April 2026 continued the concerning trend of sophisticated cyberattacks targeting major US organizations. Threat actors — particularly ShinyHunters — relied heavily on social engineering (vishing), third-party vendor compromises, and misconfigurations rather than purely technical zero-days.
While many incidents did not directly compromise core operational systems, the exposure of customer and employee data remains a serious risk for organizations that handle sensitive information — including law firms.
Notable April 2026 Incidents
ADT (Home Security)
ShinyHunters gained access via vishing on an employee’s Okta SSO credentials, leading to Salesforce data exposure. Reports indicated millions of records potentially affected (names, addresses, limited personal details). No payment data or security system controls were compromised, but the incident triggered class-action lawsuits.
Medtronic (Medical Devices)
Attackers claimed access to up to 9 million records from corporate IT systems. Importantly, patient care systems and medical devices were not affected.
McGraw-Hill (Education & Publishing)
Approximately 13.5 million accounts were exposed due to a Salesforce misconfiguration — highlighting ongoing risks from overly permissive SaaS environments.
Adobe
A breach occurred through a third-party BPO contractor via phishing and privilege escalation. Alleged exposure included support tickets, employee data, and bug bounty submissions.
Banking Sector
Citizens Financial Group and Frost Bank were both impacted by the same third-party vendor compromise on the same day, with ransomware elements reported.
Other Notable Mentions
- Booking.com (major US market): Unauthorized access to customer booking data later used in phishing campaigns.
- Supply-chain and OAuth-related incidents continued to affect US tech platforms (e.g., Vercel via a compromised AI tool).
Broader 2026 Context
April was not an isolated spike. Throughout 2026, US organizations faced consistent pressure from:
- ShinyHunters campaigns leveraging vishing and SaaS misconfigurations.
- Third-party and supply-chain attacks (BPO vendors, software libraries, OAuth integrations).
- Ransomware groups continuing to target mid-market and enterprise US companies.
- Rising exploitation of identity-layer weaknesses rather than purely technical vulnerabilities.
Why This Matters for Texas Law Firms
Law firms routinely handle highly sensitive client data, including financial records, personal identifying information, medical data, and privileged communications. Many of the April incidents involved:
- Social engineering bypassing MFA
- Third-party vendor risk
- SaaS misconfigurations (especially Salesforce and similar platforms)
- Exposure of customer/employee data that could be weaponized for further attacks
These are exactly the types of risks that can trigger professional responsibility concerns, regulatory scrutiny, and loss of client trust under Texas rules.
Key Lessons from April 2026
- Vishing remains highly effective — Attackers are successfully targeting help desks and SSO portals.
- Third-party risk is critical — Many breaches originated from vendors or contractors.
- SaaS hygiene matters — Overly permissive configurations in tools like Salesforce continue to be exploited.
- Identity is the new perimeter — Strong MFA + monitoring of privileged access is non-negotiable.
How EmailMeNow Can Help
We help Texas law firms reduce exposure to these exact threats through:
- Social engineering & vishing awareness training tailored for legal professionals
- Third-party vendor risk assessments
- SaaS security reviews (Salesforce, Okta, Microsoft 365, etc.)
- Incident response planning and tabletop exercises
- Ongoing support for SB 2610 cybersecurity program documentation
Stay ahead of the threat.
Run a free Instant Cybersecurity Audit at audit.emailmenow.com to evaluate your firm’s current risk posture.
Contact EmailMeNow IT Consulting for a customized security consultation.
Sources: Public reporting on 2026 cyber incidents (as of mid-May 2026), including incidents involving ADT, Medtronic, McGraw-Hill, Adobe, and major financial institutions.