ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

CTT Data Breach

ctt.pt
Limited exposure
Verified breach
Accounts exposed 468,124
Breach date 26 Apr 2026
Added to tracker 19 May 2026
Data classes 3

What happened

In April 2026, data allegedly obtained from CTT, Portugal's national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking numbers which can be used to retrieve the tracking history of the parcel.

Exposed data

Email addresses Names Phone numbers

Recommended actions

  • Watch for targeted phishing emails referencing CTT โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP