Tag: Have I Been Pwned latest breaches

Read the original article: MangaDex – 2,987,329 breached accounts In March 2021, the manga fan site MangaDex suffered a data breach that resulted in the exposure of almost 3 million subscribers. The data included email and IP addresses, usernames and…

Read more →

Read the original article: ShopBack – 20,529,819 breached accounts In September 2020, the cashback reward program ShopBack suffered a data breach. The incident exposed over 20 million unique email addresses along with names, phone numbers, country of residence and passwords…

Read more →

Read the original article: ClearVoice Surveys – 15,074,786 breached accounts In April 2021, the market research surveys company ClearVoice Surveys had a publicly facing database backup from 2015 taken and redistributed on a popular hacking forum. The data included 15M…

Read more →

Read the original article: Phone House España – 5,223,350 breached accounts In April 2021, the Spanish retailer Phone House allegedly suffered a ransomware attack that also exposed significant volumes of customer data. Attributed to the Babuk ransomware, a collection of…

Read more →

Read the original article: Facebook – 509,458,528 breached accounts In April 2021, a large data set of over 500 million Facebook users was made freely available for download. Encompassing approximately 20% of Facebook’s subscribers, the data was allegedly obtained by…

Read more →

Read the original article: Facebook – 2,529,621 breached accounts In April 2021, a large data set of 533 million Facebook users was made freely available for download. Encompassing approximately 20% of Facebook’s subscribers, the data was allegedly obtained by exploiting…

Read more →

Read the original article: Astoria (unverified) – 11,498,146 breached accounts In January 2021, the lead generation company Astoria Company allegedly suffered a data breach which exposed over 11M unique email addresses. The data was discovered by Night Lion Security and…

Read more →

Read the original article: Astoria (unverified) – 11,498,146 breached accounts In January 2021, the lead generation company Astoria Company allegedly suffered a data breach which exposed over 11M unique email addresses. The data was discovered by Night Lion Security and…

Read more →

Read the original article: Liker – 465,141 breached accounts In March 2020, the self-proclaimed "kinder, smarter social network" Liker suffered a data breach, allegedly in retaliation for the Gab data breach and scraping of data from Parler. The site remained…

Read more →

Read the original article: Travel Oklahoma – 637,279 breached accounts In December 2020, the Oklahoma state Tourism and Recreation Department suffered a data breach. The incident exposed 637k email addresses across a variety of tables including age ranges against brochure…

Read more →

Read the original article: Oxfam – 1,834,006 breached accounts In January 2021, Oxfam Australia was the victim of a data breach which exposed 1.8M unique email addresses of supporters of the charity. The data was put up for sale on…

Read more →

Read the original article: Oxfam – 1,834,006 breached accounts In January 2021, Oxfam Australia was the victim of a data breach which exposed 1.8M unique email addresses of supporters of the charity. The data was put up for sale on…

Read more →

Read the original article: Ticketcounter – 1,921,722 breached accounts In August 2020, the Dutch ticketing service Ticketcounter inadvertently published a database backup to a publicly accessible location where it was then found and downloaded in February 2021. The data contained…

Read more →

Read the original article: SuperVPN & GeckoVPN – 20,339,937 breached accounts In February 2021, a series of "free" VPN services were breached including SuperVPN and GeckoVPN, exposing over 20M records. The data appeared together in a single file with a…

Read more →

Read the original article: NetGalley – 1,436,435 breached accounts In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of…

Read more →

Read the original article: People’s Energy – 358,822 breached accounts In December 2020, the UK power company People’s Energy suffered a data breach. The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers,…

Read more →

Read the original article: NurseryCam – 10,585 breached accounts In February 2021, a series of egregiously bad security flaws were identified in the NurseryCam system designed for parents to remotely monitor their children whilst attending nursery. The flaws led to…

Read more →

Read the original article: Filmai.in – 645,786 breached accounts In approximately 2019 or 2020, the Lithuanian movie streaming service Filmai.in suffered a data breach exposing 645k email addresses, usernames and plain text passwords.   Become a supporter of IT Security…

Read more →

Read the original article: Filmai.in – 645,786 breached accounts In approximately 2019 or 2020, the Lithuanian movie streaming service Filmai.in suffered a data breach exposing 645k email addresses, usernames and plain text passwords.   Become a supporter of IT Security…

