diff --git a/breaches.json b/breaches.json index dad2eb5..4c4c84a 100644 --- a/breaches.json +++ b/breaches.json @@ -1 +1 @@ -[{"Name":"000webhost","Title":"000webhost","Domain":"000webhost.com","BreachDate":"2015-03-01","AddedDate":"2015-10-26T23:35:45Z","ModifiedDate":"2017-12-10T21:44:27Z","PwnCount":14936670,"Description":"In approximately March 2015, the free web hosting provider \u003Ca href=\u0022http://www.troyhunt.com/2015/10/breaches-traders-plain-text-passwords.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E000webhost suffered a major data breach\u003C/a\u003E that exposed almost 15 million customer records. The data was sold and traded before 000webhost was alerted in October. The breach included names, email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/000webhost.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"123RF","Title":"123RF","Domain":"123rf.com","BreachDate":"2020-03-22","AddedDate":"2020-11-15T00:59:50Z","ModifiedDate":"2020-11-15T01:07:10Z","PwnCount":8661578,"Description":"In March 2020, the stock photo site \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/popular-stock-photo-service-hit-by-data-breach-83m-records-for-sale/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E123RF suffered a data breach\u003C/a\u003E which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/123RF.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"126","Title":"126","Domain":"126.com","BreachDate":"2012-01-01","AddedDate":"2016-10-08T07:46:05Z","ModifiedDate":"2016-10-08T07:46:05Z","PwnCount":6414191,"Description":"In approximately 2012, it\u0027s alleged that the Chinese email service known as \u003Ca href=\u0022http://126.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E126\u003C/a\u003E suffered a data breach that impacted 6.4 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/126.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"17Media","Title":"17","Domain":"17app.co","BreachDate":"2016-04-19","AddedDate":"2016-07-08T01:55:03Z","ModifiedDate":"2016-07-08T01:55:03Z","PwnCount":4009640,"Description":"In April 2016, customer data obtained from the streaming app known as \u0026quot;17\u0026quot; \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-millions-of-user-accounts-for-streaming-app-17\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eappeared listed for sale on a Tor hidden service marketplace\u003C/a\u003E. The data contained over 4 million unique email addresses along with IP addresses, usernames and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/17Media.png","DataClasses":["Device information","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"17173","Title":"17173","Domain":"17173.com","BreachDate":"2011-12-28","AddedDate":"2018-04-28T04:53:15Z","ModifiedDate":"2018-04-28T04:53:15Z","PwnCount":7485802,"Description":"In late 2011, \u003Ca href=\u0022https://news.softpedia.com/news/China-Investigates-Hacking-Operations-That-Exposed-100-Million-Users-244312.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea series of data breaches in China affected up to 100 million users\u003C/a\u003E, including 7.5 million from the gaming site known as 17173. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/17173.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"2844Breaches","Title":"2,844 Separate Data Breaches","Domain":"","BreachDate":"2018-02-19","AddedDate":"2018-02-26T10:06:02Z","ModifiedDate":"2018-02-26T10:06:02Z","PwnCount":80115532,"Description":"In February 2018, \u003Ca href=\u0022https://www.troyhunt.com/ive-just-added-2844-new-data-breaches-with-80m-records-to-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive collection of almost 3,000 alleged data breaches was found online\u003C/a\u003E. Whilst some of the data had previously been seen in Have I Been Pwned, 2,844 of the files consisting of more than 80 million unique email addresses had not previously been seen. Each file contained both an email address and plain text password and were consequently loaded as a single \u0026quot;unverified\u0026quot; data breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"2fast4u","Title":"2fast4u","Domain":"2fast4u.be","BreachDate":"2017-12-20","AddedDate":"2018-01-07T08:19:39Z","ModifiedDate":"2018-01-07T08:19:39Z","PwnCount":17706,"Description":"In December 2017, the Belgian motorcycle forum \u003Ca href=\u0022https://www.2fast4u.be\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2fast4u\u003C/a\u003E discovered a data breach of their system. The breach of the vBulletin message board impacted over 17k individual users and exposed email addresses, usersnames and salted MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/2fast4u.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"500px","Title":"500px","Domain":"500px.com","BreachDate":"2018-07-05","AddedDate":"2019-03-25T08:01:09Z","ModifiedDate":"2019-03-25T08:01:09Z","PwnCount":14867999,"Description":"In mid-2018, the online photography community \u003Ca href=\u0022https://support.500px.com/hc/en-us/articles/360017752493-Security-Issue-February-2019-FAQ\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E500px suffered a data breach\u003C/a\u003E. The incident exposed almost 15 million unique email addresses alongside names, usernames, genders, dates of birth and either an MD5 or bcrypt password hash. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/500px.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"7k7k","Title":"7k7k","Domain":"7k7k.com","BreachDate":"2011-01-01","AddedDate":"2017-09-26T21:54:01Z","ModifiedDate":"2017-09-26T21:54:01Z","PwnCount":9121434,"Description":"In approximately 2011, it\u0027s alleged that the Chinese gaming site known as \u003Ca href=\u0022http://www.7k7k.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E7k7k\u003C/a\u003E suffered a data breach that impacted 9.1 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/7k7k.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"8fit","Title":"8fit","Domain":"8fit.com","BreachDate":"2018-07-01","AddedDate":"2019-03-21T18:50:00Z","ModifiedDate":"2019-03-21T18:50:00Z","PwnCount":15025407,"Description":"In July 2018, the health and fitness service \u003Ca href=\u0022https://8fit.zendesk.com/hc/en-us/articles/360017746394-Notice\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E8fit suffered a data breach\u003C/a\u003E. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/8fit.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"8tracks","Title":"8tracks","Domain":"8tracks.com","BreachDate":"2017-06-27","AddedDate":"2018-02-16T07:09:30Z","ModifiedDate":"2019-08-25T08:52:21Z","PwnCount":17979961,"Description":"In June 2017, the online playlists service known as \u003Ca href=\u0022https://blog.8tracks.com/2017/06/27/password-security-alert/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E8Tracks suffered a data breach\u003C/a\u003E which impacted 18 million accounts. In their disclosure, 8Tracks advised that \u0026quot;the vector for the attack was an employee\u2019s GitHub account, which was not secured using two-factor authentication\u0026quot;. Salted SHA-1 password hashes for users who \u003Cem\u003Edidn\u0027t\u003C/em\u003E sign up with either Google or Facebook authentication were also included. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses. The complete set of 18M records was later provided by JimScott.Sec@protonmail.com and updated in HIBP accordingly.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/8tracks.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Abandonia","Title":"Abandonia (2015)","Domain":"abandonia.com","BreachDate":"2015-11-01","AddedDate":"2017-06-05T05:56:47Z","ModifiedDate":"2022-12-07T05:56:07Z","PwnCount":776125,"Description":"In November 2015, the gaming website dedicated to classic DOS games \u003Ca href=\u0022http://www.abandonia.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAbandonia\u003C/a\u003E suffered a data breach resulting in the exposure of 776k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Abandonia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Abandonia2022","Title":"Abandonia (2022)","Domain":"abandonia.com","BreachDate":"2022-11-15","AddedDate":"2022-12-07T06:04:17Z","ModifiedDate":"2022-12-11T12:25:07Z","PwnCount":919790,"Description":"In November 2022, the gaming website dedicated to classic DOS games \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1594670215471792130\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAbandonia\u003C/a\u003E suffered a data breach resulting in the exposure of 920k unique user records. This breach was in addition to another one 7 years earlier in 2015. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Abandonia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AbuseWithUs","Title":"AbuseWith.Us","Domain":"abusewith.us","BreachDate":"2016-07-01","AddedDate":"2017-10-09T11:08:45Z","ModifiedDate":"2017-10-09T11:08:45Z","PwnCount":1372550,"Description":"In 2016, the site dedicated to helping people hack email and online gaming accounts known as Abusewith.us suffered multiple data breaches. The site \u003Ca href=\u0022https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eallegedly had an administrator in common with the nefarious LeakedSource site\u003C/a\u003E, both of which have since been shut down. The exposed data included more than 1.3 million unique email addresses, often accompanied by usernames, IP addresses and plain text or hashed passwords retrieved from various sources and intended to be used to compromise the victims\u0027 accounts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AbuseWithUs.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AcneOrg","Title":"Acne.org","Domain":"acne.org","BreachDate":"2014-11-25","AddedDate":"2016-03-06T11:07:41Z","ModifiedDate":"2016-03-06T11:07:41Z","PwnCount":432943,"Description":"In November 2014, the acne website \u003Ca href=\u0022http://www.acne.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eacne.org\u003C/a\u003E suffered a data breach that exposed over 430k forum members\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AcneOrg.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Activision","Title":"Activision","Domain":"activision.com","BreachDate":"2022-12-04","AddedDate":"2023-10-03T07:09:49Z","ModifiedDate":"2023-10-03T07:09:49Z","PwnCount":16006,"Description":"In December 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-alleged-activision-employee-data-on-cybercrime-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records\u003C/a\u003E. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee. Activision advised that no sensitive employee information was included in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Activision.png","DataClasses":["Email addresses","Geographic locations","Job titles","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ActMobile","Title":"ActMobile","Domain":"actmobile.com","BreachDate":"2021-10-08","AddedDate":"2021-11-09T07:55:03Z","ModifiedDate":"2021-11-09T07:55:03Z","PwnCount":1583193,"Description":"In October 2021, \u003Ca href=\u0022https://www.comparitech.com/blog/information-security/vpn-database-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN and FreeVPN\u003C/a\u003E. The exposed data included 1.6 million unique email addresses along with IP addresses and password hashes, all of which were subsequently leaked on a popular hacking forum. Although usage of the service was verified by HIBP subscribers, \u003Ca href=\u0022https://www.databreaches.net/shoot-the-messenger-monday-edition-actmobile-threatens-researcher-whose-only-sin-was-trying-to-let-them-know-they-are-leaking-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EActMobile denied the data was sourced from them\u003C/a\u003E and the breach has subsequently been flagged as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ActMobile.png","DataClasses":["Email addresses","IP addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Acuity","Title":"Acuity","Domain":"","BreachDate":"2020-06-18","AddedDate":"2023-11-15T07:16:23Z","ModifiedDate":"2023-11-15T07:16:23Z","PwnCount":14055729,"Description":"In mid-2020, \u003Ca href=\u0022https://www.troyhunt.com/acuity-who-attempts-and-failures-to-attribute-437gb-of-breached-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea 437GB corpus of data attributed to an entity named \u0026quot;Acuity\u0026quot; was created and later extensively distributed\u003C/a\u003E. However, the source could not be confidently verified as any known companies named Acuity. The data totalled over 14M unique email addresses with each row containing extensive personal information across more than 400 columns of data including names, phone numbers, physical addresses, genders and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Adapt","Title":"Adapt","Domain":"adapt.io","BreachDate":"2018-11-05","AddedDate":"2018-11-22T19:43:06Z","ModifiedDate":"2018-11-22T19:43:06Z","PwnCount":9363740,"Description":"In November 2018, \u003Ca href=\u0022https://blog.hackenproof.com/industry-news/another-decision-makers-database-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified an unprotected database hosted by data aggregator \u0026quot;Adapt\u0026quot;\u003C/a\u003E. A provider of \u0026quot;Fresh Quality Contacts\u0026quot;, the service exposed over 9.3M unique records of individuals and employer information including their names, employers, job titles, contact information and data relating to the employer including organisation description, size and revenue. No response was received from Adapt when contacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Adapt.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Adecco","Title":"Adecco","Domain":"adecco.com","BreachDate":"2021-01-03","AddedDate":"2022-05-31T06:33:24Z","ModifiedDate":"2022-05-31T06:37:53Z","PwnCount":4284538,"Description":"In March 2021, \u003Ca href=\u0022https://cybernews.com/security/5-million-adecco-com-users-data-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive data breach impacting millions of Adecco customers in South America\u003C/a\u003E which was subsequently sold on a popular hacking forum. The breach exposed over 4M unique email addresses as well as genders, dates of birth, marital statuses, phone numbers and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Adecco.png","DataClasses":["Email addresses","Genders","Geographic locations","Marital statuses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ABFRL","Title":"Aditya Birla Fashion and Retail","Domain":"abfrl.com","BreachDate":"2021-12-01","AddedDate":"2022-01-15T02:58:39Z","ModifiedDate":"2022-01-15T03:02:43Z","PwnCount":5470063,"Description":"In December 2021, Indian retailer \u003Ca href=\u0022https://restoreprivacy.com/aditya-birla-fashion-and-retail-ltd-abfrl-hack-2022/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAditya Birla Fashion and Retail Ltd was breached and ransomed\u003C/a\u003E. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next month. The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes. Employee data was also dumped publicly and included salary grades, marital statuses and religions. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ABFRL.png","DataClasses":["Email addresses","Genders","Income levels","Job titles","Marital statuses","Names","Passwords","Phone numbers","Physical addresses","Purchases","Religions","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Adobe","Title":"Adobe","Domain":"adobe.com","BreachDate":"2013-10-04","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2022-05-15T23:52:49Z","PwnCount":152445165,"Description":"In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, \u003Cem\u003Eencrypted\u003C/em\u003E password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also \u003Ca href=\u0022http://www.troyhunt.com/2013/11/adobe-credentials-and-serious.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edisclosed much about the passwords\u003C/a\u003E adding further to the risk that hundreds of millions of Adobe customers already faced.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Adobe.png","DataClasses":["Email addresses","Password hints","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdultFriendFinder","Title":"Adult FriendFinder (2015)","Domain":"adultfriendfinder.com","BreachDate":"2015-05-21","AddedDate":"2015-05-22T06:03:44Z","ModifiedDate":"2020-02-07T01:11:13Z","PwnCount":3867997,"Description":"In May 2015, the adult hookup site \u003Ca href=\u0022http://www.bbc.com/news/business-32839196\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAdult FriendFinder was hacked\u003C/a\u003E and nearly 4 million records dumped publicly. The data dump included extremely sensitive personal information about individuals and their relationship statuses and sexual preferences combined with personally identifiable information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdultFriendFinder.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Races","Relationship statuses","Sexual orientations","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdultFriendFinder2016","Title":"Adult FriendFinder (2016)","Domain":"adultfriendfinder.com","BreachDate":"2016-10-16","AddedDate":"2020-02-06T23:53:53Z","ModifiedDate":"2020-02-07T01:11:28Z","PwnCount":169746810,"Description":"In October 2016, the adult entertainment company \u003Ca href=\u0022https://www.zdnet.com/article/adultfriendfinder-network-hack-exposes-secrets-of-412-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFriend Finder Networks suffered a massive data breach\u003C/a\u003E. The incident impacted multiple separate online assets owned by the company, the largest of which was the Adult FriendFinder website alleged to be \u0026quot;the world\u0027s largest sex \u0026amp; swinger community\u0026quot;. Exposed data included usernames, passwords stored as SHA-1 hashes and 170 million unique email addresses. This incident is separate to the 2015 data breach Adult FriendFinder also suffered. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdultFriendFinder.png","DataClasses":["Email addresses","Passwords","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdultFanFiction","Title":"Adult-FanFiction.Org","Domain":"adult-fanfiction.org","BreachDate":"2018-05-30","AddedDate":"2018-08-06T08:56:03Z","ModifiedDate":"2018-08-06T08:56:03Z","PwnCount":186082,"Description":"In May 2018, the website for sharing adult-orientated works of fiction known as \u003Ca href=\u0022http://www.adult-fanfiction.org\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAdult-FanFiction.Org\u003C/a\u003E had 186k records exposed in a data breach. The data contained names, email addresses, dates of birth and passwords stored as \u003Cem\u003Eboth\u003C/em\u003E MD5 hashes and plain text. AFF did not respond when contacted about the breach and the site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdultFanFiction.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdvanceAutoParts","Title":"Advance Auto Parts","Domain":"advanceautoparts.com","BreachDate":"2024-06-05","AddedDate":"2024-06-24T09:51:11Z","ModifiedDate":"2024-06-24T09:51:11Z","PwnCount":79243727,"Description":"In June 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/advance-auto-parts-confirms-data-breach-exposed-employee-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAdvance Auto Parts confirmed they had suffered a data breach\u003C/a\u003E which was posted for sale to a popular hacking forum. Linked to unauthorised access to Snowflake cloud services, the breach exposed a large number of records related to both customers and employees. In total, 79M unique email addresses were included in the breach, alongside names, phone numbers, addresses and further data attributes related to company employees.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdvanceAutoParts.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AerServ","Title":"AerServ","Domain":"aerserv.com","BreachDate":"2018-04-01","AddedDate":"2018-12-06T02:58:12Z","ModifiedDate":"2018-12-06T02:58:12Z","PwnCount":66308,"Description":"In April 2018, the ad management platform known as \u003Ca href=\u0022https://www.aerserv.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAerServ\u003C/a\u003E suffered a data breach. Acquired by InMobi earlier in the year, the AerServ breach impacted over 66k unique email addresses and also included contact information and passwords stored as salted SHA-512 hashes. The data was publicly posted to Twitter later in 2018 after which InMobi was notified and advised they were aware of the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AerServ.png","DataClasses":["Email addresses","Employers","Job titles","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AgusiQTorrents","Title":"AgusiQ-Torrents.pl","Domain":"agusiq-torrents.pl","BreachDate":"2019-09-24","AddedDate":"2019-12-04T21:54:50Z","ModifiedDate":"2019-12-04T21:54:50Z","PwnCount":90478,"Description":"In September 2019, Polish torrent site \u003Ca href=\u0022http://agusiq-torrents.pl/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAgusiQ-Torrents.pl\u003C/a\u003E suffered a data breach. The incident exposed 90k member records including email and IP addresses, usernames and passwords stored as MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AgusiQTorrents.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AhaShare","Title":"AhaShare.com","Domain":"ahashare.com","BreachDate":"2013-05-30","AddedDate":"2014-11-06T21:47:52Z","ModifiedDate":"2014-11-06T21:47:52Z","PwnCount":180468,"Description":"In May 2013, the torrent site \u003Ca href=\u0022http://www.ahashare.com\u0022\u003EAhaShare.com\u003C/a\u003E suffered a breach which resulted in more than 180k user accounts being published publicly. The breach included a raft of personal information on registered users plus despite assertions of not distributing personally identifiable information, the site also leaked the IP addresses used by the registered identities.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AhaShare.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Partial dates of birth","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AIType","Title":"ai.type","Domain":"aitype.com","BreachDate":"2017-12-05","AddedDate":"2017-12-08T21:31:25Z","ModifiedDate":"2017-12-08T21:31:25Z","PwnCount":20580060,"Description":"In December 2017, the virtual keyboard application \u003Ca href=\u0022https://mackeepersecurity.com/post/virtual-keyboard-developer-leaked-31-million-of-client-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance\u003C/a\u003E. Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AIType.png","DataClasses":["Address book contacts","Apps installed on devices","Cellular network names","Dates of birth","Device information","Email addresses","Genders","Geographic locations","IMEI numbers","IMSI numbers","IP addresses","Names","Phone numbers","Profile photos","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aimware","Title":"Aimware","Domain":"aimware.net","BreachDate":"2019-04-28","AddedDate":"2022-05-02T02:13:41Z","ModifiedDate":"2022-05-02T02:23:27Z","PwnCount":305470,"Description":"In mid-2019, the video game cheats website \u0026quot;Aimware\u0026quot; suffered a data breach that exposed hundreds of thousands of subscribers\u0027 personal information. Data included email and IP addresses, usernames, forum posts, private messages, website activity and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;clerk/anthrax/soontoberichh\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aimware.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aipai","Title":"Aipai.com","Domain":"aipai.com","BreachDate":"2016-09-27","AddedDate":"2016-11-07T21:55:29Z","ModifiedDate":"2016-11-07T21:55:29Z","PwnCount":6496778,"Description":"In September 2016, data allegedly obtained from the Chinese gaming website known as \u003Ca href=\u0022http://aipai.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAipai.com\u003C/a\u003E and containing 6.5M accounts was leaked online. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and MD5 password hashes. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aipai.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ajarn","Title":"Ajarn","Domain":"ajarn.com","BreachDate":"2018-12-13","AddedDate":"2021-09-26T03:45:38Z","ModifiedDate":"2021-09-26T03:45:38Z","PwnCount":266399,"Description":"In September 2021, the Thai-based English language teaching website \u003Ca href=\u0022https://www.ajarn.com/data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAjarn discovered they\u0027d been the victim of a data breach dating back to December 2018\u003C/a\u003E. The breach was self-submitted to HIBP and included 266k email addresses, names, genders, phone numbers and other personal information. Hashed passwords were also impacted in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ajarn.png","DataClasses":["Dates of birth","Education levels","Email addresses","Genders","Geographic locations","Job applications","Marital statuses","Names","Nationalities","Passwords","Phone numbers","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AKP","Title":"AKP Emails","Domain":"akparti.org.tr","BreachDate":"2016-07-19","AddedDate":"2017-10-01T03:52:37Z","ModifiedDate":"2017-10-01T03:52:37Z","PwnCount":917461,"Description":"In July 2016, a hacker known as Phineas Fisher \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/yp3n55/phineas-fisher-turkish-government-hack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked Turkey\u0027s ruling party (Justice and Development Party or \u0026quot;AKP\u0026quot;) and gained access to 300k emails\u003C/a\u003E. The full contents of the emails were subsequently \u003Ca href=\u0022https://wikileaks.org/akp-emails/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epublished by WikiLeaks and made searchable\u003C/a\u003E. HIBP identified over 917k unique email address patterns in the data set, including message IDs and a number of other non-user addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AKP.png","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AmartFurniture","Title":"Amart Furniture","Domain":"amartfurniture.com.au","BreachDate":"2022-05-16","AddedDate":"2022-05-25T23:43:23Z","ModifiedDate":"2022-05-25T23:43:23Z","PwnCount":108940,"Description":"In May 2022, the Australian retailer \u003Ca href=\u0022https://www.ozbargain.com.au/node/701231\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAmart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack\u003C/a\u003E. Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AmartFurniture.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ancestry","Title":"Ancestry","Domain":"ancestry.com","BreachDate":"2015-11-07","AddedDate":"2017-12-24T04:28:45Z","ModifiedDate":"2017-12-24T04:28:45Z","PwnCount":297806,"Description":"In November 2015, an Ancestry service known as \u003Ca href=\u0022https://blogs.ancestry.com/ancestry/2017/12/23/rootsweb-security-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERootsWeb suffered a data breach\u003C/a\u003E. The breach was not discovered until late 2017 when a file containing almost 300k email addresses and plain text passwords was identified. ","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ancestry.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AndroidForums","Title":"Android Forums","Domain":"androidforums.com","BreachDate":"2011-10-30","AddedDate":"2015-12-20T06:47:19Z","ModifiedDate":"2020-08-07T23:29:01Z","PwnCount":745355,"Description":"In October 2011, the Android Forums website \u003Ca href=\u0022http://www.pcworld.com/article/259201/online_android_forum_hacked_user_data_accessed.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E and 745k user accounts were subsequently leaked publicly. The compromised data included email addresses, user birth dates and passwords stored as a salted MD5 hash.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AndroidForums.png","DataClasses":["Dates of birth","Email addresses","Homepage URLs","Instant messenger identities","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AndroidLista","Title":"AndroidLista","Domain":"androidlista.com","BreachDate":"2021-07-28","AddedDate":"2023-10-17T21:15:55Z","ModifiedDate":"2023-10-17T21:18:24Z","PwnCount":6640643,"Description":"In July 2021, the Android applications and games review site \u003Ca href=\u0022https://www.androidlista.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAndroidLista\u003C/a\u003E suffered a data breach. The incident exposed 6.6M user records containing email addresses, names, usernames and passwords stored as salted SHA-1 hashes, all of which were subsequently posted to a popular hacking forum. AndroidLista did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AndroidLista.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimalJam","Title":"Animal Jam","Domain":"animaljam.com","BreachDate":"2020-10-12","AddedDate":"2020-11-12T01:18:50Z","ModifiedDate":"2020-11-12T01:18:50Z","PwnCount":7104998,"Description":"In October 2020, the online game for kids \u003Ca href=\u0022https://www.animaljam.com/en/2020databreach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimal Jam suffered a data breach\u003C/a\u003E which was subsequently shared through online hacking communities the following month. The data contained 46 million user accounts with over 7 million unique email addresses. Impacted data also included usernames, IP addresses and for some records, dates of birth (sometimes in partial form), physical addresses, parent names and passwords stored as PBKDF2 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimalJam.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimeGame","Title":"AnimeGame","Domain":"animegame.me","BreachDate":"2020-02-27","AddedDate":"2020-03-09T05:52:08Z","ModifiedDate":"2020-03-09T05:52:08Z","PwnCount":1431378,"Description":"In February 2020, the gaming website \u003Ca href=\u0022http://animegame.me/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimeGame\u003C/a\u003E suffered a data breach. The incident affected 1.4M subscribers and exposed email addresses, usernames and passwords stored as salted MD5 hashes. The data was subsequently shared on a popular hacking forum and was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimeGame.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimeLeague","Title":"AnimeLeague","Domain":"animeleague.net","BreachDate":"2024-07-04","AddedDate":"2024-07-31T07:57:48Z","ModifiedDate":"2024-07-31T07:57:48Z","PwnCount":192134,"Description":"In July 2024, \u003Ca href=\u0022https://www.animeleague.net/forum/viewtopic.php?f=55\u0026t=134675\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimeLeague disclosed a data breach of their services\u003C/a\u003E. The data was posted for sale on a popular hacking forum and included 2 databases covering both event registration records and a dump of the phpBB bulletin board. The impacted data included passwords in various hashed formats including SHA-1, salted md5 and bcrypt, as well as usernames, private messages, dates of birth, purchases and 192k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimeLeague.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Phone numbers","Private messages","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimePlanet","Title":"Anime-Planet","Domain":"anime-planet.com","BreachDate":"2016-01-01","AddedDate":"2019-07-28T00:35:07Z","ModifiedDate":"2019-07-28T00:35:07Z","PwnCount":368507,"Description":"In approximately 2016, the anime website \u003Ca href=\u0022https://www.anime-planet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnime-Planet\u003C/a\u003E suffered a data breach that impacted 369k subscribers. The exposed data included usernames, IP and email addresses, dates of birth and passwords stored as unsalted MD5 hashes and for newer accounts, bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimePlanet.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Animoto","Title":"Animoto","Domain":"animoto.com","BreachDate":"2018-07-10","AddedDate":"2019-07-18T05:04:08Z","ModifiedDate":"2019-07-18T05:04:08Z","PwnCount":22437749,"Description":"In July 2018, the cloud-based video making service \u003Ca href=\u0022https://techcrunch.com/2018/08/20/animoto-hack-exposes-personal-information-geolocation-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimoto suffered a data breach\u003C/a\u003E. The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Animoto.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AntiPublic","Title":"Anti Public Combo List","Domain":"","BreachDate":"2016-12-16","AddedDate":"2017-05-04T22:07:38Z","ModifiedDate":"2017-05-04T22:07:38Z","PwnCount":457962538,"Description":"In December 2016, a huge list of email address and password pairs appeared in a \u0026quot;combo list\u0026quot; referred to as \u0026quot;Anti Public\u0026quot;. The list contained 458 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for \u0026quot;credential stuffing\u0026quot;, that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read \u003Ca href=\u0022https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPassword reuse, credential stuffing and another billion records in Have I Been Pwned\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ApexSMS","Title":"ApexSMS","Domain":"","BreachDate":"2019-04-15","AddedDate":"2023-09-21T14:57:43Z","ModifiedDate":"2023-09-21T14:57:43Z","PwnCount":23246481,"Description":"In May 2019, \u003Ca href=\u0022https://techcrunch.com/2019/05/09/sms-spammers-doxxed/?guccounter=1\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive SMS spam operation known as \u0026quot;ApexSMS\u0026quot; which was discovered after a MongoDB instance of the same name was found exposed without a password\u003C/a\u003E. The incident leaked over 80M records with 23M unique email addresses alongside names, phone numbers and carriers, geographic locations (state and country), genders and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Phone numbers","Telecommunications carrier"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"APKTW","Title":"APK.TW","Domain":"apk.tw","BreachDate":"2022-09-03","AddedDate":"2024-03-09T00:17:54Z","ModifiedDate":"2024-03-09T00:17:54Z","PwnCount":2451197,"Description":"In September 2022, the Taiwanese Android forum APK.TW suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The breach exposed 2.5M unique email addresses along with IP addresses, usernames and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/APKTW.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Apollo","Title":"Apollo","Domain":"apollo.io","BreachDate":"2018-07-23","AddedDate":"2018-10-05T19:14:11Z","ModifiedDate":"2018-10-23T04:01:48Z","PwnCount":125929660,"Description":"In July 2018, the sales engagement startup \u003Ca href=\u0022https://www.wired.com/story/apollo-breach-linkedin-salesforce-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EApollo left a database containing billions of data points publicly exposed without a password\u003C/a\u003E. The data was discovered by security researcher \u003Ca href=\u0022http://www.vinnytroia.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVinny Troia\u003C/a\u003E who subsequently sent a subset of the data containing 126 million unique email addresses to Have I Been Pwned. The data left exposed by Apollo was used in their \u0026quot;revenue acceleration platform\u0026quot; and included personal information such as names and email addresses as well as professional information including places of employment, the roles people hold and where they\u0027re located. Apollo stressed that the exposed data did not include sensitive information such as passwords, social security numbers or financial data. \u003Ca href=\u0022https://www.apollo.io/contact\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Apollo website has a contact form\u003C/a\u003E for those looking to get in touch with the organisation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Apollo.png","DataClasses":["Email addresses","Employers","Geographic locations","Job titles","Names","Phone numbers","Salutations","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Appartoo","Title":"Appartoo","Domain":"appartoo.com","BreachDate":"2017-03-25","AddedDate":"2019-05-02T07:07:24Z","ModifiedDate":"2019-05-02T07:07:24Z","PwnCount":49681,"Description":"In March 2017, the French Flatsharing site known as \u003Ca href=\u0022https://www.appartoo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAppartoo\u003C/a\u003E suffered a data breach. The incident exposed an extensive amount of personal information on almost 50k members including email addresses, genders, ages, private messages sent between users of the service and passwords stored as SHA-256 hashes. Appartoo advised that all subscribers were notified of the incident in early 2017.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Appartoo.png","DataClasses":["Ages","Auth tokens","Email addresses","Employment statuses","Genders","IP addresses","Marital statuses","Names","Passwords","Physical addresses","Private messages","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Appen","Title":"Appen","Domain":"appen.com","BreachDate":"2020-06-22","AddedDate":"2020-07-30T07:00:21Z","ModifiedDate":"2020-07-30T07:00:21Z","PwnCount":5888405,"Description":"In June 2020, the AI training data company \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAppen suffered a data breach\u003C/a\u003E exposing the details of almost 5.9 million users which were subsequently sold online. Included in the breach were names, email addresses and passwords stored as bcrypt hashes. Some records also contained phone numbers, employers and IP addresses. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Appen.png","DataClasses":["Email addresses","Employers","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aptoide","Title":"Aptoide","Domain":"aptoide.com","BreachDate":"2020-04-13","AddedDate":"2020-04-19T03:07:42Z","ModifiedDate":"2020-04-19T03:07:42Z","PwnCount":20012235,"Description":"In April 2020, the independent Android app store \u003Ca href=\u0022https://blog.aptoide.com/aptoide-credentials-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAptoide suffered a data breach\u003C/a\u003E. The incident resulted in the exposure of 20M customer records which were subsequently shared online via a popular hacking forum. Impacted data included email and IP addresses, names, IP addresses and passwords stored as SHA-1 hashes without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aptoide.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ArmorGames","Title":"Armor Games","Domain":"armorgames.com","BreachDate":"2019-01-01","AddedDate":"2019-07-20T06:03:31Z","ModifiedDate":"2021-04-07T06:28:50Z","PwnCount":10604307,"Description":"In January 2019, the game portal website \u003Ca href=\u0022https://techraptor.net/content/armor-games-data-breach-january-2019\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArmor Games suffered a data breach\u003C/a\u003E. A total of 10.6 million email addresses were impacted by the breach which also exposed usernames, IP addresses, birthdays of administrator accounts and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ArmorGames.png","DataClasses":["Bios","Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ArmyForceOnline","Title":"Army Force Online","Domain":"armyforceonline.com","BreachDate":"2016-05-18","AddedDate":"2016-11-10T03:24:38Z","ModifiedDate":"2020-08-07T03:19:40Z","PwnCount":1531235,"Description":"In May 2016, the online gaming site \u003Ca href=\u0022http://armyforceonline.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArmy Force Online\u003C/a\u003E suffered a data breach that exposed 1.5M accounts. The breached data was found being regularly traded online and included usernames, email and IP addresses and MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ArmyForceOnline.png","DataClasses":["Avatars","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Artsy","Title":"Artsy","Domain":"artsy.net","BreachDate":"2018-04-01","AddedDate":"2020-05-25T20:59:10Z","ModifiedDate":"2020-05-25T21:08:08Z","PwnCount":1079970,"Description":"In April 2018, the online arts database \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArtsy suffered a data breach which consequently appeared for sale on a dark web marketplace\u003C/a\u003E. Over 1M accounts were impacted and included IP and email addresses, names and passwords stored as salted SHA-512 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Artsy.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Artvalue","Title":"Artvalue","Domain":"artvalue.com","BreachDate":"2019-06-19","AddedDate":"2019-07-19T13:16:52Z","ModifiedDate":"2019-07-19T13:35:22Z","PwnCount":157692,"Description":"In June 2019, the France-based art valuation website \u003Ca href=\u0022http://artvalue.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArtvalue.com\u003C/a\u003E left their 158k member subscriber base publicly exposed in a text file on their website. The exposed data included names, usernames, email addresses and passwords stored as MD5 hashes. The site operator did not respond when contacted about the incident, although the exposed file was subsequently removed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Artvalue.png","DataClasses":["Email addresses","Names","Passwords","Salutations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AshleyMadison","Title":"Ashley Madison","Domain":"ashleymadison.com","BreachDate":"2015-07-19","AddedDate":"2015-08-18T20:55:05Z","ModifiedDate":"2015-08-18T20:55:05Z","PwnCount":30811934,"Description":"In July 2015, the infidelity website Ashley Madison \u003Ca href=\u0022http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a serious data breach\u003C/a\u003E. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as \u0026quot;sensitive\u0026quot; and is not publicly searchable, although individuals may discover if they\u0027ve been impacted by \u003Ca href=\u0022https://haveibeenpwned.com/NotifyMe\u0022\u003Eregistering for notifications\u003C/a\u003E. \u003Ca href=\u0022http://www.troyhunt.com/2015/07/heres-how-im-going-to-handle-ashley.