Here’s an overview of the various breaches that have been consolidated into this Have I Been Pwned.These are accessible programmatically via the HIBP API and also via the RSS feed.
In approximately March 2015, the free web hosting provider 000webhost suffered a major data breach that exposed almost 15 million customer records.The data was sold and traded before 000webhost was alerted in October.The breach included names, email addresses and plain text passwords.
Breach date: 1 March 2015
Date added to HIBP: 26 October 2015
Compromised accounts: 14,936,670
Compromised data: Email addresses, IP addresses, Names, Passwords
Permalink
In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online.The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes.
The data was provided to HIBP by dehashed.com.
Breach date: 22 March 2020
Date added to HIBP: 15 November 2020
Compromised accounts: 8,661,578
Compromised data: Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
Permalink
In approximately 2012, it’s alleged that the Chinese email service known as 126 suffered a data breach that impacted 6.4 million subscribers.Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.The data in the breach contains email addresses and plain text passwords.
Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 1 January 2012
Date added to HIBP: 8 October 2016
Compromised accounts: 6,414,191
Compromised data: Email addresses, Passwords
Permalink
In April 2016, customer data obtained from the streaming app known as “17” appeared listed for sale on a Tor hidden service marketplace.The data contained over 4 million unique email addresses along with IP addresses, usernames and passwords stored as unsalted MD5 hashes.
Breach date: 19 April 2016
Date added to HIBP: 8 July 2016
Compromised accounts: 4,009,640
Compromised data: Device information, Email addresses, IP addresses, Passwords, Usernames
Permalink
In late 2011, a series of data breaches in China affected up to 100 million users, including 7.5 million from the gaming site known as 17173.Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from dehashed.com.Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 28 December 2011
Date added to HIBP: 28 April 2018
Compromised accounts: 7,485,802
Compromised data: Email addresses, Passwords, Usernames
Permalink
In February 2018, a massive collection of almost 3,000 alleged data breaches was found online.Whilst some of the data had previously been seen in Have I Been Pwned, 2,844 of the files consisting of more than 80 million unique email addresses had not previously been seen.Each file contained both an email address and plain text password and were consequently loaded as a single “unverified” data breach.
Breach date: 19 February 2018
Date added to HIBP: 26 February 2018
Compromised accounts: 80,115,532
Compromised data: Email addresses, Passwords
Permalink
In December 2017, the Belgian motorcycle forum 2fast4u discovered a data breach of their system.The breach of the vBulletin message board impacted over 17k individual users and exposed email addresses, usersnames and salted MD5 passwords.
Breach date: 20 December 2017
Date added to HIBP: 7 January 2018
Compromised accounts: 17,706
Compromised data: Email addresses, Passwords, Usernames
Permalink
In mid-2018, the online photography community 500px suffered a data breach.
The incident exposed almost 15 million unique email addresses alongside names, usernames, genders, dates of birth and either an MD5 or bcrypt password hash.In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
The data was provided to HIBP by a source who requested it to be attributed to “[email protected]”.
Breach date: 5 July 2018
Date added to HIBP: 25 March 2019
Compromised accounts: 14,867,999
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Usernames
Permalink
In approximately 2011, it’s alleged that the Chinese gaming site known as 7k7k suffered a data breach that impacted 9.1 million subscribers.Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.
The data in the breach contains usernames, email addresses and plain text passwords.Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 1 January 2011
Date added to HIBP: 26 September 2017
Compromised accounts: 9,121,434
Compromised data: Email addresses, Passwords, Usernames
Permalink
In July 2018, the health and fitness service 8fit suffered a data breach.The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes.The data was provided to HIBP by dehashed.com.
Breach date: 1 July 2018
Date added to HIBP: 21 March 2019
Compromised accounts: 15,025,407
Compromised data: Email addresses, Genders, Geographic locations, IP addresses, Names, Passwords
Permalink
In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts.
In their disclosure, 8Tracks advised that “the vector for the attack was an employee’s GitHub account, which was not secured using two-factor authentication”.Salted SHA-1 password hashes for users who didn’t sign up with either Google or Facebook authentication were also included.The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses.The complete set of 18M records was later provided by [email protected] and updated in HIBP accordingly.
Breach date: 27 June 2017
Date added to HIBP: 16 February 2018
Compromised accounts: 17,979,961
Compromised data: Email addresses, Passwords
Permalink
In November 2015, the gaming website dedicated to classic DOS games Abandonia suffered a data breach resulting in the exposure of 776k unique user records.The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.
Breach date: 1 November 2015
Date added to HIBP: 5 June 2017
Compromised accounts: 776,125
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In November 2022, the gaming website dedicated to classic DOS games Abandonia suffered a data breach resulting in the exposure of 920k unique user records.This breach was in addition to another one 7 years earlier in 2015.The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.
Breach date: 15 November 2022
Date added to HIBP: 7 December 2022
Compromised accounts: 919,790
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In 2016, the site dedicated to helping people hack email and online gaming accounts known as Abusewith.us suffered multiple data breaches.The site allegedly had an administrator in common with the nefarious LeakedSource site, both of which have since been shut down.
The exposed data included more than 1.3 million unique email addresses, often accompanied by usernames, IP addresses and plain text or hashed passwords retrieved from various sources and intended to be used to compromise the victims’ accounts.
Breach date: 1 July 2016
Date added to HIBP: 9 October 2017
Compromised accounts: 1,372,550
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In November 2014, the acne website acne.org suffered a data breach that exposed over 430k forum members’ accounts.The data was being actively traded on underground forums and included email addresses, birth dates and passwords.
Breach date: 25 November 2014
Date added to HIBP: 6 March 2016
Compromised accounts: 432,943
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
Permalink
In October 2021, security researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN and FreeVPN.The exposed data included 1.6 million unique email addresses along with IP addresses and password hashes, all of which were subsequently leaked on a popular hacking forum.Although usage of the service was verified by HIBP subscribers, ActMobile denied the data was sourced from them and the breach has subsequently been flagged as “unverified”.
Breach date: 8 October 2021
Date added to HIBP: 9 November 2021
Compromised accounts: 1,583,193
Compromised data: Email addresses, IP addresses
Permalink
In November 2018, security researcher Bob Diachenko identified an unprotected database hosted by data aggregator “Adapt”.
A provider of “Fresh Quality Contacts”, the service exposed over 9.3M unique records of individuals and employer information including their names, employers, job titles, contact information and data relating to the employer including organisation description, size and revenue.No response was received from Adapt when contacted.
Breach date: 5 November 2018
Date added to HIBP: 22 November 2018
Compromised accounts: 9,363,740
Compromised data: Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses, Social media profiles
Permalink
In March 2021, news broke of a massive data breach impacting millions of Adecco customers in South America which was subsequently sold on a popular hacking forum.The breach exposed over 4M unique email addresses as well as genders, dates of birth, marital statuses, phone numbers and passwords stored as bcrypt hashes.
Breach date: 3 January 2021
Date added to HIBP: 31 May 2022
Compromised accounts: 4,284,538
Compromised data: Email addresses, Genders, Geographic locations, Marital statuses, Names, Passwords, Phone numbers
Permalink
In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed.The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next month.
The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes.Employee data was also dumped publicly and included salary grades, marital statuses and religions.
The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 1 December 2021
Date added to HIBP: 15 January 2022
Compromised accounts: 5,470,063
Compromised data: Email addresses, Genders, Income levels, Job titles, Marital statuses, Names, Passwords, Phone numbers, Physical addresses, Purchases, Religions, Salutations
Permalink
In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text.The password cryptography was poorly done and many were quickly resolved back to plain text.
The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced.
Breach date: 4 October 2013
Date added to HIBP: 4 December 2013
Compromised accounts: 152,445,165
Compromised data: Email addresses, Password hints, Passwords, Usernames
Permalink
In May 2015, the adult hookup site Adult FriendFinder was hacked and nearly 4 million records dumped publicly.The data dump included extremely sensitive personal information about individuals and their relationship statuses and sexual preferences combined with personally identifiable information.
Breach date: 21 May 2015
Date added to HIBP: 22 May 2015
Compromised accounts: 3,867,997
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Races, Relationship statuses, Sexual orientations, Spoken languages, Usernames
Permalink
In October 2016, the adult entertainment company Friend Finder Networks suffered a massive data breach.The incident impacted multiple separate online assets owned by the company, the largest of which was the Adult FriendFinder website alleged to be “the world’s largest sex & swinger community”.Exposed data included usernames, passwords stored as SHA-1 hashes and 170 million unique email addresses.This incident is separate to the 2015 data breach Adult FriendFinder also suffered.
The data was provided to HIBP by dehashed.com.
Breach date: 16 October 2016
Date added to HIBP: 6 February 2020
Compromised accounts: 169,746,810
Compromised data: Email addresses, Passwords, Spoken languages, Usernames
Permalink
In May 2018, the website for sharing adult-orientated works of fiction known as Adult-FanFiction.Org had 186k records exposed in a data breach.The data contained names, email addresses, dates of birth and passwords stored as both MD5 hashes and plain text.AFF did not respond when contacted about the breach and the site was previously reported as compromised on the Vigilante.pw breached database directory.