Read more →

Read the original article: NurseryCam – 10,585 breached accounts In February 2021, a series of egregiously bad security flaws were identified in the NurseryCam system designed for parents to remotely monitor their children whilst attending nursery. The flaws led to…

Read more →

Read the original article: People’s Energy – 358,822 breached accounts In December 2020, the UK power company People’s Energy suffered a data breach. The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers,…

Read more →

Read the original article: NetGalley – 1,436,435 breached accounts In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of…

Read more →

Read the original article: CityBee – 110,156 breached accounts In February 2021, the Lithuanian car-sharing service CityBee announced they’d suffered a data breach that exposed 110k customers’ personal information. The breach exposed names, email addresses, government issued IDs and passwords…

Read more →

Read the original article: CityBee – 110,156 breached accounts In February 2021, the Lithuanian car-sharing service CityBee announced they’d suffered a data breach that exposed 110k customers’ personal information. The breach exposed names, email addresses, government issued IDs and passwords…

Read more →

Read the original article: Ge.tt – 2,481,121 breached accounts In May 2017, the file sharing platform Ge.tt suffered a data breach. The data was subsequently put up for sale on a dark web marketplace in February 2019 alongside a raft…

Read more →

Read the original article: Pixlr – 1,906,808 breached accounts In October 2020, the online photo editing application Pixlr suffered a data breach exposing 1.9 million subscribers. Impacted data included names, email addresses, social media profiles, the country signed up from…

Read more →

Read the original article: StoryBird – 1,047,200 breached accounts In August 2015, the storytelling service StoryBird suffered a data breach exposing 4 million records with 1 million unique email addresses. Impacted data also included names, usernames and passwords stored as…

Read more →

Read the original article: Pixlr – 1,906,808 breached accounts In October 2020, the online photo editing application Pixlr suffered a data breach exposing 1.9 million subscribers. Impacted data included names, email addresses, social media profiles, the country signed up from…

Read more →

Read the original article: StoryBird – 1,047,200 breached accounts In August 2015, the storytelling service StoryBird suffered a data breach exposing 4 million records with 1 million unique email addresses. Impacted data also included names, usernames and passwords stored as…

Read more →

Read the original article: Bonobos – 2,811,929 breached accounts In August 2020, the clothing store Bonobos suffered a data breach that exposed almost 70GB of data containing 2.8 million unique email addresses. The breach also exposed names, physical and IP…

Read more →

Read the original article: Nitro – 77,159,696 breached accounts In September 2020, the Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses. The breach also exposed names, bcrypt password hashes and the titles…

Read more →

Read the original article: Nitro – 77,159,696 breached accounts In September 2020, the Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses. The breach also exposed names, bcrypt password hashes and the titles…

Read more →

Read the original article: Nitro – 0 breached accounts This post doesn’t have text content, please click on the link below to view the original article. Nitro – 0 breached accounts   Become a supporter of IT Security News and…

Read more →

Read the original article: Romwe – 19,531,820 breached accounts In mid-2018, the Hong Kong-based retailer Romwe suffered a data breach which exposed almost 20 million customers. The data was subsequently sold online and includes names, phone numbers, email and IP…

Read more →

Read the original article: Jobandtalent – 10,981,207 breached accounts In approximately February 2018, the employment website Jobandtalent suffered a data breach which then appeared for sale alongside other breaches a year later. The incident impacted 11 million subscribers and exposed…

Read more →

Read the original article: Glofox – 2,330,735 breached accounts In March 2020, the Irish gym management software company Glofox suffered a data breach which exposed 2.3M membership records. The data included email addresses, names, phone numbers, genders, dates of birth…

Read more →

Read the original article: GeniusU – 1,301,460 breached accounts In November 2020, a collection of data breaches were made public including the "Entrepreneur Success Platform", GeniusU. Dating back to the previous month, the data included 1.3M names, email and IP…

Read more →

Read the original article: Ledger – 1,075,241 breached accounts In June 2020, the hardware crypto wallet manufacturer Ledger suffered a data breach that exposed over 1 million email addresses. The data was initially sold before being dumped publicly in December…

Read more →

Read the original article: Peatix – 4,227,907 breached accounts In January 2019, the event organising platform Peatix suffered a data breach. The incident exposed 4.2M email addresses, names and salted password hashes. The data was provided to HIBP by dehashed.com.…

