What Happened
In March 2025, a hacker using the alias “Blinkers” allegedly breached Adda.io, a Bengaluru-based housing society management platform used by communities in India and countries like the US and Singapore, exposing personal data of approximately 1.8 to 1.86 million users. The stolen 145 MB dataset, posted to a hacking forum on November 23, 2025, included names, phone numbers, email addresses, owner IDs, and passwords hashed with the outdated MD5 algorithm, raising risks of phishing, credential stuffing, and identity theft. While one source attributes it to the RansomEXX group on March 10, the majority confirm the intrusion occurred around March 24, with data circulated in underground cybercrime communities shortly after India’s Digital Personal Data Protection Rules were notified. Adda.io has not publicly confirmed the breach or detailed remediation efforts.