Breach date: 30 May 2018
Date added to HIBP: 6 August 2018
Compromised accounts: 186,082
Compromised data: Dates of birth, Email addresses, Names, Passwords
Permalink
In April 2018, the ad management platform known as AerServ suffered a data breach.Acquired by InMobi earlier in the year, the AerServ breach impacted over 66k unique email addresses and also included contact information and passwords stored as salted SHA-512 hashes.The data was publicly posted to Twitter later in 2018 after which InMobi was notified and advised they were aware of the incident.
Breach date: 1 April 2018
Date added to HIBP: 6 December 2018
Compromised accounts: 66,308
Compromised data: Email addresses, Employers, Job titles, Names, Passwords, Phone numbers, Physical addresses
Permalink
In September 2019, Polish torrent site AgusiQ-Torrents.pl suffered a data breach.The incident exposed 90k member records including email and IP addresses, usernames and passwords stored as MD5 hashes.
Breach date: 24 September 2019
Date added to HIBP: 4 December 2019
Compromised accounts: 90,478
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In May 2013, the torrent site AhaShare.com suffered a breach which resulted in more than 180k user accounts being published publicly.The breach included a raft of personal information on registered users plus despite assertions of not distributing personally identifiable information, the site also leaked the IP addresses used by the registered identities.
Breach date: 30 May 2013
Date added to HIBP: 6 November 2014
Compromised accounts: 180,468
Compromised data: Email addresses, Genders, Geographic locations, IP addresses, Partial dates of birth, Passwords, Usernames, Website activity
Permalink
In December 2017, the virtual keyboard application ai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance.
Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts.The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.
Breach date: 5 December 2017
Date added to HIBP: 8 December 2017
Compromised accounts: 20,580,060
Compromised data: Address book contacts, Apps installed on devices, Cellular network names, Dates of birth, Device information, Email addresses, Genders, Geographic locations, IMEI numbers, IMSI numbers, IP addresses, Names, Phone numbers, Profile photos, Social media profiles
Permalink
In mid-2019, the video game cheats website “Aimware” suffered a data breach that exposed hundreds of thousands of subscribers’ personal information.Data included email and IP addresses, usernames, forum posts, private messages, website activity and passwords stored as salted MD5 hashes.The data was provided to HIBP by a source who requested it be attributed to “clerk/anthrax/soontoberichh”.
Breach date: 28 April 2019
Date added to HIBP: 2 May 2022
Compromised accounts: 305,470
Compromised data: Email addresses, IP addresses, Passwords, Private messages, Usernames, Website activity
Permalink
In September 2016, data allegedly obtained from the Chinese gaming website known as Aipai.com and containing 6.5M accounts was leaked online.
Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.The data in the breach contains email addresses and MD5 password hashes.Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 27 September 2016
Date added to HIBP: 7 November 2016
Compromised accounts: 6,496,778
Compromised data: Email addresses, Passwords
Permalink
In September 2021, the Thai-based English language teaching website Ajarn discovered they’d been the victim of a data breach dating back to December 2018.
The breach was self-submitted to HIBP and included 266k email addresses, names, genders, phone numbers and other personal information.
Hashed passwords were also impacted in the breach.
Breach date: 13 December 2018
Date added to HIBP: 26 September 2021
Compromised accounts: 266,399
Compromised data: Dates of birth, Education levels, Email addresses, Genders, Geographic locations, Job applications, Marital statuses, Names, Nationalities, Passwords, Phone numbers, Profile photos
Permalink
In July 2016, a hacker known as Phineas Fisher hacked Turkey’s ruling party (Justice and Development Party or “AKP”) and gained access to 300k emails.The full contents of the emails were subsequently published by WikiLeaks and made searchable.HIBP identified over 917k unique email address patterns in the data set, including message IDs and a number of other non-user addresses.
Breach date: 19 July 2016
Date added to HIBP: 1 October 2017
Compromised accounts: 917,461
Compromised data: Email addresses, Email messages
Permalink
In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack.Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.
Breach date: 16 May 2022
Date added to HIBP: 25 May 2022
Compromised accounts: 108,940
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In November 2015, an Ancestry service known as RootsWeb suffered a data breach.The breach was not discovered until late 2017 when a file containing almost 300k email addresses and plain text passwords was identified.
Breach date: 7 November 2015
Date added to HIBP: 24 December 2017
Compromised accounts: 297,806
Compromised data: Email addresses, Passwords
Permalink
In October 2011, the Android Forums website was hacked and 745k user accounts were subsequently leaked publicly.The compromised data included email addresses, user birth dates and passwords stored as a salted MD5 hash.
Breach date: 30 October 2011
Date added to HIBP: 20 December 2015
Compromised accounts: 745,355
Compromised data: Dates of birth, Email addresses, Homepage URLs, Instant messenger identities, IP addresses, Passwords
Permalink
In October 2020, the online game for kids Animal Jam suffered a data breach which was subsequently shared through online hacking communities the following month.
The data contained 46 million user accounts with over 7 million unique email addresses.Impacted data also included usernames, IP addresses and for some records, dates of birth (sometimes in partial form), physical addresses, parent names and passwords stored as PBKDF2 hashes.
Breach date: 12 October 2020
Date added to HIBP: 12 November 2020
Compromised accounts: 7,104,998
Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Physical addresses, Usernames
Permalink
In February 2020, the gaming website AnimeGame suffered a data breach.
The incident affected 1.4M subscribers and exposed email addresses, usernames and passwords stored as salted MD5 hashes.The data was subsequently shared on a popular hacking forum and was provided to HIBP by dehashed.com.
Breach date: 27 February 2020
Date added to HIBP: 9 March 2020
Compromised accounts: 1,431,378
Compromised data: Email addresses, Passwords, Usernames
Permalink
In approximately 2016, the anime website Anime-Planet suffered a data breach that impacted 369k subscribers.The exposed data included usernames, IP and email addresses, dates of birth and passwords stored as unsalted MD5 hashes and for newer accounts, bcrypt hashes.
The data was provided to HIBP by dehashed.com.
Breach date: 1 January 2016
Date added to HIBP: 28 July 2019
Compromised accounts: 368,507
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
Permalink
In July 2018, the cloud-based video making service Animoto suffered a data breach.
The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 10 July 2018
Date added to HIBP: 18 July 2019
Compromised accounts: 22,437,749
Compromised data: Dates of birth, Email addresses, Geographic locations, Names, Passwords
Permalink
In December 2016, a huge list of email address and password pairs appeared in a “combo list” referred to as “Anti Public”.The list contained 458 million unique email addresses, many with multiple different passwords hacked from various online systems.The list was broadly circulated and used for “credential stuffing”, that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password.
For detailed background on this incident, read Password reuse, credential stuffing and another billion records in Have I Been Pwned.
Breach date: 16 December 2016
Date added to HIBP: 4 May 2017
Compromised accounts: 457,962,538
Compromised data: Email addresses, Passwords
Permalink
In July 2018, the sales engagement startup Apollo left a database containing billions of data points publicly exposed without a password.The data was discovered by security researcher Vinny Troia who subsequently sent a subset of the data containing 126 million unique email addresses to Have I Been Pwned.The data left exposed by Apollo was used in their “revenue acceleration platform” and included personal information such as names and email addresses as well as professional information including places of employment, the roles people hold and where they’re located.Apollo stressed that the exposed data did not include sensitive information such as passwords, social security numbers or financial data.The Apollo website has a contact form for those looking to get in touch with the organisation.
Breach date: 23 July 2018
Date added to HIBP: 5 October 2018
Compromised accounts: 125,929,660
Compromised data: Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Salutations, Social media profiles
Permalink
In March 2017, the French Flatsharing site known as Appartoo suffered a data breach.The incident exposed an extensive amount of personal information on almost 50k members including email addresses, genders, ages, private messages sent between users of the service and passwords stored as SHA-256 hashes.Appartoo advised that all subscribers were notified of the incident in early 2017.
Breach date: 25 March 2017
Date added to HIBP: 2 May 2019
Compromised accounts: 49,681
Compromised data: Ages, Auth tokens, Email addresses, Employment statuses, Genders, IP addresses, Marital statuses, Names, Passwords, Physical addresses, Private messages, Social media profiles
Permalink
In June 2020, the AI training data company Appen suffered a data breach exposing the details of almost 5.9 million users which were subsequently sold online.Included in the breach were names, email addresses and passwords stored as bcrypt hashes.
Some records also contained phone numbers, employers and IP addresses.The data was provided to HIBP by dehashed.com.
Breach date: 22 June 2020
Date added to HIBP: 30 July 2020
Compromised accounts: 5,888,405
Compromised data: Email addresses, Employers, IP addresses, Names, Passwords, Phone numbers
Permalink
In April 2020, the independent Android app store Aptoide suffered a data breach.
The incident resulted in the exposure of 20M customer records which were subsequently shared online via a popular hacking forum.Impacted data included email and IP addresses, names, IP addresses and passwords stored as SHA-1 hashes without a salt.
Breach date: 13 April 2020
Date added to HIBP: 19 April 2020
Compromised accounts: 20,012,235
Compromised data: Browser user agent details, Email addresses, IP addresses, Names, Passwords
Permalink
In January 2019, the game portal website Armor Games suffered a data breach.A total of 10.6 million email addresses were impacted by the breach which also exposed usernames, IP addresses, birthdays of administrator accounts and passwords stored as salted SHA-1 hashes.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 1 January 2019
Date added to HIBP: 20 July 2019
Compromised accounts: 10,604,307
Compromised data: Bios, Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Passwords, Usernames
Permalink
In May 2016, the online gaming site Army Force Online suffered a data breach that exposed 1.5M accounts.The breached data was found being regularly traded online and included usernames, email and IP addresses and MD5 passwords.