Read more →

Read the original article: Pluto TV – 3,225,080 breached accounts In October 2018, the internet television service Pluto TV suffered a data breach which was then shared extensively in hacking communities. Pluto TV "decided not to proactively inform users of…

Read more →

Read the original article: Cit0day (unverified) – 226,883,414 breached accounts In November 2020, a collection of more than 23,000 allegedly breached websites known as Cit0day were made available for download on several hacking forums. The data consisted of 226M unique…

Read more →

Read the original article: Cit0day – 226,883,414 breached accounts This post doesn’t have text content, please click on the link below to view the original article. Cit0day – 226,883,414 breached accounts   Become a supporter of IT Security News and…

Read more →

Read the original article: 123RF – 8,661,578 breached accounts This post doesn’t have text content, please click on the link below to view the original article. 123RF – 8,661,578 breached accounts   Become a supporter of IT Security News and…

Read more →

Read the original article: Home Chef – 8,815,692 breached accounts In early 2020, the food delivery service Home Chef suffered a data breach which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including…

Read more →

Read the original article: Animal Jam – 7,104,998 breached accounts In October 2020, the online game for kids Animal Jam suffered a data breach which was subsequently shared through online hacking communities the following month. The data contained 46 million…

Read more →

Read the original article: AnimalJam – 7,104,998 breached accounts This post doesn’t have text content, please click on the link below to view the original article. AnimalJam – 7,104,998 breached accounts   Become a supporter of IT Security News and…

Read more →

Read the original article: Mashable – 1,414,677 breached accounts This post doesn’t have text content, please click on the link below to view the original article. Mashable – 1,414,677 breached accounts   Become a supporter of IT Security News and…

Read more →

Read the original article: Lazada RedMart – 1,107,789 breached accounts In October 2020, news broke of Lazada RedMart data breach containing records as recent as July 2020 and being sold via an online marketplace. In all, the data contained 1.1…

Read more →

Read the original article: James – 1,541,284 breached accounts In June 2020, 14 previously undisclosed data breaches appeared for sale including the Brazilian delivery service, "James". The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations…

Read more →

Read the original article: Wongnai – 3,924,454 breached accounts In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service, Wongnai. The breach exposed almost 4M unique customer records from some…

Read more →

Read the original article: Minted – 4,418,182 breached accounts In May 2020, the online marketplace for independent artists Minted suffered a data breach that exposed 4.4M unique customer records subsequently sold on a dark web marketplace. Exposed data also included…

Read more →

Read the original article: Promofarma – 1,277,761 breached accounts This post doesn’t have text content, please click on the link below to view the original article. Promofarma – 1,277,761 breached accounts   Become a supporter of IT Security News and…

Read more →

Read the original article: StarTribune – 2,192,857 breached accounts In October 2020, the Minnesota-based news service StarTribune suffered a data breach which was subsequently sold on the dark web. The breach exposed XX unique email addresses alongside names, usernames, physical…

Read more →

Read the original article: Reincubate – 616,146 breached accounts In October 2020, the app data company Reincubate suffered a data breach which exposed a backup from November 2017 (the newest record in the data appeared several months earlier). The data…

Read more →

Read the original article: Chowbus – 444,224 breached accounts In October 2020, the Asian food delivery app Chowbus suffered a data breach which led to over 800,000 records being emailed to customers. The email contained a link to a CSV…

Read more →

Read the original article: Chowbus – 444,224 breached accounts In October 2020, the Asian food delivery app Chowbus suffered a data breach which led to over 800,000 records being emailed to customers. The email contained a link to a CSV…

Read more →

Read the original article: WiziShop – 2,856,769 breached accounts In July 2020, the French e-commerce platform WiziShop suffered a data breach. The breach exposed 18GB worth of data including names, phone numbers, dates of birth, physical and IP addresses, SHA-1…

Read more →

Read the original article: Experian (South Africa) – 1,284,637 breached accounts In August 2020, Experian South Africa suffered a data breach which exposed the personal information of tens of millions of individuals. Only 1.3M of the records contained email addresses,…

Read more →

Read the original article: Experian (South Africa) – 1,284,637 breached accounts In August 2020, Experian South Africa suffered a data breach which exposed the personal information of tens of millions of individuals. Only 1.3M of the records contained email addresses,…