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead about this approach in detail\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AshleyMadison.png","DataClasses":["Dates of birth","Email addresses","Ethnicities","Genders","Names","Passwords","Payment histories","Phone numbers","Physical addresses","Security questions and answers","Sexual orientations","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AstroPID","Title":"Astropid","Domain":"astropid.com","BreachDate":"2013-12-19","AddedDate":"2014-07-06T03:49:45Z","ModifiedDate":"2014-07-06T03:49:45Z","PwnCount":5788,"Description":"In December 2013, the vBulletin forum for the social engineering site known as \u0022AstroPID\u0022 was breached and \u003Ca href=\u0022https://www.sinister.ly/Thread-40-Compromised-databases\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eleaked publicly\u003C/a\u003E. The site provided tips on fraudulently obtaining goods and services, often by providing a legitimate \u0022PID\u0022 or Product Information Description. The breach resulted in nearly 6k user accounts and over 220k private messages between forum members being exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AstroPID.png","DataClasses":["Email addresses","Instant messenger identities","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AllegedATT","Title":"AT\u0026T","Domain":"","BreachDate":"2021-08-20","AddedDate":"2024-03-19T06:30:49Z","ModifiedDate":"2024-03-31T03:04:13Z","PwnCount":49102176,"Description":"In March 2024, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-massive-alleged-att-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etens of millions of records allegedly breached from AT\u0026T were posted to a popular hacking forum\u003C/a\u003E. Dating back to August 2021, the data was originally posted for sale before later being freely released. At the time, AT\u0026T maintained that there had not been a breach of their systems and that the data originated from elsewhere. 12 days later, \u003Ca href=\u0022https://about.att.com/story/2024/addressing-data-set-released-on-dark-web.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAT\u0026T acknowledged that data fields specific to them were in the breach and that it was not yet known whether the breach occurred at their end or that of a vendor\u003C/a\u003E. \u003Ca href=\u0022https://techcrunch.com/2024/03/30/att-reset-account-passcodes-customer-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAT\u0026T also proceeded to reset customer account passcodes\u003C/a\u003E, an indicator that there was sufficient belief passcodes had been compromised. The incident exposed names, email and physical addresses, dates of birth, phone numbers and US social security numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ATT.png","DataClasses":["Dates of birth","Email addresses","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aternos","Title":"Aternos","Domain":"aternos.org","BreachDate":"2015-12-06","AddedDate":"2016-10-01T23:42:56Z","ModifiedDate":"2016-10-01T23:42:56Z","PwnCount":1436486,"Description":"In December 2015, the service for creating and running free Minecraft servers known as \u003Ca href=\u0022https://twitter.com/AternosStatus/status/696121828360716288\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAternos suffered a data breach that impacted 1.4 million subscribers\u003C/a\u003E. The data included usernames, email and IP addresses and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aternos.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AtlasQuantum","Title":"Atlas Quantum","Domain":"atlasquantum.com","BreachDate":"2018-08-25","AddedDate":"2018-08-27T01:42:34Z","ModifiedDate":"2018-08-28T21:17:47Z","PwnCount":261463,"Description":"In August 2018, the cryptocurrency investment platform \u003Ca href=\u0022https://www.facebook.com/notes/atlas-quantum/comunicado-importante/2196456297259749/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAtlas Quantum suffered a data breach\u003C/a\u003E. The breach leaked the personal data of 261k investors on the platform including their names, phone numbers, email addresses and account balances.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AtlasQuantum.png","DataClasses":["Account balances","Email addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Atmeltomo","Title":"Atmeltomo","Domain":"atmeltomo.com","BreachDate":"2021-04-16","AddedDate":"2023-08-22T01:29:29Z","ModifiedDate":"2023-08-22T01:29:29Z","PwnCount":580177,"Description":"In April 2021, \u0026quot;Japan\u0027s largest e-mail friend search site\u0026quot; \u003Ca href=\u0022https://socradar.io/the-week-in-dark-web-29-august-2022-access-sales-and-data-leaks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAtmeltomo suffered a data breach that was later sold on a popular hacking forum\u003C/a\u003E. The breach exposed 1.3M records with 580k unique email addresses along with usernames, IP addresses and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Atmeltomo.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Audi","Title":"Audi","Domain":"audiusa.com","BreachDate":"2019-08-14","AddedDate":"2021-07-23T06:31:33Z","ModifiedDate":"2021-07-23T21:57:33Z","PwnCount":2743539,"Description":"In August 2019, \u003Ca href=\u0022https://techcrunch.com/2021/06/11/volkswagen-says-a-vendors-security-lapse-exposed-3-3-million-drivers-details/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAudi USA suffered a data breach after a vendor left data unsecured and exposed on the internet\u003C/a\u003E. The data contained 2.7M unique email addresses along with names, phone numbers, physical addresses and vehicle information including VIN. In \u003Ca href=\u0022https://techcrunch.com/2021/06/11/volkswagen-says-a-vendors-security-lapse-exposed-3-3-million-drivers-details/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea disclosure statement from Audi\u003C/a\u003E, they also advised some customers had driver\u0027s licenses, dates of birth, social security numbers and other personal information exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Audi.png","DataClasses":["Dates of birth","Driver\u0027s licenses","Email addresses","Names","Phone numbers","Physical addresses","Social security numbers","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Autocentrum","Title":"Autocentrum.pl","Domain":"autocentrum.pl","BreachDate":"2018-02-04","AddedDate":"2018-02-09T00:55:26Z","ModifiedDate":"2018-02-09T00:55:26Z","PwnCount":143717,"Description":"In February 2018, \u003Ca href=\u0022https://niebezpiecznik.pl/post/wyciek-hasel-144-000-uzytkownikow-autocentrum-pl/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata belonging to the Polish motoring website autocentrum.pl was found online\u003C/a\u003E. The data contained 144k email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Autocentrum.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Autotrader","Title":"Autotrader","Domain":"autotrader.com","BreachDate":"2023-01-06","AddedDate":"2023-01-23T06:24:21Z","ModifiedDate":"2023-01-23T06:24:21Z","PwnCount":20032,"Description":"In January 2023, \u003Ca href=\u0022https://thecyberexpress.com/data1-4-million-autotrader-user-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum\u003C/a\u003E. Autotrader stated that the \u0026quot;data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods\u0026quot;. The data contained 20k unique email addresses alongside physical addresses and phone numbers of dealers and vehicle details including VIN numbers. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Autotrader.png","DataClasses":["Email addresses","Phone numbers","Physical addresses","Vehicle details","Vehicle identification numbers (VINs)"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Avast","Title":"Avast","Domain":"avast.com","BreachDate":"2014-05-26","AddedDate":"2016-03-12T22:08:58Z","ModifiedDate":"2016-03-12T22:08:58Z","PwnCount":422959,"Description":"In May 2014, \u003Ca href=\u0022https://www.grahamcluley.com/2014/05/avast-forum-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Avast anti-virus forum was hacked\u003C/a\u003E and 423k member records were exposed. The Simple Machines Based forum included usernames, emails and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Avast.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Avito","Title":"Avito","Domain":"avito.ma","BreachDate":"2022-11-18","AddedDate":"2023-11-14T06:51:25Z","ModifiedDate":"2023-11-14T06:51:25Z","PwnCount":2721835,"Description":"In November 2022, the Moroccan e-commerce service \u003Ca href=\u0022https://ledesk.ma/2022/12/20/avito-sexplique-sur-le-data-breach-ayant-touche-27-millions-dutilisateurs-de-sa-plateforme/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAvito suffered a data breach that exposed the personal information of 2.7M customers\u003C/a\u003E. The data included name, email, phone, IP address and geographic location.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Avito.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Avvo","Title":"Avvo","Domain":"avvo.com","BreachDate":"2019-12-17","AddedDate":"2022-04-15T03:39:42Z","ModifiedDate":"2022-04-15T03:45:01Z","PwnCount":4101101,"Description":"In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum and used in an extortion scam (it\u0027s possible the exposure dates back earlier than that). The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords. \u003Ca href=\u0022https://troyhunt.com/breach-disclosure-blow-by-blow-heres-why-its-so-hard\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMultiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified with common Avvo and HIBP subscribers.