Breach date: 18 May 2016
Date added to HIBP: 10 November 2016
Compromised accounts: 1,531,235
Compromised data: Avatars, Email addresses, Geographic locations, IP addresses, Names, Passwords, Usernames, Website activity
Permalink
In April 2018, the online arts database Artsy suffered a data breach which consequently appeared for sale on a dark web marketplace.Over 1M accounts were impacted and included IP and email addresses, names and passwords stored as salted SHA-512 hashes.
The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 1 April 2018
Date added to HIBP: 25 May 2020
Compromised accounts: 1,079,970
Compromised data: Email addresses, IP addresses, Names, Passwords
Permalink
In June 2019, the France-based art valuation website Artvalue.com left their 158k member subscriber base publicly exposed in a text file on their website.The exposed data included names, usernames, email addresses and passwords stored as MD5 hashes.
The site operator did not respond when contacted about the incident, although the exposed file was subsequently removed.
Breach date: 19 June 2019
Date added to HIBP: 19 July 2019
Compromised accounts: 157,692
Compromised data: Email addresses, Names, Passwords, Salutations, Usernames
Permalink
In July 2015, the infidelity website Ashley Madison suffered a serious data breach.The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down.One month later, the database was dumped including more than 30M unique email addresses.This breach has been classed as “sensitive” and is not publicly searchable, although individuals may discover if they’ve been impacted by registering for notifications.Read about this approach in detail.
Breach date: 19 July 2015
Date added to HIBP: 18 August 2015
Compromised accounts: 30,811,934
Compromised data: Dates of birth, Email addresses, Ethnicities, Genders, Names, Passwords, Payment histories, Phone numbers, Physical addresses, Security questions and answers, Sexual orientations, Usernames, Website activity
Permalink
In December 2013, the vBulletin forum for the social engineering site known as “AstroPID” was breached and leaked publicly.The site provided tips on fraudulently obtaining goods and services, often by providing a legitimate “PID” or Product Information Description.The breach resulted in nearly 6k user accounts and over 220k private messages between forum members being exposed.
Breach date: 19 December 2013
Date added to HIBP: 6 July 2014
Compromised accounts: 5,788
Compromised data: Email addresses, Instant messenger identities, IP addresses, Names, Passwords, Private messages, Usernames, Website activity
Permalink
In December 2015, the service for creating and running free Minecraft servers known as Aternos suffered a data breach that impacted 1.4 million subscribers.
The data included usernames, email and IP addresses and hashed passwords.
Breach date: 6 December 2015
Date added to HIBP: 1 October 2016
Compromised accounts: 1,436,486
Compromised data: Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
In August 2018, the cryptocurrency investment platform Atlas Quantum suffered a data breach.The breach leaked the personal data of 261k investors on the platform including their names, phone numbers, email addresses and account balances.
Breach date: 25 August 2018
Date added to HIBP: 27 August 2018
Compromised accounts: 261,463
Compromised data: Account balances, Email addresses, Names, Phone numbers
Permalink
In August 2019, Audi USA suffered a data breach after a vendor left data unsecured and exposed on the internet.The data contained 2.7M unique email addresses along with names, phone numbers, physical addresses and vehicle information including VIN.In a disclosure statement from Audi, they also advised some customers had driver’s licenses, dates of birth, social security numbers and other personal information exposed.
Breach date: 14 August 2019
Date added to HIBP: 23 July 2021
Compromised accounts: 2,743,539
Compromised data: Dates of birth, Driver’s licenses, Email addresses, Names, Phone numbers, Physical addresses, Social security numbers, Vehicle details
Permalink
In February 2018, data belonging to the Polish motoring website autocentrum.pl was found online.The data contained 144k email addresses and plain text passwords.
Breach date: 4 February 2018
Date added to HIBP: 9 February 2018
Compromised accounts: 143,717
Compromised data: Email addresses, Passwords
Permalink
In May 2014, the Avast anti-virus forum was hacked and 423k member records were exposed.The Simple Machines Based forum included usernames, emails and password hashes.
Breach date: 26 May 2014
Date added to HIBP: 12 March 2016
Compromised accounts: 422,959
Compromised data: Email addresses, Passwords, Usernames
Permalink
In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum and used in an extortion scam (it’s possible the exposure dates back earlier than that).The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords.
Multiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified with common Avvo and HIBP subscribers.
Breach date: 17 December 2019
Date added to HIBP: 15 April 2022
Compromised accounts: 4,101,101
Compromised data: Email addresses, Passwords
Permalink
In mid-2017, a spam list of over 105 million individuals in corporate America was discovered online.Referred to as “B2B USA Businesses”, the list categorised email addresses by employer, providing information on individuals’ job titles plus their work phone numbers and physical addresses.Read more about spam lists in HIBP.
Breach date: 18 July 2017
Date added to HIBP: 18 July 2017
Compromised accounts: 105,059,554
Compromised data: Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses
Permalink
In approximately 2008, the site to help parents name their children known as Baby Names suffered a data breach.
The incident exposed 846k email addresses and passwords stored as salted MD5 hashes.When contacted in October 2018, Baby Names advised that “the breach happened at least ten years ago” and that members were notified at the time.
Breach date: 24 October 2008
Date added to HIBP: 24 October 2018
Compromised accounts: 846,742
Compromised data: Email addresses, Passwords
Permalink
In June 2016, a data breach allegedly originating from the social website Badoo was found to be circulating amongst traders.Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes.Whilst there are many indicators suggesting Badoo did indeed suffer a data breach, the legitimacy of the data could not be emphatically proven so this breach has been categorised as “unverified”.
Breach date: 1 June 2013
Date added to HIBP: 6 July 2016
Compromised accounts: 112,005,531
Compromised data: Dates of birth, Email addresses, Genders, Names, Passwords, Usernames
Permalink
In approximately December 2018, the online ad platform BannerBit suffered a data breach.Containing 213k unique email addresses and plain text passwords, the data was provided to HIBP by a third party.
Multiple attempts were made to contact BannerBit, but no response was received.
Breach date: 29 December 2018
Date added to HIBP: 8 January 2019
Compromised accounts: 213,415
Compromised data: Email addresses, Passwords
Permalink
In August 2022, millions of records from Mexican bank “Banorte” were publicly dumped on a popular hacking forum including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances.Banorte have stated that the data is “outdated”, although have not yet indicated how far back it dates to.Anecdotal feedback from HIBP subscribers suggests the data may date back 8 years to 2014.
Breach date: 18 August 2014
Date added to HIBP: 18 August 2022
Compromised accounts: 2,107,000
Compromised data: Account balances, Email addresses, Genders, Government issued IDs, Names, Phone numbers, Physical addresses
Permalink
In June 2011 as part of a final breached data dump, the hacker collective “LulzSec” obtained and released over half a million usernames and passwords from the game Battlefield Heroes.The passwords were stored as MD5 hashes with no salt and many were easily converted back to their plain text versions.
Breach date: 26 June 2011
Date added to HIBP: 23 January 2014
Compromised accounts: 530,270
Compromised data: Passwords, Usernames
Permalink
In January 2016, the esports website Battlefy suffered a data breach that exposed 83k customer records.The impacted data included email addresses, usernames and passwords stored as bcrypt hashes.
Breach date: 11 January 2016
Date added to HIBP: 29 July 2022
Compromised accounts: 83,610
Compromised data: Email addresses, Passwords, Usernames
Permalink
In November 2015, the dating website Beautiful People was hacked and over 1.1M accounts were leaked.The data was being traded in underground circles and included a huge amount of personal information related to dating.
Breach date: 11 November 2015
Date added to HIBP: 25 April 2016
Compromised accounts: 1,100,089
Compromised data: Beauty ratings, Car ownership statuses, Dates of birth, Drinking habits, Education levels, Email addresses, Genders, Geographic locations, Home ownership statuses, Income levels, IP addresses, Job titles, Names, Passwords, Personal descriptions, Personal interests, Physical attributes, Sexual orientations, Smoking habits, Website activity
Permalink
In February 2014, Bell Canada suffered a data breach via the hacker collective known as NullCrew.The breach included data from multiple locations within Bell and exposed email addresses, usernames, user preferences and a number of unencrypted passwords and credit card data from 40,000 records containing just over 20,000 unique email addresses and usernames.
Breach date: 1 February 2014
Date added to HIBP: 1 February 2014
Compromised accounts: 20,902
Compromised data: Credit cards, Genders, Passwords, Usernames
Permalink
In May 2017, the Bell telecommunications company in Canada suffered a data breach resulting in the exposure of millions of customer records.The data was consequently leaked online with a message from the attacker stating that they were “releasing a significant portion of Bell.ca’s data due to the fact that they have failed to cooperate with us” and included a threat to leak more.
The impacted data included over 2 million unique email addresses and 153k survey results dating back to 2011 and 2012.There were also 162 Bell employee records with more comprehensive personal data including names, phone numbers and plain text “passcodes”.Bell suffered another breach in 2014 which exposed 40k records.
Breach date: 15 May 2017
Date added to HIBP: 16 May 2017
Compromised accounts: 2,231,256
Compromised data: Email addresses, Geographic locations, IP addresses, Job titles, Names, Passwords, Phone numbers, Spoken languages, Survey results, Usernames
Permalink
In November 2019, the Serbian technology news website Benchmark suffered a breach of its forum that exposed 93k customer records.The breach exposed IP and email addresses, usernames and passwords stored as salted MD5 hashes.