Read more →

Read the original article: LiveAuctioneers – 3,385,862 breached accounts In June 2020, the online antiques marketplace LiveAuctioneers suffered a data breach which was subsequently sold online then extensively redistributed in the hacking community. The data contained 3.4 million records including…

Read more →

Read the original article: Unico Campania – 166,031 breached accounts In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively circulated. The breach contained 166k user records with email addresses and plain text passwords.…

Read more →

Read the original article: Utah Gun Exchange – 235,233 breached accounts In July 2020, the Utah Gun Exchange website suffered a data breach which included several other associated websites. In total, 235k unique email addresses were exposed before being traded…

Read more →

Read the original article: Catho – 1,173,012 breached accounts In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed for sale on a dark web marketplace. The breach included almost…

Read more →

Read the original article: Sonicbids – 751,700 breached accounts In December 2019, the booking website Sonicbids suffered a data breach which they attributed to "a data privacy event involving our third-party cloud hosting services". The breach contained 752k user records…

Read more →

Read the original article: ProctorU – 444,453 breached accounts In June 2020, the online exam service ProctorU suffered a data breach which was subsequently shared extensively across online hacking communities. The breach contained 444k user records including names, email and…

Read more →

Read the original article: Kreditplus – 768,890 breached accounts In June 2020, the Indonesian credit service Kreditplus suffered a data breach which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup,…

Read more →

Read the original article: Kreditplus – 768,890 breached accounts In June 2020, the Indonesian credit service Kreditplus suffered a data breach which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup,…

Read more →

Read the original article: TrueFire – 599,667 breached accounts In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and…

Read more →

Read the original article: 집꾸미기 – 1,298,651 breached accounts In March 2020, the Korean interior decoration website ???? (Decorating the House) suffered a data breach which impacted almost 1.3 million members. Served via the URL ggumim.co.kr, the exposed data included…

Read more →

Read the original article: Vakinha – 4,775,203 breached accounts In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and…

Read more →

Read the original article: Havenly – 1,369,180 breached accounts In June 2020, the interior design website Havenly suffered a data breach which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic…

Read more →

Read the original article: Swvl – 4,195,918 breached accounts In June 2020, the Egyptian bus operator Swvl suffered a data breach which impacted over 4 million members of the service. The exposed data included names, email addresses, phone numbers, profile…

Read more →

Read the original article: Appen – 5,888,405 breached accounts In June 2020, the AI training data company Appen suffered a data breach exposing the details of almost 5.9 million users which were subsequently sold online. Included in the breach were…

Read more →

Read the original article: Scentbird – 5,814,988 breached accounts In June 2020, the online fragrance service Scentbird suffered a data breach that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of…

Read more →

Read the original article: Chatbooks – 2,520,441 breached accounts In March 2020, the photo print service Chatbooks suffered a data breach which was subsequently put up for sale on a dark web marketplace. The breach contained 15 million user records…

Read more →

Read the original article: Dunzo – 3,465,259 breached accounts In approximately June 2019, the Indian delivery service Dunzo suffered a data breach. Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which…

Read more →

Read the original article: Drizly – 2,479,044 breached accounts In approximately July 2020, the US-based online alcohol delivery service Drizly suffered a data breach. The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses…

Read more →

Read the original article: Hurb – 20,727,771 breached accounts In approximately March 2019, the online Brazilian travel agency Hurb (formerly Hotel Urbano) suffered a data breach. The data subsequently appeared online for download the following year and included over 20…

Read more →

Read the original article: Dave – 2,964,182 breached accounts In June 2020, the digital banking app Dave suffered a data breach which exposed 7.5 million rows of data and subsequently appeared for public download on a hacking forum. The breach…

Read more →

Read the original article: Promo – 14,610,585 breached accounts In July 2020, the self-proclaimed "World’s #1 Marketing Video Maker" Promo suffered a data breach which was then shared extensively on a hacking forum. The incident exposed 22 million records containing…

Read more →

Read the original article: Wattpad – 268,765,495 breached accounts In June 2020, the user-generated stories website Wattpad suffered a huge data breach that exposed almost 270 million records. The data was initially sold then published on a public hacking forum…

