Data Breach

Abrigo Data Breach April 2026 - What Was Exposed and What To Do

711,099 records exposed

The Abrigo data breach exposed 711,099 records including Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses. This breach has been verified by HaveIBeenPwned. Affected users should check HaveIBeenPwned.com and take immediate steps to protect their accounts.

What Happened

In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data allegedly taken from the company's Salesforce instance was published publicly and contained over 700k unique email addresses belonging to both Abrigo staff and external contacts. Whilst separate from Abrigo's Salesforce compromise via the Drift application connector the previous year, the data fields described in that incident are consistent with the ShinyHunters data, namely that it was "business contact information" including "institution name, employee name, email addresses, and phone numbers".

Breach date
2026-04-14
Records affected
711,099
Verified
Yes
Domain
abrigo.com

What Was Exposed

The following data types were included in the breach:

  • Email addresses
  • Employers
  • Job titles
  • Names
  • Phone numbers
  • Physical addresses

What You Should Do

If you had an account with Abrigo, take these steps immediately:

  1. Check if your account was affected at HaveIBeenPwned.com
  2. Watch for phishing emails that reference the breach or impersonate the affected company
  3. Be alert for social engineering attempts using your exposed personal information
  4. Enable two-factor authentication on the affected service if available
  5. Consider using a password manager to generate unique passwords for each service

FAQ

Was my data in the Abrigo breach?
Check HaveIBeenPwned.com to see if your email address was included in the Abrigo breach. The breach exposed 711,099 records containing Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses.
What should I do if my data was exposed in the Abrigo breach?
Change your password on the affected service immediately. Enable two-factor authentication. If financial data or government IDs were exposed, place a fraud alert with credit bureaus and monitor your accounts for unauthorized activity.
When did the Abrigo data breach happen?
The Abrigo breach occurred on 2026-04-14. It was added to the HaveIBeenPwned database on 2026-05-14. The breach affected 711,099 accounts.

Need Incident Response?

Sherlock Forensics investigates data breaches for organizations. We determine scope of exposure, identify attack vectors, preserve evidence for legal proceedings and help you meet notification requirements.

Get Incident Response Help