APOIA.se Data Breach Exposes 451K User Records in December 2025
In December 2025, Brazilian crowdfunding platform APOIA.se suffered a data breach, compromising the personal information of 451,000 users. The exposed data included unique email addresses, names, and physical addresses.
Analysis revealed that 79% of the affected email addresses were already present in LinkedIn’s database, suggesting potential overlap with other breaches. The incident highlights ongoing risks in digital platforms handling sensitive user data, particularly in regions with growing fintech and crowdfunding adoption.
The breach was documented by Have I Been Pwned, a service tracking compromised credentials, though further details on the attack vector or responsible parties remain undisclosed. The exposure of physical addresses alongside digital identifiers raises concerns about potential follow-on threats, including phishing and identity fraud.
Source: https://www.linkedin.com/feed/update/urn:li:activity:7429066918982180864
APOIA.se TPRM report: https://www.rankiteo.com/company/apoia-se
"id": "apo1771230299",
"linkid": "apoia-se",
"type": "Breach",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '451000',
'industry': 'Fintech',
'location': 'Brazil',
'name': 'APOIA.se',
'type': 'Crowdfunding Platform'}],
'data_breach': {'number_of_records_exposed': '451000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (personally identifiable '
'information)',
'type_of_data_compromised': ['Email addresses',
'Names',
'Physical addresses']},
'date_detected': '2025-12',
'description': 'In December 2025, Brazilian crowdfunding platform *APOIA.se* '
'suffered a data breach, compromising the personal information '
'of 451,000 users. The exposed data included unique email '
'addresses, names, and physical addresses. Analysis revealed '
'that 79% of the affected email addresses were already present '
'in LinkedIn’s database, suggesting potential overlap with '
'other breaches. The incident highlights ongoing risks in '
'digital platforms handling sensitive user data, particularly '
'in regions with growing fintech and crowdfunding adoption.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive user data',
'data_compromised': 'Personal information (email addresses, names, '
'physical addresses)',
'identity_theft_risk': 'High (due to exposure of physical '
'addresses and digital identifiers)'},
'lessons_learned': 'Highlights ongoing risks in digital platforms handling '
'sensitive user data, particularly in regions with growing '
'fintech and crowdfunding adoption. Emphasizes the need '
'for robust data protection measures to prevent identity '
'fraud and phishing threats.',
'references': [{'source': 'Have I Been Pwned'}],
'title': 'APOIA.se Data Breach Exposes 451K User Records',
'type': 'Data Breach'}