A forum administrator subsequently advised that the breach was due to the forum previously running on an outdated vBulletin instance.
The data was provided to HIBP by a source who requested it be attributed to “ZAN @ BF”.
Breach date: 1 November 2019
Date added to HIBP: 1 January 2023
Compromised accounts: 93,343
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In March 2018, the animal bestiality website known as Bestialitysextaboo was hacked.A collection of various sites running on the same service were also compromised and details of the hack (including links to the data) were posted on a popular forum.In all, more than 3.2k unique email addresses were included alongside usernames, IP addresses, dates of birth, genders and bcrypt hashes of passwords.
Breach date: 19 March 2018
Date added to HIBP: 29 March 2018
Compromised accounts: 3,204
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Passwords, Private messages, Usernames
Permalink
In early 2020, the Indonesian consumer electronics website Bhinneka suffered a data breach that exposed almost 1.3M customer records.The data included email and physical addresses, names, genders, dates of birth, phone numbers and salted password hashes.
Breach date: 27 January 2020
Date added to HIBP: 6 October 2022
Compromised accounts: 1,274,340
Compromised data: Dates of birth, Email addresses, Genders, Names, Passwords, Phone numbers, Physical addresses
Permalink
In October 2020, the Indian grocery platform bigbasket suffered a data breach that exposed over 20 million customer records.The data was originally sold before being leaked publicly in April the following year and included email, IP and physical addresses, names, phones numbers, dates of birth passwords stored as Django(SHA-1) hashes.
Breach date: 14 October 2020
Date added to HIBP: 26 April 2021
Compromised accounts: 24,500,011
Compromised data: Dates of birth, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In April 2014, the job site bigmoneyjobs.com was hacked by an attacker known as “ProbablyOnion”.The attack resulted in the exposure of over 36,000 user accounts including email addresses, usernames and passwords which were stored in plain text.The attack was allegedly mounted by exploiting a SQL injection vulnerability.
Breach date: 3 April 2014
Date added to HIBP: 8 April 2014
Compromised accounts: 36,789
Compromised data: Career levels, Education levels, Email addresses, Names, Passwords, Phone numbers, Physical addresses, Salutations, User website URLs, Website activity
Permalink
In September 2014, the online game Bin Weevils suffered a data breach.
Whilst originally stating that only usernames and passwords had been exposed, a subsequent story on DataBreaches.net indicated that a more extensive set of personal attributes were impacted (comments there also suggest the data may have come from a later breach).Data matching that pattern was later provided to Have I Been Pwned by @akshayindia6 and included almost 1.3m unique email addresses, genders, ages and plain text passwords.
Breach date: 1 September 2014
Date added to HIBP: 18 August 2017
Compromised accounts: 1,287,073
Compromised data: Ages, Email addresses, Genders, IP addresses, Passwords, Usernames
Permalink
In December 2016, the forum for the biohacking website Biohack.me suffered a data breach that exposed 3.4k accounts.The data included usernames, email addresses and hashed passwords along with the private messages of forum members.The data was self-submitted to HIBP by the Biohack.me operators.
Breach date: 2 December 2016
Date added to HIBP: 23 August 2017
Compromised accounts: 3,402
Compromised data: Email addresses, Passwords, Private messages, Usernames
Permalink
In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum.
Whilst commonly reported as 5M “Gmail passwords”, the dump also contained 123k yandex.ru addresses.Whilst the origin of the breach remains unclear, the breached credentials were confirmed by multiple source as correct, albeit a number of years old.
Breach date: 9 January 2014
Date added to HIBP: 10 September 2014
Compromised accounts: 4,789,599
Compromised data: Email addresses, Passwords
Permalink
In May 2015, the Bitcoin forum Bitcoin Talk was hacked and over 500k unique email addresses were exposed.The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.
Breach date: 22 May 2015
Date added to HIBP: 27 March 2017
Compromised accounts: 501,407
Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Passwords, Security questions and answers, Usernames, Website activity
Permalink
In May 2014, the link management company Bitly announced they’d suffered a data breach.
The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.
Breach date: 8 May 2014
Date added to HIBP: 6 October 2017
Compromised accounts: 9,313,136
Compromised data: Email addresses, Passwords, Usernames
Permalink
In January 2016, the forum for the popular torrent software BitTorrent was hacked.The IP.Board based forum stored passwords as weak SHA1 salted hashes and the breached data also included usernames, email and IP addresses.
Breach date: 1 January 2016
Date added to HIBP: 8 June 2016
Compromised accounts: 34,235
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In June 2014, the search engine optimisation forum Black Hat World had three quarters of a million accounts breached from their system.The breach included various personally identifiable attributes which were publicly released in a MySQL database script.
Breach date: 23 June 2014
Date added to HIBP: 3 November 2015
Compromised accounts: 777,387
Compromised data: Dates of birth, Email addresses, Instant messenger identities, IP addresses, Passwords, Usernames, Website activity
Permalink
In May 2022, the Chinese BlackBerry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member records.
The impacted data included usernames, email and IP addresses and passwords stored as salted MD5 hashes.
Breach date: 6 May 2022
Date added to HIBP: 16 May 2022
Compromised accounts: 174,168
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In July 2019, the hacking website BlackSpigotMC suffered a data breach.The XenForo forum based site was allegedly compromised by a rival hacking website and resulted in 8.5GB of data being leaked including the database and website itself.The exposed data included 140k unique email addresses, usernames, IP addresses, genders, geographic locations and passwords stored as bcrypt hashes.
Breach date: 14 July 2019
Date added to HIBP: 17 July 2019
Compromised accounts: 140,029
Compromised data: Device information, Email addresses, Genders, Geographic locations, IP addresses, Passwords, Usernames
Permalink
In December 2018, the Town of Salem website produced by BlankMediaGames suffered a data breach.Reported to HIBP by DeHashed, the data contained 7.6M unique user email addresses alongside usernames, IP addresses, purchase histories and passwords stored as phpass hashes.DeHashed made multiple attempts to contact BlankMediaGames over various channels and many days but had yet to receive a response at the time of publishing.
Breach date: 28 December 2018
Date added to HIBP: 2 January 2019
Compromised accounts: 7,633,234
Compromised data: Browser user agent details, Email addresses, IP addresses, Passwords, Purchases, Usernames, Website activity
Permalink
In approximately March 2017, the file sharing website Bolt suffered a data breach resulting in the exposure of 995k unique user records.
The data was sourced from their vBulletin forum and contained email and IP addresses, usernames and salted MD5 password hashes.
The site was previously reported as compromised on the Vigilante.pw breached database directory.
Breach date: 1 March 2017
Date added to HIBP: 24 November 2017
Compromised accounts: 995,274
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In December 2018, the Slovak website for watching movies online for free Bombuj.eu suffered a data breach.The incident exposed over 575k unique email addresses and passwords stored as unsalted MD5 hashes.No response was received from Bombuj.eu when contacted about the incident.
Breach date: 7 December 2018
Date added to HIBP: 10 December 2018
Compromised accounts: 575,437
Compromised data: Email addresses, Passwords
Permalink
In August 2020, the clothing store Bonobos suffered a data breach that exposed almost 70GB of data containing 2.8 million unique email addresses.The breach also exposed names, physical and IP addresses, phone numbers, order histories and passwords stored as salted SHA-512 hashes, including historical passwords.
The breach also exposed partial credit card data including card type, the name on the card, expiry date and the last 4 digits of the card.The data was provided to HIBP by dehashed.com.
Breach date: 14 August 2020
Date added to HIBP: 31 January 2021
Compromised accounts: 2,811,929
Compromised data: Email addresses, Historical passwords, IP addresses, Names, Partial credit card data, Passwords, Phone numbers, Physical addresses, Purchases
Permalink
In January 2021, the Indian book trading website Bookchor suffered a data breach that exposed half a million customer records.
The exposed data included email and IP addresses, names, genders, dates of birth, phone numbers and passwords stored as unsalted MD5 hashes.The data was subsequently traded on a popular hacking forum.
Breach date: 28 January 2021
Date added to HIBP: 3 July 2022
Compromised accounts: 498,297
Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Social media profiles
Permalink
In mid-2018, the social ebook subscription service Bookmate was among a raft of sites that were breached and their data then sold in early-2019.The data included almost 4 million unique email addresses alongside names, genders, dates of birth and passwords stored as salted SHA-512 hashes.
The data was provided to HIBP by a source who requested it to be attributed to “[email protected]”.
Breach date: 8 July 2018
Date added to HIBP: 22 March 2019
Compromised accounts: 3,830,916
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Usernames
Permalink
In November 2014, the forum for Bot of Legends suffered a data breach.The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.
Breach date: 13 November 2014
Date added to HIBP: 27 December 2016
Compromised accounts: 238,373
Compromised data: Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
In January 2021, the French travel company Bourse des Vols suffered a data breach that exposed 1.46M unique email addresses across more than 1.2k .sql files and over 9GB of data.The impacted data exposed personal information and travel histories including names, phone numbers, IP and physical addresses, dates of birth along with flights taken and purchases.
Breach date: 12 January 2021
Date added to HIBP: 3 July 2022
Compromised accounts: 1,460,130
Compromised data: Dates of birth, Email addresses, Flights taken, IP addresses, Names, Phone numbers, Physical addresses, Purchases
Permalink
In March 2014, the home theatre PC software maker Boxee had their forums compromised in an attack.The attackers obtained the entire vBulletin MySQL database and promptly posted it for download on the Boxee forum itself.The data included 160k users, password histories, private messages and a variety of other data exposed across nearly 200 publicly exposed tables.
Breach date: 29 March 2014
Date added to HIBP: 30 March 2014
Compromised accounts: 158,093
Compromised data: Dates of birth, Email addresses, Geographic locations, Historical passwords, Instant messenger identities, IP addresses, Passwords, Private messages, User website URLs, Usernames
Permalink
In August 2022, the streaming website Brand New Tube suffered a data breach that exposed the personal information of almost 350k subscribers.
The impacted data included email and IP addresses, usernames, genders, passwords stored as unsalted SHA-1 hashes and private messages.
Breach date: 14 August 2022
Date added to HIBP: 8 September 2022
Compromised accounts: 349,627
Compromised data: Email addresses, Genders, IP addresses, Passwords, Private messages, Usernames
Permalink
In April 2013, the adult website known as Brazzers was hacked and 790k accounts were exposed publicly.Each record included a username, email address and password stored in plain text.
The breach was brought to light by the Vigilante.pw data breach reporting site in September 2016.
Breach date: 1 April 2013
Date added to HIBP: 5 September 2016
Compromised accounts: 790,724
Compromised data: Email addresses, Passwords, Usernames
Permalink
In November 2021, the crypto exchange platform BTC-Alpha suffered a ransomware attack data breach after which customer data was publicly dumped.The impacted data included 362k email and IP addresses, usernames and passwords stored as PBKDF2 hashes.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 2 November 2021
Date added to HIBP: 27 January 2022
Compromised accounts: 362,426
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In October 2014, the Bitcoin exchange BTC-E was hacked and 568k accounts were exposed.
The data included email and IP addresses, wallet balances and hashed passwords.
Breach date: 1 October 2014
Date added to HIBP: 12 March 2017
Compromised accounts: 568,340
Compromised data: Account balances, Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
In December 2019, a large collection of data from Nigerian gambling company Surebet247 was sent to HIBP.
Alongside the Surebet247, database backups from gambling sites BetAlfa, BetWay, BongoBongo and TopBet was also included.Further investigation implicated betting platform provider BtoBet as being the common source of the data.Impacted data included user records and extensive information on gambling histories.
Breach date: 26 December 2019
Date added to HIBP: 11 January 2020
Compromised accounts: 444,241
Compromised data: Dates of birth, Email addresses, Financial transactions, Geographic locations, IP addresses, Names, Usernames
Permalink
In March 2019, the Indonesian e-commerce website Bukalapak discovered a data breach of the organisation’s backups dating back to October 2017.The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes.
The data was provided to HIBP by a source who requested it to be attributed to “Maxime Thalet”.
Breach date: 23 October 2017
Date added to HIBP: 18 April 2019
Compromised accounts: 13,369,666
Compromised data: Email addresses, IP addresses, Names, Passwords, Usernames
Permalink
In July 2019, a massive data breach of the Bulgarian National Revenue Agency began circulating with data on 5 million people.Allegedly obtained in June, the data was broadly shared online and included taxation information alongside names, phone numbers, physical addresses and 471 thousand unique email addresses.The breach is said to have affected “nearly all adults in Bulgaria”.
Breach date: 15 July 2019
Date added to HIBP: 18 July 2019
Compromised accounts: 471,167
Compromised data: Email addresses, Names, Phone numbers, Physical addresses, Taxation records
Permalink
In April 2014, the Australian “Business Acumen Magazine” website was hacked by an attacker known as 1337MiR.The breach resulted in over 26,000 accounts being exposed including usernames, email addresses and password stored with a weak cryptographic hashing algorithm (MD5 with no salt).
Breach date: 25 April 2014
Date added to HIBP: 11 May 2014
Compromised accounts: 26,596
Compromised data: Email addresses, Names, Passwords, Usernames, Website activity
Permalink
In 2014, the social network for mothers CafeMom suffered a data breach.
The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.
Breach date: 10 April 2014
Date added to HIBP: 9 November 2017
Compromised accounts: 2,628,148
Compromised data: Email addresses, Passwords
Permalink
In February 2019, the custom merchandise retailer CafePress suffered a data breach.The exposed data included 23 million unique email addresses with some records also containing names, physical addresses, phone numbers and passwords stored as SHA-1 hashes.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 20 February 2019
Date added to HIBP: 5 August 2019
Compromised accounts: 23,205,290
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In February 2014, the vBulletin forum for the Marijuana site cannabis.com was breached and leaked publicly.Whilst there has been no public attribution of the breach, the leaked data included over 227k accounts and nearly 10k private messages between users of the forum.
Breach date: 5 February 2014
Date added to HIBP: 1 June 2014
Compromised accounts: 227,746
Compromised data: Dates of birth, Email addresses, Geographic locations, Historical passwords, Instant messenger identities, IP addresses, Passwords, Private messages, Usernames, Website activity
Permalink
In May 2019, the graphic design tool website Canva suffered a data breach that impacted 137 million subscribers.The exposed data included email addresses, usernames, names, cities of residence and passwords stored as bcrypt hashes for users not using social logins.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 24 May 2019
Date added to HIBP: 9 August 2019
Compromised accounts: 137,272,116
Compromised data: Email addresses, Geographic locations, Names, Passwords, Usernames
Permalink
In December 2020, the economic research company Capital Economics suffered a data breach that exposed 263k customer records.The exposed data included email and physical addresses, names, phone numbers, job titles and the employer of impacted customers.
Breach date: 12 December 2020
Date added to HIBP: 4 July 2022
Compromised accounts: 263,829
Compromised data: Email addresses, Employers, Job titles, Names, Phone numbers, Physical addresses
Permalink
In December 2021, the Carding Mafia forum suffered a data breach that exposed over 300k members’ email addresses.Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes.
This breach came only 9 months after another breach of the forum in March 2021.
Breach date: 28 December 2021
Date added to HIBP: 16 January 2022
Compromised accounts: 303,877
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In March 2021, the Carding Mafia forum suffered a data breach that exposed almost 300k members’ email addresses.Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes.
Breach date: 18 March 2021
Date added to HIBP: 23 March 2021
Compromised accounts: 297,744
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In June 2017, news broke that CashCrate had suffered a data breach exposing 6.8 million records.The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.
Breach date: 17 November 2016
Date added to HIBP: 20 April 2018
Compromised accounts: 6,844,490
Compromised data: Email addresses, Names, Passwords, Physical addresses
Permalink
In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed for sale on a dark web marketplace.The breach included almost 11 million records with 1.2 million unique email addresses.Names, usernames and plain text passwords were also exposed.The data was provided to HIBP by breachbase.pw.
Breach date: 1 March 2020
Date added to HIBP: 18 August 2020
Compromised accounts: 1,173,012
Compromised data: Email addresses, Names, Passwords, Usernames
Permalink
In March 2016, Polish game developer CD Projekt RED suffered a data breach.
The hack of their forum led to the exposure of almost 1.9 million accounts along with usernames, email addresses and salted SHA1 passwords.
Breach date: 1 March 2016
Date added to HIBP: 31 January 2017
Compromised accounts: 1,871,373
Compromised data: Email addresses, Passwords, Usernames
Permalink
In early 2022, a collective known as IT Army whose stated goal is to “completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases” published over 30GB of data allegedly sourced from Russian courier service CDEK.The data contained over 19M unique email addresses along with names and phone numbers.
The authenticity of the breach could not be independently established and has been flagged as “unverfieid”.
Breach date: 9 March 2022
Date added to HIBP: 17 March 2022
Compromised accounts: 19,218,203
Compromised data: Email addresses, Names, Phone numbers
Permalink
In March 2020, the photo print service Chatbooks suffered a data breach which was subsequently put up for sale on a dark web marketplace.The breach contained 15 million user records with 2.5 million unique email addresses alongside names, phone numbers, social media profiles and salted SHA-512 password hashes.The data was provided to HIBP by dehashed.com.
Breach date: 26 March 2020
Date added to HIBP: 29 July 2020
Compromised accounts: 2,520,441
Compromised data: Email addresses, Names, Passwords, Phone numbers, Social media profiles
Permalink
In approximately mid-2015, the forum for CheapAssGamer.com suffered a data breach.The database from the IP.Board based forum contained 445k accounts including usernames, email and IP addresses and salted MD5 password hashes.
Breach date: 1 July 2015
Date added to HIBP: 8 November 2016
Compromised accounts: 444,767
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In April 2018, the textbook rental service Chegg suffered a data breach that impacted 40 million subscribers.The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 28 April 2018
Date added to HIBP: 16 August 2019
Compromised accounts: 39,721,127
Compromised data: Email addresses, Names, Passwords, Usernames
Permalink
In October 2020, the Asian food delivery app Chowbus suffered a data breach which led to over 800,000 records being emailed to customers.The email contained a link to a CSV file with customer data including physical addresses, names, phone numbers and over 444,000 unique email addresses.
Breach date: 5 October 2020
Date added to HIBP: 6 October 2020
Compromised accounts: 444,224
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
Permalink
In November 2020, a collection of more than 23,000 allegedly breached websites known as Cit0day were made available for download on several hacking forums.The data consisted of 226M unique email address alongside password pairs, often represented as both password hashes and the cracked, plain text versions.
Independent verification of the data established it contains many legitimate, previously undisclosed breaches.The data was provided to HIBP by dehashed.com.
Breach date: 4 November 2020
Date added to HIBP: 19 November 2020
Compromised accounts: 226,883,414
Compromised data: Email addresses, Passwords
Permalink
In February 2021, the Lithuanian car-sharing service CityBee announced they’d suffered a data breach that exposed 110k customers’ personal information.
The breach exposed names, email addresses, government issued IDs and passwords stored as unsalted SHA-1 hashes.
Breach date: 5 February 2021
Date added to HIBP: 17 February 2021
Compromised accounts: 110,156
Compromised data: Email addresses, Government issued IDs, Names, Passwords
Permalink
In mid-2011, data was allegedly obtained from the Chinese engineering website known as Civil Online and contained 7.8M accounts.Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.
The data in the breach contains email and IP addresses, user names and MD5 password hashes.Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 10 July 2011
Date added to HIBP: 7 November 2016
Compromised accounts: 7,830,195
Compromised data: Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
In July 2016, the forum for the game “Clash of Kings” suffered a data breach that impacted 1.6 million subscribers.The impacted data included usernames, IP and email addresses and passwords stored as MD5 hashes.The data was provided to HIBP by dehashed.com.
Breach date: 14 July 2016
Date added to HIBP: 27 July 2019
Compromised accounts: 1,604,957
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In April 2021, the market research surveys company ClearVoice Surveys had a publicly facing database backup from 2015 taken and redistributed on a popular hacking forum.
The data included 15M unique email addresses across more than 17M rows of data that also included names, physical and IP addresses, genders, dates of birth and plain text passwords.ClearVoice Surveys advised they were aware of the breach and confirmed its authenticity.
Breach date: 23 August 2015
Date added to HIBP: 23 April 2021
Compromised accounts: 15,074,786
Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In September 2016, the paid-to-click site ClixSense suffered a data breach which exposed 2.4 million subscriber identities.The breached data was then posted online by the attackers who claimed it was a subset of a larger data breach totalling 6.6 million records.The leaked data was extensive and included names, physical, email and IP addresses, genders and birth dates, account balances and passwords stored as plain text.
Breach date: 4 September 2016
Date added to HIBP: 11 September 2016
Compromised accounts: 2,424,784
Compromised data: Account balances, Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Payment histories, Payment methods, Physical addresses, Usernames, Website activity
Permalink
In January, the maker of teddy bears that record children’s voices and sends them to family and friends via the internet CloudPets left their database publicly exposed and it was subsequently downloaded by external parties (the data was also subject to 3 different ransom demands).583k records were provided to HIBP via a data trader and included email addresses and bcrypt hashes, but the full extent of user data exposed by the system was over 821k records and also included children’s names and references to portrait photos and voice recordings.
Breach date: 1 January 2017
Date added to HIBP: 27 February 2017
Compromised accounts: 583,503
Compromised data: Email addresses, Family members’ names, Passwords
Permalink
In January 2018, the children’s gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney’s Club Penguin game).The incident exposed almost 1.7 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes.
When contacted, CPRewritten advised they were aware of the breach and had “contacted affected users”.
Breach date: 21 January 2018
Date added to HIBP: 23 April 2019
Compromised accounts: 1,688,176
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In July 2019, the children’s gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney’s Club Penguin game).In addition to an earlier data breach that impacted 1.7 million accounts, the subsequent breach exposed 4 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes.
Breach date: 27 July 2019
Date added to HIBP: 30 July 2019
Compromised accounts: 4,007,909
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In February 2017, hundreds of thousands of records from the Coachella music festival were discovered being sold online.Allegedly taken from a combination of the main Coachella website and their vBulletin-based message board, the data included almost 600k usernames, IP and email addresses and salted hashes of passwords (MD5 in the case of the message board).
Breach date: 22 February 2017
Date added to HIBP: 27 June 2017
Compromised accounts: 599,802
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In August 2017, the crypto coin brokerage service Coinmama suffered a data breach that impacted 479k subscribers.
The breach was discovered in February 2019 with exposed data including email addresses, usernames and passwords stored as MD5 WordPress hashes.The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.
Breach date: 3 August 2017
Date added to HIBP: 30 August 2019
Compromised accounts: 478,824
Compromised data: Email addresses, Passwords, Usernames
Permalink
During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were discovered being traded on hacking forums.Whilst the email addresses were found to correlate with CoinMarketCap accounts, it’s unclear precisely how they were obtained.
CoinMarketCap has provided the following statement on the data: “CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts.While the data lists we have seen are only email addresses (no passwords), we have found a correlation with our subscriber base.We have not found any evidence of a data leak from our own servers — we are actively investigating this issue and will update our subscribers as soon as we have any new information.”
Breach date: 12 October 2021
Date added to HIBP: 22 October 2021
Compromised accounts: 3,117,548
Compromised data: Email addresses
Permalink
In December 2022, the Crypto & NFT taxes service CoinTracker reported a data breach that impacted over 1.5M of their customers.The company later attributed the breach to a compromise SendGrid in an attack that targeted multiple customers of the email provider.
The breach exposed email addresses and partially redacted phone numbers, with CoinTracker advising that the later did not originate from their service.
Breach date: 1 December 2022
Date added to HIBP: 12 December 2022
Compromised accounts: 1,557,153
Compromised data: Email addresses, Partial phone numbers
Permalink
In January 2019, a large collection of credential stuffing lists (combinations of email addresses and passwords used to hijack accounts on other services) was discovered being distributed on a popular hacking forum.The data contained almost 2.7 billion records including 773 million unique email addresses alongside passwords those addresses had used on other breached services.Full details on the incident and how to search the breached passwords are provided in the blog post The 773 Million Record “Collection #1” Data Breach.
Breach date: 7 January 2019
Date added to HIBP: 16 January 2019
Compromised accounts: 772,904,991
Compromised data: Email addresses, Passwords
Permalink
In November 2015, the US internet and cable TV provider Comcast suffered a data breach that exposed 590k customer email addresses and plain text passwords.A further 27k accounts appeared with home addresses with the entire data set being sold on underground forums.
Breach date: 8 November 2015
Date added to HIBP: 8 February 2016
Compromised accounts: 616,882
Compromised data: Email addresses, Passwords, Physical addresses
Permalink
In March 2016, the Philippines Commission of Elections website (COMELEC) was attacked and defaced, allegedly by Anonymous Philippines.Shortly after, data on 55 million Filipino voters was leaked publicly and included sensitive information such as genders, marital statuses, height and weight and biometric fingerprint data.The breach only included 228k email addresses.
Breach date: 27 March 2016
Date added to HIBP: 14 April 2016
Compromised accounts: 228,605
Compromised data: Biometric data, Dates of birth, Email addresses, Family members’ names, Genders, Job titles, Marital statuses, Names, Passport numbers, Phone numbers, Physical addresses, Physical attributes
Permalink
In 2014, a file allegedly containing data hacked from Coupon Mom was created and included 11 million email addresses and plain text passwords.On further investigation, the file was also found to contain data indicating it had been sourced from Armor Games.Subsequent verification with HIBP subscribers confirmed the passwords had previously been used and many subscribers had used either Coupon Mom or Armor Games in the past.
On disclosure to both organisations, each found that the data did not represent their entire customer base and possibly includes records from other sources with common subscribers.The breach has subsequently been flagged as “unverified” as the source cannot be emphatically proven.In July 2020, the data was also found to contain BeerAdvocate accounts sourced from a previously unknown breach.
Breach date: 8 February 2014
Date added to HIBP: 9 November 2017
Compromised accounts: 11,010,525
Compromised data: Email addresses, Passwords
Permalink
In February 2020, a massive trove of personal information referred to as “db8151dd” was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server.Later identified as originating from the Covve contacts app, the exposed data included extensive personal information and interactions between Covve users and their contacts.The data was provided to HIBP by dehashed.com.
Breach date: 20 February 2020
Date added to HIBP: 15 May 2020
Compromised accounts: 22,802,117
Compromised data: Email addresses, Job titles, Names, Phone numbers, Physical addresses, Social media profiles
Permalink
In late 2013, the Crack Community forum specialising in cracks for games was compromised and over 19k accounts published online.Built on the MyBB forum platform, the compromised data included email addresses, IP addresses and salted MD5 passwords.
Breach date: 9 September 2013
Date added to HIBP: 3 February 2015
Compromised accounts: 19,210
Compromised data: Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
In July 2019, the hacking website Cracked.to suffered a data breach.There were 749k unique email addresses spread across 321k forum users and other tables in the database.A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as bcrypt hashes.
Breach date: 21 July 2019
Date added to HIBP: 12 August 2019
Compromised accounts: 749,161
Compromised data: Email addresses, IP addresses, Passwords, Private messages, Usernames
Permalink
In approximately mid-2016, the cracking community forum known as CrackingForum suffered a data breach.
The vBulletin based forum exposed 660k email and IP addresses, usernames and salted MD5 hashes.
Breach date: 1 July 2016
Date added to HIBP: 10 December 2017
Compromised accounts: 660,305
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In May 2018, the forum for Singaporean hardware company Creative Technology suffered a data breach which resulted in the disclosure of 483k unique email addresses.Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes.
After being notified of the incident, Creative permanently shut down the forum.
Breach date: 1 May 2018
Date added to HIBP: 7 June 2018
Compromised accounts: 483,015
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In January 2016, a large number of unpatched vBulletin forums were compromised by an actor known as “CrimeAgency”.A total of 140 forums had data including usernames, email addresses and passwords (predominantly stored as salted MD5 hashes), extracted and then distributed.
Refer to the complete list of the forums for further information on which sites were impacted.
Breach date: 19 January 2017
Date added to HIBP: 21 March 2017
Compromised accounts: 942,044
Compromised data: Email addresses, Passwords, Usernames
Permalink
In August 2016, the Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru.The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.
Breach date: 8 August 2016
Date added to HIBP: 28 December 2016
Compromised accounts: 12,865,609
Compromised data: Email addresses, Passwords, Usernames
Permalink
In May 2022, the client management system for the Australian government’s NDIS (National Disability Insurance Scheme) suffered a data breach which was subsequently posted to an online hacking forum.The CTARS cloud platform is used by care providers to record information about NDIS participants and often contains sensitive medical information.
Impacted data includes over 12k unique email addresses, physical addresses, names, dates of birth, phone numbers and data related to patient conditions and treatments.
Breach date: 21 May 2021
Date added to HIBP: 31 May 2022
Compromised accounts: 12,314
Compromised data: Dates of birth, Email addresses, Genders, Names, Passwords, Personal health data, Phone numbers, Physical addresses, Salutations, Usernames
Permalink
In October 2021, the Israeli hosting provider CyberServe was breached and ransomed before having a substantial amount of their customer data leaked publicly by a group known as “Black Shadow”.Amongst the data was the LGBTQ dating site Atraf and the Machon Mor medical institute.Due to multiple different sites being compromised, the impacted data is broad and ranges from relationship information to medical data to email addresses and passwords stored in plain text.The data was made available to HIBP with support from May Brooks-Kempler, founder of the Think Safe Cyber community in Israel.
Breach date: 29 October 2021
Date added to HIBP: 4 November 2021
Compromised accounts: 1,107,034
Compromised data: Dates of birth, Drinking habits, Email addresses, Family structure, Genders, Geographic locations, HIV statuses, IP addresses, Names, Passwords, Personal health data, Phone numbers, Physical attributes, Private messages, Profile photos, Religions, Sexual orientations, Smoking habits, Usernames
Permalink
In January 2016, the gaming website D3Scene, suffered a data breach.The compromised vBulletin forum exposed 569k million email addresses, IP address, usernames and passwords stored as salted MD5 hashes.
The data was provided to HIBP by dehashed.com.
Breach date: 1 January 2016
Date added to HIBP: 15 June 2019
Compromised accounts: 568,827
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records.Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.
Breach date: 16 May 2017
Date added to HIBP: 18 May 2017
Compromised accounts: 637,340
Compromised data: Email addresses, Passwords, Usernames
Permalink
In January 2021, the quiz website Daily Quiz suffered a data breach that exposed over 8 million unique email addresses.The data also included usernames, IP addresses and passwords stored in plain text.
Breach date: 13 January 2021
Date added to HIBP: 21 May 2021
Compromised accounts: 8,032,404
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In October 2016, the video sharing platform Dailymotion suffered a data breach.The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.
Breach date: 20 October 2016
Date added to HIBP: 7 August 2017
Compromised accounts: 85,176,234
Compromised data: Email addresses, Passwords, Usernames
Permalink
In approximately January 2018, a collection of more than 464k customer records from the Indian online retailer DailyObjects were leaked online.
The data included names, physical and email addresses, phone numbers and “pincodes” stored in plain text.After multiple attempts to contact them, DailyObjects responded and received a copy of the data for verification, however failed to respond to multiple contact attempts following that.
Breach date: 1 January 2018
Date added to HIBP: 28 January 2020
Compromised accounts: 464,260
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In 2011, the Chinese e-commerce site Dangdang suffered a data breach.The incident exposed over 4.8 million unique email addresses which were subsequently traded online over the ensuing years.
Breach date: 1 June 2011
Date added to HIBP: 10 January 2019
Compromised accounts: 4,848,734
Compromised data: Email addresses
Permalink
In late 2015, the technology and social site DaniWeb suffered a data breach.The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords.
However, DaniWeb have advised that “the breached password hashes and salts are incorrect” and that they have since switched to new infrastructure and software.
Breach date: 1 December 2015
Date added to HIBP: 28 December 2016
Compromised accounts: 1,131,636
Compromised data: Email addresses, IP addresses, Passwords
Permalink
In November 2018, security researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator.Upon further investigation, the data was linked to marketing company Data & Leads.The exposed Elasticsearch instance contained over 44M unique email addresses along with names, IP and physical addresses, phone numbers and employment information.No response was received from Data & Leads when contacted by Bob and their site subsequently went offline.
Breach date: 14 November 2018
Date added to HIBP: 28 November 2018
Compromised accounts: 44,320,330
Compromised data: Email addresses, Employers, IP addresses, Job titles, Names, Phone numbers, Physical addresses
Permalink
In October 2019, security researchers Vinny Troia and Bob Diachenko identified an unprotected Elasticsearch server holding 1.2 billion records of personal data.
The exposed data included an index indicating it was sourced from data enrichment company People Data Labs (PDL) and contained 622 million unique email addresses.The server was not owned by PDL and it’s believed a customer failed to properly secure the database.Exposed information included email addresses, phone numbers, social media profiles and job history data.
Breach date: 16 October 2019
Date added to HIBP: 22 November 2019
Compromised accounts: 622,161,052
Compromised data: Email addresses, Employers, Geographic locations, Job titles, Names, Phone numbers, Social media profiles
Permalink
In December 2016, more than 200 million “data enrichment profiles” were found for sale on the darknet.The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other legitimate locations.In total, there were more than 8 million unique email addresses in the data which also contained a raft of other personal attributes including credit ratings, home ownership status, family structure and other fields described in the story linked to above.The email addresses alone were provided to HIBP.
Breach date: 23 December 2016
Date added to HIBP: 8 June 2017
Compromised accounts: 8,176,132
Compromised data: Buying preferences, Charitable donations, Credit status information, Dates of birth, Email addresses, Family structure, Financial investments, Home ownership statuses, Income levels, Job titles, Marital statuses, Names, Net worths, Phone numbers, Physical addresses, Political donations
Permalink
In December 2018, the data science website DataCamp suffered a data breach of records dating back to January 2017.The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes.In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
The data was provided to HIBP by a source who requested it to be attributed to “[email protected]”.
Breach date: 30 January 2017
Date added to HIBP: 9 April 2019
Compromised accounts: 760,561
Compromised data: Email addresses, Geographic locations, IP addresses, Names, Passwords
Permalink
In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum.The data allegedly dated back to an earlier breach and in total, contained almost 7.5M email addresses and cracked password pairs.
The original data source allegedly contained usernames, security questions and answers and passwords stored as MD5 hashes with a static salt.
Breach date: 25 August 2021
Date added to HIBP: 4 January 2022
Compromised accounts: 7,476,940
Compromised data: Email addresses, Passwords, Security questions and answers, Usernames
Permalink
In June 2020, the digital banking app Dave suffered a data breach which exposed 7.5 million rows of data and subsequently appeared for public download on a hacking forum.The breach exposed extensive personal information including almost 3 million unique email addresses alongside names, dates of birth, encrypted social security numbers and passwords stored as bcrypt hashes.The data was provided to HIBP by dehashed.com.
Breach date: 28 June 2020
Date added to HIBP: 27 July 2020
Compromised accounts: 2,964,182
Compromised data: Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses, Social security numbers
Permalink
In late 2022, the music streaming service Deezer disclosed a data breach that impacted over 240M customers.The breach dated back to a mid-2019 backup exposed by a 3rd party partner which was subsequently sold and then broadly redistributed on a popular hacking forum.Impacted data included 229M unique email addresses, IP addresses, names, usernames, genders, DoBs and the geographic location of the customer.
Breach date: 22 April 2019
Date added to HIBP: 2 January 2023
Compromised accounts: 229,037,936
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Names, Spoken languages, Usernames
Permalink
In February 2019, the hacking forum Demon Forums suffered a data breach.
The compromise of the vBulletin forum exposed 52k unique email addresses alongside usernames and passwords stored as salted MD5 hashes.
Breach date: 20 February 2019
Date added to HIBP: 4 April 2019
Compromised accounts: 52,623
Compromised data: Email addresses, Passwords, Usernames
Permalink
In March 2021, the Brazilian EdTech company Descomplica suffered a data breach which was subsequently posted to a popular hacking forum.
The data included almost 5 million email addresses, names, the first 6 and last 4 digits and the expiry date of credit cards, purchase histories and password hashes.
Breach date: 14 March 2021
Date added to HIBP: 28 April 2021
Compromised accounts: 4,845,378
Compromised data: Email addresses, Names, Partial credit card data, Passwords, Purchases
Permalink
In early 2021, the Polish torrents website Devil-Torrents.pl suffered a data breach.A subset of the data including 63k unique email addresses and cracked passwords were subsequently socialised on a popular data breach sharing service.
