Alert 360 Leak Exposes 146K Customer Security Records

leaksear.ch has indexed 146,153 records from an Alert 360 dataset leaked in April 2026 by ShinyHunters, including Alarm.com dealer customer records and Salesforce exports tied to the U.S. home and business security provider (leaksear.ch metadata). Alert 360 says unauthorized access occurred on April 4, 2026, while public reporting says ShinyHunters claimed more than 2.5 million records were compromised, a broader actor claim than the 146,153 records indexed here (www.alert360.com, cybernews.com, www.dexpose.io).

What happened

Alert 360 published a May 4, 2026 company statement saying an unauthorized actor accessed limited data in company systems on April 4, 2026, and that customer security systems remained fully operational. The company said the incident did not compromise Social Security numbers, bank account information, credit or debit card data, security-system access credentials, or alarm codes (www.alert360.com).

Cybernews reported on April 17, 2026 that ShinyHunters listed Oklahoma-based Alert 360 on its victim blog and provided a download link to a purported 10GB compressed archive after ransom communications broke down. DeXpose separately recorded an April 19, 2026 report in which ShinyHunters claimed more than 2.5 million records and 10GB+ compressed data, while Breachsense listed Alert 360 as a ShinyHunters breach discovered on April 17, 2026 (cybernews.com, www.dexpose.io, www.breachsense.com).

The exact initial access vector for Alert 360 has not been publicly confirmed. The leaksear.ch indexing metadata identifies the corpus as Alarm.com dealer customer records and Salesforce exports, and broader public reporting has documented ShinyHunters-branded extortion tied to Salesforce data theft, vishing, malicious connected apps, and misconfigured Salesforce Experience Cloud access, but those reports should be treated as threat context rather than proof of Alert 360's root cause (leaksear.ch metadata, cloud.google.com, www.fbi.gov, www.finra.org, www.bleepingcomputer.com).

What data was exposed

According to leaksear.ch metadata, indexed records are searchable by name, email, phone, address, and country. Other stored fields include customer company name, customer ID, CS account number and prefix, customer source, installer, sales rep, sub-dealer identifiers, monitoring station name, panel type, firmware version, modem serial number, service package, network and network generation, mobile contact indicators, arming reminders, rules and schedules, system descriptions, and UL/ETL settings (leaksear.ch metadata).

Alert 360's public statement confirms that the unauthorized actor accessed certain names, email addresses, mailing addresses, and telephone numbers, while stating that SSNs, bank account information, payment card data, security-system access credentials, and alarm codes were not compromised (www.alert360.com).

Why this matters

The practical risk is targeted phishing and vishing, especially because the data links contact details to a home and business security provider. Attackers could reference a security account, installer, dealer, service package, or monitoring context to make impersonation attempts more convincing (leaksear.ch metadata).

Because Alert 360 says alarm codes and system credentials were not compromised, the main public risk is not direct alarm-system takeover based on the company's statement. The more likely abuse path is social engineering, account verification fraud, fake service calls, and unwanted outreach using names, phone numbers, emails, and addresses (www.alert360.com).

Check your exposure

Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include address, country, date of birth, email, name, phone, and username.

Alert 360 Leak Exposes 146K Customer Security Records

What happened

What data was exposed

Why this matters

Check your exposure

Sources