Addi
addi.com
About This Breach
Addi, a Colombian fintech company, identified unauthorized activity in March 2026 with the ShinyHunters group, later publishing a large dataset allegedly obtained from the company, exposing 25M unique email addresses along with government ID numbers, purchases, and other credit-related information.
Data Exposed
Breach Details
| Breach Type | Data Breach |
| Searchable | Yes |
| Verified | Yes |
| Sensitive Data | No |
| Reference | No reference available |
Frequently Asked Questions
When did the Addi data breach happen?
Addi was breached in Mar 2026. The breach was added to the XposedOrNot index on May 31, 2026.
How many records were exposed in the Addi breach?
25,934,104 records were exposed, making it the #67 largest of the 763 breaches in our index.
What data was exposed in the Addi breach?
The exposed data includes: Email addresses, Names, Government issued IDs, IP addresses, Phone numbers, Physical addresses, Purchases.
What should I do if I was affected by the Addi breach?
Change your password on the affected service (and anywhere you reused it), turn on two-factor authentication, and set up free breach alerts on XposedOrNot so you know the moment your email appears in a new breach.
More Finance Breaches
What Should You Do?
Enable Two-Factor Authentication
Add 2FA on all supported accounts using an authenticator app like Google Authenticator or Authy.
Place a Fraud Alert
Contact credit bureaus to place a fraud alert or credit freeze to prevent identity theft.
Watch for Phishing Calls & SMS
Be cautious of unexpected calls or texts asking for personal information.
Beware of Scam Mail
Be skeptical of unexpected correspondence requesting personal details.
Review Device Security
Update your devices and browsers, and check for unauthorized logins.
Monitor Your Accounts
Set up login alerts and review account activity regularly for suspicious access.