists and makers: your data is now public, and the people watching your work are not who you think they are
Personal details regarding Madison Square Garden patrons have been leaked online by cybercriminals, leaving the information accessible to anyone willing to download it. The dump reportedly contains sensitive customer data, including specific fields such as “address,” “claim to fame,” “cost of talent,” and contact details for individuals or their representatives.
The leak highlights a stark reality for creators and public figures: when you do not pay a ransom, your information is posted publicly. A message on the attackers’ site states, “It’s very simple. When you pay us, your data is deleted, and you move on with your life. When you don’t pay us, you get posted here, among other things.”
The group behind the release is Shiny Hunters, a collective known for orchestrating numerous breaches over recent years. This data dump surfaced just days after the New York Knicks secured an NBA Finals victory against the San Antonio Spurs in five games. Although the intrusion likely occurred prior to this triumph—a spokesperson noted the hack took place on June 5—the team’s championship win has inadvertently amplified scrutiny on both the franchise and the venue.
What the data reveals about surveillance and risk
Shiny Hunters released the full dataset on Tuesday, comprising nearly 45GB of information. The group provided 404 Media with a smaller sample for review. One file appears to contain correspondence between customers and MSG, alongside the venue’s replies. Notably, one email features a man complaining about potentially being flagged by MSG’s facial recognition systems. The venue owner, Jim Dolan, has a long history of deploying extensive surveillance technologies within his arenas, a practice WIRED has previously documented.
Another file, titled “Talent,” lists high-profile figures associated with the sports world. This includes family members of MSG executives, former New York Knicks players and head coaches, and various celebrities.
Ben Stiller, a devoted Knicks fan who attended the recent Finals games, is included in the list. The file provides an email address for Red Hour Films, the production company he runs. Stiller is categorised as “Low Risk” within the document, though the criteria for this classification remain unclear. Conversely, only one individual is marked as “High Risk”: rapper A Boogie wit da Hoodie.
MSG has not yet commented on the incident. The Shiny Hunters website indicates that the venue failed to pay the demanded ransom. This event follows a separate confirmation in March that MSG suffered a breach targeting users of Oracle’s E-Business Suite. That campaign was attributed to the Cl0p ransomware group, who named MSG as a specific victim in November 2025, according to SecurityWeek.
Key takeaways
- The Shiny Hunters group has released a massive 45GB dataset containing personal details on Madison Square Garden patrons, including celebrities and sports figures.
- High-profile individuals such as Ben Stiller and A Boogie wit da Hoodie are listed in the leak, with the latter flagged as “High Risk” and the former as “Low Risk.”
- The breach coincides with heightened public interest in the Knicks following their recent NBA Finals victory, though the intrusion reportedly occurred in June.
- MSG has not paid the ransom demanded by the attackers, resulting in the public exposure of customer data and internal communications.
Stay ahead of AI. Get the most important stories delivered to your inbox — no spam, no noise.
