// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
Breach Record

Abrigo

DISCLOSED 2026-04-14 · STOLEN CREDS · 711,099 RECORDS EXPOSED

In April 2026, the fintech software company Abrigo was targeted in a "pay or leak" extortion attempt by the ShinyHunters group. Shortly after, data allegedly taken from the company's Salesforce instance was published publicly and contained over 700k unique email addresses belonging to both Abrigo staff and external contacts. Whilst separate from Abrigo's Salesforce...

The record

What we know

Disclosed
2026-04-14
Attack vector
Stolen Creds
Records exposed
711,099
Domain
abrigo.com
Data classes exposed
Email addressesEmployersJob titlesNamesPhone numbersPhysical addresses
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Abrigo disclosure. It updates if new public reporting emerges. All tracked breaches →

Abrigo just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →