FedEx suffered a data breach affecting approximately 166.3 million records after threat actors identified as "Scattered LAPSUS$ Hunters" exfiltrated customer data from a Salesforce environment used by the company. The breach was part of a broader campaign targeting multiple corporate Salesforce instances in 2025, with attackers believed to have used compromised third-party OAuth tokens (authorization credentials that allow external applications to access a service) rather than exploiting Salesforce's core platform directly. The group released a sample of the stolen data on October 3, 2025, and claimed the full dataset would follow one week later. Exposed records contain names, email addresses, phone numbers, and home and business mailing addresses, alongside internal account identifiers, shipment tracking numbers, and partial live chat transcripts. The combination of contact details and shipment data is particularly dangerous because it allows criminals to craft scam messages that appear legitimate, referencing real package activity tied to a specific person's address. This makes phishing attempts, delivery impersonation scams, and household-targeted fraud substantially harder for recipients to detect. No confirmed regulatory action or class-action litigation had been publicly disclosed as of the breach date, though the scale and sensitivity of the exposure would likely draw scrutiny under applicable consumer data protection laws. Affected individuals should treat any unexpected delivery notifications or messages referencing their shipment history with heightened suspicion, verify requests through FedEx's official channels directly, and monitor for unsolicited contact using their home address or phone number.

Logistics networks collect customer and recipient identity, phone numbers, addresses, shipment histories, delivery instructions, payment-adjacent data, and business shipping records.

FedEx’s recent public posture has centered on network transformation, digital modernization, and margin expansion. At its February 12, 2026 Investor Day, the company said it was prioritizing smarter supply chains, premium growth in higher-margin verticals, scaling digital and AI capabilities, and further transforming its network through 2029.