Read more →

Read the original article: Quidd – 3,805,863 breached accounts In 2019, online marketplace for trading stickers, cards, toys, and other collectibles Quidd suffered a data breach. The breach exposed almost 4 million users’ email addresses, usernames and passwords stored as…

Read more →

Read the original article: Quidd – 3,805,863 breached accounts In 2019, online marketplace for trading stickers, cards, toys, and other collectibles Quidd suffered a data breach. The breach exposed almost 4 million users’ email addresses, usernames and passwords stored as…

Read more →

Read the original article: Foodora – 582,578 breached accounts In April 2016, the online food delivery service Foodora suffered a data breach which was then extensively redistributed online. The breach included the personal information of hundreds of thousands of customers…

Read more →

Read the original article: Foodora – 582,578 breached accounts In April 2016, the online food delivery service Foodora suffered a data breach which was then extensively redistributed online. The breach included the personal information of hundreds of thousands of customers…

Read more →

Read the original article: Mathway – 25,692,862 breached accounts In January 2020, the math solving website Mathway suffered a data breach that exposed over 25M records. The data was subsequently sold on a dark web marketplace and included names, Google…

Read more →

Read the original article: Zoomcar – 3,589,795 breached accounts In July 2018, the Indian self-drive car rental company Zoomcar suffered a data breach which was subsequently sold on a dark web marketplace in 2020. The breach exposed over 3.5M records…

Read more →

Read the original article: Lead Hunter – 68,693,853 breached accounts In March 2020, a massive trove of personal information referred to as "Lead Hunter" was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. The…

Read more →

Read the original article: Wishbone (2020) – 9,705,172 breached accounts In January 2020, the mobile app to "compare anything" Wishbone suffered another data breach which followed their breach from 2016. An extensive amount of personal information including almost 10M unique…

Read more →

Read the original article: Wishbone (2020) – 9,705,172 breached accounts In January 2020, the mobile app to "compare anything" Wishbone suffered another data breach which followed their breach from 2016. An extensive amount of personal information including almost 10M unique…

Read more →

Read the original article: LiveJournal – 26,372,781 breached accounts In mid-2019, news broke of an alleged LiveJournal data breach. This followed multiple reports of credential abuse against Dreamwith beginning in 2018, a fork of LiveJournal with a significant crossover in…

Read more →

Read the original article: PetFlow – 990,919 breached accounts In December 2017, the pet care delivery service PetFlow suffered a data breach which consequently appeared for sale on a dark web marketplace. Almost 1M accounts were impacted and exposed email…

Read more →

Read the original article: Artsy – 1,079,970 breached accounts In April 2018, the online arts database Artsy suffered a data breach which consequently appeared for sale on a dark web marketplace. Over 1M accounts were impacted and included IP and…

Read more →

Read the original article: Lifebear – 3,670,561 breached accounts In early 2019, the Japanese schedule app Lifebear appeared for sale on a dark web marketplace amongst a raft of other hacked websites. The breach exposed almost 3.7M unique email addresses,…

Read more →

Read the original article: Nulled.ch – 43,491 breached accounts In May 2020, the hacking forum Nulled.ch was breached and the data published to a rival hacking forum. Over 43k records were compromised and included IP and email addresses, usernames and…

Read more →

Read the original article: Covve – 22,802,117 breached accounts In February 2020, a massive trove of personal information referred to as "db8151dd" was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. Later identified as…

Read more →

Read the original article: db8151dd – 22,802,117 breached accounts In February 2020, a massive trove of personal information referred to as "db8151dd" was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. The exposed data…

Read more →

Read the original article: Ulmon – 777,769 breached accounts In January 2020, the travel app creator Ulmon suffered a data breach. The service had almost 1.3M records with 777k unique email addresses, names, passwords stored as bcrypt hashes and in…

Read more →

Read the original article: Elanic – 2,325,283 breached accounts In January 2020, the Indian fashion marketplace Elanic had 2.8M records with 2.3M unique email addresses posted publicly to a popular hacking forum. Elanic confirmed that they had "verified the data…

Read more →

Read the original article: Elanic – 2,325,283 breached accounts In January 2020, the Indian fashion marketplace Elanic had 2.8M records with 2.3M unique email addresses posted publicly to a popular hacking forum. Elanic confirmed that they had "verified the data…

Read more →