Hallmark Breach: 1.7M Emails & Addresses Exposed (2026)

Overview

In March 2026, Hallmark suffered a significant data breach after attackers compromised data stored within its Salesforce system. The company was allegedly extorted, and when the deadline passed, the attackers published the stolen data. The breach impacted approximately 1.7 million unique email addresses associated with both Hallmark and its Hallmark+ streaming service.

What Was Exposed

The published dataset contains extensive personal information. For each affected account, the following details were exposed:

• Email Addresses: The primary contact identifier.
• Full Names: Personal identification data.
• Phone Numbers: Direct contact information.
• Physical Addresses: Home or mailing addresses.
• Support Tickets: Details of past customer service interactions.

Potential Impact

The exposure of this combination of data significantly elevates the risk for affected individuals. With names, addresses, and phone numbers, criminals can execute highly targeted phishing attacks, impersonate Hallmark or other trusted entities, and attempt account takeovers on other services. The physical address data also raises concerns about potential stalking, harassment, or targeted physical scams. This breach provides scammers with a rich toolkit for social engineering, making any communication claiming to be from Hallmark particularly suspicious.

Recommendations

If you have ever had an account with Hallmark or Hallmark+, take these steps immediately:

1. Change Your Hallmark Password: Use a strong, unique password that you do not use anywhere else.
2. Enable 2FA: If Hallmark offers two-factor authentication (2FA), enable it on your account.
3. Beware of Targeted Phishing: Be extremely cautious of emails, texts, or calls referencing your name, address, or past support issues. Do not click on links or provide further information. Verify communications directly through Hallmark’s official website.
4. Monitor Financial Statements: While payment data was not listed in this leak, remain vigilant for any unauthorized transactions.
5. Consider a Credit Freeze: Given the exposure of sufficient personal data for identity theft, placing a freeze on your credit reports is a prudent defensive step.

How to Check If You’re Affected

The breach has been reported to the free service Have I Been Pwned. You can visit https://haveibeenpwned.com/Breach/Hallmark and enter your email address to check if it was included in this data leak. It is recommended to check all email addresses you may have used with Hallmark services.

Security Insight

This breach highlights the critical risk of third-party platform security, as the attack vector was Hallmark’s instance of Salesforce, not necessarily its core systems. It mirrors incidents in other retail and media sectors where customer relationship management (CRM) databases become high-value targets. The publication of support ticket data is a particularly invasive detail, suggesting the compromised system contained deeply integrated customer records, a common finding in recent cybersecurity news on supply chain attacks.

Further Reading

• All High Breaches
• Recent Data Breaches