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Avvo.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"B2BUSABusinesses","Title":"B2B USA Businesses","Domain":"","BreachDate":"2017-07-18","AddedDate":"2017-07-18T07:38:04Z","ModifiedDate":"2017-07-18T07:38:04Z","PwnCount":105059554,"Description":"In mid-2017, a spam list of over 105 million individuals in corporate America was discovered online. Referred to as \u0026quot;B2B USA Businesses\u0026quot;, the list categorised email addresses by employer, providing information on individuals\u0027 job titles plus their work phone numbers and physical addresses. \u003Ca href=\u0022https://www.troyhunt.com/have-i-been-pwned-and-spam-lists-of-personal-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about spam lists in HIBP.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BabyNames","Title":"Baby Names","Domain":"babynames.com","BreachDate":"2008-10-24","AddedDate":"2018-10-24T06:27:03Z","ModifiedDate":"2018-10-24T06:27:30Z","PwnCount":846742,"Description":"In approximately 2008, the site to help parents name their children known as \u003Ca href=\u0022https://www.babynames.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBaby Names\u003C/a\u003E suffered a data breach. The incident exposed 846k email addresses and passwords stored as salted MD5 hashes. When contacted in October 2018, Baby Names advised that \u0026quot;the breach happened at least ten years ago\u0026quot; and that members were notified at the time.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BabyNames.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Badoo","Title":"Badoo","Domain":"badoo.com","BreachDate":"2013-06-01","AddedDate":"2016-07-06T08:16:03Z","ModifiedDate":"2016-07-06T08:16:03Z","PwnCount":112005531,"Description":"In June 2016, \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-user-accounts-of-dating-site-badoo\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach allegedly originating from the social website Badoo was found to be circulating amongst traders\u003C/a\u003E. Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes. Whilst there are many indicators suggesting Badoo did indeed suffer a data breach, \u003Ca href=\u0022https://www.troyhunt.com/introducing-unverified-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe legitimacy of the data could not be emphatically proven\u003C/a\u003E so this breach has been categorised as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Badoo.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BannerBit","Title":"BannerBit","Domain":"bannerbit.com","BreachDate":"2018-12-29","AddedDate":"2019-01-08T10:56:34Z","ModifiedDate":"2019-01-08T10:56:34Z","PwnCount":213415,"Description":"In approximately December 2018, the online ad platform \u003Ca href=\u0022https://bannerbit.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBannerBit\u003C/a\u003E suffered a data breach. Containing 213k unique email addresses and plain text passwords, the data was provided to HIBP by a third party. Multiple attempts were made to contact BannerBit, but no response was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BannerBit.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Banorte","Title":"Banorte","Domain":"banorte.com","BreachDate":"2014-08-18","AddedDate":"2022-08-18T23:36:24Z","ModifiedDate":"2022-08-18T23:36:24Z","PwnCount":2107000,"Description":"In August 2022, \u003Ca href=\u0022https://krebsonsecurity.com/2022/08/when-efforts-to-contain-a-data-breach-backfire/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emillions of records from Mexican bank \u0026quot;Banorte\u0026quot; were publicly dumped on a popular hacking forum\u003C/a\u003E including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances. Banorte have stated that the data is \u0026quot;outdated\u0026quot;, although have not yet indicated how far back it dates to. Anecdotal feedback from HIBP subscribers suggests the data may date back 8 years to 2014.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Banorte.png","DataClasses":["Account balances","Email addresses","Genders","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BattlefieldHeroes","Title":"Battlefield Heroes","Domain":"battlefieldheroes.com","BreachDate":"2011-06-26","AddedDate":"2014-01-23T13:10:29Z","ModifiedDate":"2014-01-23T13:10:29Z","PwnCount":530270,"Description":"In June 2011 as part of a final breached data dump, the hacker collective \u0026quot;LulzSec\u0026quot; \u003Ca href=\u0022http://www.rockpapershotgun.com/2011/06/26/lulzsec-over-release-battlefield-heroes-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eobtained and released over half a million usernames and passwords from the game Battlefield Heroes\u003C/a\u003E. The passwords were stored as MD5 hashes with no salt and many were easily converted back to their plain text versions.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BattlefieldHeroes.png","DataClasses":["Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Battlefy","Title":"Battlefy","Domain":"battlefy.com","BreachDate":"2016-01-11","AddedDate":"2022-07-29T00:24:33Z","ModifiedDate":"2022-07-29T00:24:33Z","PwnCount":83610,"Description":"In January 2016, the esports website \u003Ca href=\u0022https://dotesports.com/general/news/battlefy-hack-data-breach-user-credentials-2800\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBattlefy suffered a data breach that exposed 83k customer records\u003C/a\u003E. The impacted data included email addresses, usernames and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Battlefy.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BeautifulPeople","Title":"Beautiful People","Domain":"beautifulpeople.com","BreachDate":"2015-11-11","AddedDate":"2016-04-25T10:05:34Z","ModifiedDate":"2016-04-25T10:05:34Z","PwnCount":1100089,"Description":"In November 2015, the dating website \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2016/04/25/beautiful-people-hack-sexual-preference-location-addresses/#26a2cdf7559f\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBeautiful People was hacked\u003C/a\u003E and over 1.1M accounts were leaked. The data was being traded in underground circles and included a huge amount of personal information related to dating.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BeautifulPeople.png","DataClasses":["Beauty ratings","Car ownership statuses","Dates of birth","Drinking habits","Education levels","Email addresses","Genders","Geographic locations","Home ownership statuses","Income levels","IP addresses","Job titles","Names","Passwords","Personal descriptions","Personal interests","Physical attributes","Sexual orientations","Smoking habits","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bell","Title":"Bell (2014 breach)","Domain":"bell.ca","BreachDate":"2014-02-01","AddedDate":"2014-02-01T23:57:10Z","ModifiedDate":"2014-02-01T23:57:10Z","PwnCount":20902,"Description":"In February 2014, \u003Ca href=\u0022http://news.softpedia.com/news/Hackers-Claim-to-Have-Breached-Bell-Canada-s-Systems-422952.shtml?utm_medium=twitter\u0026utm_source=FredToadster\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBell Canada suffered a data breach via the hacker collective known as NullCrew\u003C/a\u003E. The breach included data from multiple locations within Bell and exposed email addresses, usernames, user preferences and a number of unencrypted passwords and credit card data from 40,000 records containing just over 20,000 unique email addresses and usernames.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bell.png","DataClasses":["Credit cards","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bell2017","Title":"Bell (2017 breach)","Domain":"bell.ca","BreachDate":"2017-05-15","AddedDate":"2017-05-16T01:49:31Z","ModifiedDate":"2017-05-16T01:49:31Z","PwnCount":2231256,"Description":"In May 2017, \u003Ca href=\u0022http://www.cbc.ca/beta/news/technology/bell-data-breach-customer-names-phone-numbers-emails-leak-1.4116608\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Bell telecommunications company in Canada suffered a data breach\u003C/a\u003E resulting in the exposure of millions of customer records. The data was consequently leaked online with a message from the attacker stating that they were \u0026quot;releasing a significant portion of Bell.ca\u0027s data due to the fact that they have failed to cooperate with us\u0026quot; and included a threat to leak more. The impacted data included over 2 million unique email addresses and 153k survey results dating back to 2011 and 2012. There were also 162 Bell employee records with more comprehensive personal data including names, phone numbers and plain text \u0026quot;passcodes\u0026quot;. Bell suffered another breach in 2014 which exposed 40k records.