Addi
- Place a fraud alert or credit freeze with the major credit bureaus to block new accounts opened in your name.
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Watch for text-message phishing and SIM-swap attempts on your phone number.
- Be wary of targeted scams that use your personal details to sound convincing.
What is the Addi data breach?
In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that "it is possible that your personal information may have been compromised". The "pay or leak" extortion group ShinyHunters...
When did the data breach happen?
This data breach occurred around March 2026.
How many accounts were affected?
Around 34,532,941 accounts were affected.
What information was exposed?
Exposed data included Age groups, Credit scores, Device information, Email addresses, Government issued IDs, Income levels, IP addresses and Latitude and longitude pairs.
What should I do if I was affected?
Place a fraud alert or credit freeze with the major credit bureaus to block new accounts opened in your name. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number. Be wary of targeted scams that use your personal details to sound convincing.