Breach date: 4 January 2021
Date added to HIBP: 1 May 2022
Compromised accounts: 63,451
Compromised data: Email addresses, Passwords
Permalink
In February 2019, the devkitPro forum suffered a data breach.The phpBB based forum had 1,508 unique email addresses exposed in the breach alongside forum posts, private messages and passwords stored as weak salted hashes.The data breach was self-submitted to HIBP by the forum operator.
Breach date: 3 February 2019
Date added to HIBP: 11 February 2019
Compromised accounts: 1,508
Compromised data: Email addresses, Passwords, Private messages
Permalink
In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004.The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date.The site was previously reported as compromised on the Vigilante.pw breached database directory.
Breach date: 10 August 2014
Date added to HIBP: 13 October 2017
Compromised accounts: 1,383,759
Compromised data: Dates of birth, Eating habits, Email addresses, IP addresses, Names, Passwords, Physical attributes, Usernames
Permalink
In September 2016, over 16GB of logs from a service indicated to be digimon.co.in were obtained, most likely from an unprotected Mongo DB instance.
The service ceased running shortly afterwards and no information remains about the precise nature of it.
Based on enquiries made via Twitter, it appears to have been a mail service possibly based on PowerMTA and used for delivering spam.
The logs contained information including 7.7M unique email recipients (names and addresses), mail server IP addresses, email subjects and tracking information including mail opens and clicks.
Breach date: 5 September 2016
Date added to HIBP: 28 September 2018
Compromised accounts: 7,687,679
Compromised data: Email addresses, Email messages, IP addresses, Names
Permalink
In October 2017, the blog commenting service Disqus announced they’d suffered a data breach.The breach dated back to July 2012 but wasn’t identified until years later when the data finally surfaced.The breach contained over 17.5 million unique email addresses and usernames.Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.
Breach date: 1 July 2012
Date added to HIBP: 6 October 2017
Compromised accounts: 17,551,044
Compromised data: Email addresses, Passwords, Usernames
Permalink
In approximately 2010, the now defunct website DivX SubTitles suffered a data breach that exposed 783k user accounts including email addresses, usernames and plain text passwords.
Breach date: 1 January 2010
Date added to HIBP: 14 June 2022
Compromised accounts: 783,058
Compromised data: Email addresses, Passwords, Usernames
Permalink
In July 2016, the gaming news site DLH.net suffered a data breach which exposed 3.3M subscriber identities.
Along with the keys used to redeem and activate games on the Steam platform, the breach also resulted in the exposure of email addresses, birth dates and salted MD5 password hashes.The data was donated to Have I Been Pwned by data breach monitoring service Vigilante.pw.
Breach date: 31 July 2016
Date added to HIBP: 7 September 2016
Compromised accounts: 3,264,710
Compromised data: Dates of birth, Email addresses, Names, Passwords, Usernames, Website activity
Permalink
In late 2011, data was allegedly obtained from the Chinese website known as Dodonew.com and contained 8.7M accounts.Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.The data in the breach contains email addresses and user names.Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 1 December 2011
Date added to HIBP: 10 November 2016
Compromised accounts: 8,718,404
Compromised data: Email addresses, Usernames
Permalink
In June 2014, Domino’s Pizza in France and Belgium was hacked by a group going by the name “Rex Mundi” and their customer data held to ransom.Domino’s refused to pay the ransom and six months later, the attackers released the data along with troves of other hacked accounts.
Amongst the customer data was passwords stored with a weak MD5 hashing algorithm and no salt.
Breach date: 13 June 2014
Date added to HIBP: 4 January 2015
Compromised accounts: 648,231
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In April 2021, 13TB of compromised Domino’s India appeared for sale on a hacking forum after which the company acknowledged a major data breach they dated back to March.The compromised data included 22.5 million unique email addresses, names, phone numbers, order histories and physical addresses.
Breach date: 24 March 2021
Date added to HIBP: 3 June 2021
Compromised accounts: 22,527,655
Compromised data: Email addresses, Names, Phone numbers, Physical addresses, Purchases
Permalink
In October 2022, the Doomworld fourm suffered a data breach that exposed 34k member records.
The data included email and IP addresses, usernames and bcrypt password hashes.
Breach date: 12 October 2022
Date added to HIBP: 24 October 2022
Compromised accounts: 34,478
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In January 2022, the “doxing” website designed to disclose the personal information of targeted individuals (“doxes”) Doxbin suffered a data breach.The breach was subsequently leaked online and included over 370k unique email addresses across user accounts and doxes.User accounts also included usernames, password hashes and browser user agents.The personal information disclosed in the doxes was often extensive including names, physical addresses, phone numbers and more.
Breach date: 5 January 2022
Date added to HIBP: 8 January 2022
Compromised accounts: 370,794
Compromised data: Browser user agent details, Email addresses, Passwords, Usernames
Permalink
In December 2020, the car dealership service provider DriveSure suffered a data breach.The incident resulted in 26GB of data being downloaded and later shared on a hacking forum.Impacted personal information included 3.6 million unique email addresses, names, phone numbers and physical addresses.Vehicle data was also exposed and included makes, models, VIN numbers and odometer readings.
A small number of passwords stored as bcrypt hashes were also included in the data set.
Breach date: 19 December 2020
Date added to HIBP: 10 May 2021
Compromised accounts: 3,675,099
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses, Vehicle details
Permalink
In approximately July 2020, the US-based online alcohol delivery service Drizly suffered a data breach.The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses alongside names, physical and IP addresses, phone numbers, dates of birth and passwords stored as bcrypt hashes.The data was provided to HIBP by dehashed.com.
Breach date: 2 July 2020
Date added to HIBP: 28 July 2020
Compromised accounts: 2,479,044
Compromised data: Dates of birth, Device information, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers.In August 2016, they forced password resets for customers they believed may be at risk.A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
Breach date: 1 July 2012
Date added to HIBP: 31 August 2016
Compromised accounts: 68,648,009
Compromised data: Email addresses, Passwords
Permalink
In December 2018, the video messaging service Dubsmash suffered a data breach.
The incident exposed 162 million unique email addresses alongside usernames and PBKDF2 password hashes.In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.The data was provided to HIBP by a source who requested it to be attributed to “[email protected]”.
Breach date: 1 December 2018
Date added to HIBP: 25 February 2019
Compromised accounts: 161,749,950
Compromised data: Email addresses, Geographic locations, Names, Passwords, Phone numbers, Spoken languages, Usernames
Permalink
In mid-2021, Risk Based Security reported on a database sourced from Ducks Unlimited being traded online.The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website users.
Impacted data included names, phones numbers, physical addresses, dates of birth and passwords stored as unsalted MD5 hashes.
Breach date: 29 January 2021
Date added to HIBP: 16 November 2021
Compromised accounts: 1,324,364
Compromised data: Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses
Permalink
In March 2017, the Flash game based on the Yu-Gi-Oh trading card game Dueling Network suffered a data breach.The site itself was taken offline in 2016 due to a cease-and-desist order but the forum remained online for another year.The data breach exposed usernames, IP and email addresses and passwords stored as MD5 hashes.The data was provided to HIBP by a source who requested it be attributed to “burger vault”.
Breach date: 29 March 2017
Date added to HIBP: 30 March 2020
Compromised accounts: 6,486,626
Compromised data: Email addresses, IP addresses, Passwords, Usernames
Permalink
In April 2013, the interactive video game Dungeons & Dragons Online suffered a data breach that exposed almost 1.6M players’ accounts.The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.
Breach date: 2 April 2013
Date added to HIBP: 12 March 2016
Compromised accounts: 1,580,933
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames, Website activity
Permalink
In approximately June 2019, the Indian delivery service Dunzo suffered a data breach.
Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking forum.
The data was provided to HIBP by dehashed.com.
Breach date: 19 June 2020
Date added to HIBP: 29 July 2020
Compromised accounts: 3,465,259
Compromised data: Device information, Email addresses, Geographic locations, IP addresses, Names, Phone numbers
Permalink
In approximately 2011, data was allegedly obtained from the Chinese gaming website known as Duowan.com and contained 2.6M accounts.Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as “unverified”.The data in the breach contains email addresses, user names and plain text passwords.Read more about Chinese data breaches in Have I Been Pwned.
Breach date: 1 January 2011
Date added to HIBP: 7 November 2016
Compromised accounts: 2,639,894
Compromised data: Email addresses, Passwords, Usernames
Permalink
In December 2017, the online Swiss DVD store known as dvd-shop.ch suffered a data breach.The incident led to the exposure of 68k email addresses and plain text passwords.The site has since been updated to indicate that it is currently closed.
Breach date: 5 December 2017
Date added to HIBP: 10 December 2017
Compromised accounts: 67,973
Compromised data: Email addresses, Passwords
Permalink
In October 2018, the restaurant reservation service Eatigo suffered a data breach that exposed 2.8 million accounts.
The data included email addresses, names, phone numbers, social media profiles, genders and passwords stored as unsalted MD5 hashes.
Breach date: 16 October 2018
Date added to HIBP: 25 August 2021
Compromised accounts: 2,789,609
Compromised data: Email addresses, Genders, Names, Passwords, Phone numbers, Social media profiles
Permalink
In May 2019, the online food ordering service EatStreet suffered a data breach affecting 6.4 million customers.An extensive amount of personal data was obtained including names, phone numbers, addresses, partial credit card data and passwords stored as bcrypt hashes.The data was provided to HIBP by a source who requested it be attributed to “[email protected]”.
Breach date: 3 May 2019
Date added to HIBP: 19 July 2019
Compromise.
