Edmunds

Edmunds, the automotive research and car-shopping platform, had data on approximately 178,000 accounts exposed after the ShinyHunters hacking group claimed a breach in January 2026.

Reported

Jun 1, 2026

Breach date

Jan 24, 2026

People affected

178K

Severity

high

What was exposed

Email addressesUsernamesPasswordsIP addressesPhone numbersDevice information

What happened

According to Have I Been Pwned, the ShinyHunters hacking group listed Edmunds as a breach victim in January 2026. The stolen data was later published publicly. Cybernews reported on the incident, which involved the automotive research and car-shopping platform.

What was exposed

According to HIBP, the exposed data included email addresses, usernames, passwords, IP addresses, phone numbers, device information, and vehicle-related records.

Who is affected

Approximately 178,000 unique accounts are reported to have been affected, according to HIBP. These are likely users who registered on the Edmunds platform.

What to do now

If you have an Edmunds account, change your password immediately. Because passwords were included in the breach, also update any other accounts where you reused the same password. Enable two-factor authentication where available. Be alert to phishing attempts using your email address or phone number.

Case monitoring

Get notified about the Edmunds case.

No attorney or law firm using Breached is currently investigating this case. You can submit your information as an interest expression to be notified if that changes. We never sell your details.

No attorney currently investigating

No attorney or law firm using Breached is currently investigating the Edmunds breach through Breached. You can submit information as an interest expression to be notified if that changes. Your details will not be routed to a law firm unless you give fresh consent after a case team is identified.