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bell.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Job titles","Names","Passwords","Phone numbers","Spoken languages","Survey results","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Benchmark","Title":"Benchmark","Domain":"benchmark.rs","BreachDate":"2019-11-01","AddedDate":"2023-01-01T01:50:43Z","ModifiedDate":"2023-01-01T01:52:21Z","PwnCount":93343,"Description":"In November 2019, the Serbian technology news website \u003Ca href=\u0022https://forum.benchmark.rs/threads/benchmark-forum-kompromitovan.489760/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBenchmark suffered a breach of its forum\u003C/a\u003E that exposed 93k customer records. The breach exposed IP and email addresses, usernames and passwords stored as salted MD5 hashes. \u003Ca href=\u0022https://forum.benchmark.rs/threads/benchmark-forum-kompromitovan.489760/#post-6758095\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EA forum administrator subsequently advised that the breach was due to the forum previously running on an outdated vBulletin instance\u003C/a\u003E. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;ZAN @ BF\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Benchmark.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bestialitysextaboo","Title":"Bestialitysextaboo","Domain":"bestialitysextaboo.com","BreachDate":"2018-03-19","AddedDate":"2018-03-29T06:10:06Z","ModifiedDate":"2018-03-29T06:10:06Z","PwnCount":3204,"Description":"In March 2018, the animal bestiality website known as \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/evqvpz/bestiality-website-hacked-troy-hunt-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBestialitysextaboo was hacked\u003C/a\u003E. A collection of various sites running on the same service were also compromised and details of the hack (including links to the data) were posted on a popular forum. In all, more than 3.2k unique email addresses were included alongside usernames, IP addresses, dates of birth, genders and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bestialitysextaboo.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bhinneka","Title":"Bhinneka","Domain":"bhinneka.com","BreachDate":"2020-01-27","AddedDate":"2022-10-06T05:11:47Z","ModifiedDate":"2022-10-06T05:11:47Z","PwnCount":1274340,"Description":"In early 2020, the Indonesian consumer electronics website \u003Ca href=\u0022https://www.thejakartapost.com/news/2020/05/13/e-commerce-platform-bhinneka-com-reported-to-be-latest-target-of-data-theft.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBhinneka suffered a data breach that exposed almost 1.3M customer records\u003C/a\u003E. The data included email and physical addresses, names, genders, dates of birth, phone numbers and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bhinneka.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"bigbasket","Title":"bigbasket","Domain":"bigbasket.com","BreachDate":"2020-10-14","AddedDate":"2021-04-26T04:00:10Z","ModifiedDate":"2021-04-26T06:15:01Z","PwnCount":24500011,"Description":"In October 2020, the Indian grocery platform \u003Ca href=\u0022https://indianexpress.com/article/business/business-others/bigbasket-data-breach-user-details-leaked-dark-web-cyber-crime-7009578/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebigbasket suffered a data breach that exposed over 20 million customer records\u003C/a\u003E. The data was originally sold before being leaked publicly in April the following year and included email, IP and physical addresses, names, phones numbers, dates of birth passwords stored as Django(SHA-1) hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/bigbasket.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BigMoneyJobs","Title":"BigMoneyJobs","Domain":"bigmoneyjobs.com","BreachDate":"2014-04-03","AddedDate":"2014-04-08T05:44:10Z","ModifiedDate":"2014-04-08T05:44:10Z","PwnCount":36789,"Description":"In April 2014, the job site \u003Ca href=\u0022http://www.bigmoneyjobs.com\u0022\u003Ebigmoneyjobs.com\u003C/a\u003E was \u003Ca href=\u0022https://twitter.com/ProbablyOnion2/status/451477310319779841\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by an attacker known as \u0026quot;ProbablyOnion\u0026quot;\u003C/a\u003E. The attack resulted in the \u003Ca href=\u0022http://news.softpedia.com/news/BigMoneyJobs-Hacked-Details-of-36-000-Users-Leaked-Online-436250.shtml?utm_source=twitterfeed\u0026utm_medium=twitter\u0026utm_campaign=information_security\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eexposure of over 36,000 user accounts\u003C/a\u003E including email addresses, usernames and passwords which were stored in plain text. The attack was allegedly mounted by exploiting a SQL injection vulnerability.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BigMoneyJobs.png","DataClasses":["Career levels","Education levels","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations","User website URLs","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BinWeevils","Title":"Bin Weevils","Domain":"binweevils.com","BreachDate":"2014-09-01","AddedDate":"2017-08-18T07:10:57Z","ModifiedDate":"2017-08-18T07:10:57Z","PwnCount":1287073,"Description":"In September 2014, the online game \u003Ca href=\u0022http://blog.binweevils.com/2014/09/important-security-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBin Weevils suffered a data breach\u003C/a\u003E. Whilst originally stating that only usernames and passwords had been exposed, \u003Ca href=\u0022https://www.databreaches.net/data-from-2014-hack-of-childrens-online-game-bin-weevils-leaked-online-hacker-claims-20m-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea subsequent story on DataBreaches.net indicated that a more extensive set of personal attributes were impacted\u003C/a\u003E (comments there also suggest the data may have come from a later breach). Data matching that pattern was later provided to Have I Been Pwned by \u003Ca href=\u0022https://twitter.com/akshayindia6\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E@akshayindia6\u003C/a\u003E and included almost 1.3m unique email addresses, genders, ages and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BinWeevils.png","DataClasses":["Ages","Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BiohackMe","Title":"Biohack.me","Domain":"biohack.me","BreachDate":"2016-12-02","AddedDate":"2017-08-23T20:47:39Z","ModifiedDate":"2017-08-23T20:47:39Z","PwnCount":3402,"Description":"In December 2016, the forum for the biohacking website \u003Ca href=\u0022https://forum.biohack.me/index.php?p=/discussion/2101/critical-website-server-compromised-read-this-action-needed\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBiohack.me suffered a data breach\u003C/a\u003E that exposed 3.4k accounts. The data included usernames, email addresses and hashed passwords along with the private messages of forum members. The data was self-submitted to HIBP by the Biohack.me operators.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BiohackMe.png","DataClasses":["Email addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BTSec","Title":"Bitcoin Security Forum Gmail Dump","Domain":"forum.btcsec.com","BreachDate":"2014-01-09","AddedDate":"2014-09-10T20:30:11Z","ModifiedDate":"2014-09-10T20:30:11Z","PwnCount":4789599,"Description":"In September 2014, a large dump of nearly 5M usernames and passwords was \u003Ca href=\u0022https://forum.btcsec.com/index.php?/topic/9426-gmail-meniai-parol/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eposted to a Russian Bitcoin forum\u003C/a\u003E. Whilst commonly reported as 5M \u0026quot;Gmail passwords\u0026quot;, the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were \u003Ca href=\u0022http://web.archive.org/web/20140910190920/http://www.reddit.com/r/netsec/comments/2fz13q/5_millions_of_gmail_passwords_leaked_rus_most/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Econfirmed by multiple source as correct\u003C/a\u003E, albeit a number of years old.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BTSec.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BitcoinTalk","Title":"Bitcoin Talk","Domain":"bitcointalk.org","BreachDate":"2015-05-22","AddedDate":"2017-03-27T23:45:41Z","ModifiedDate":"2017-03-27T23:45:41Z","PwnCount":501407,"Description":"In May 2015, the Bitcoin forum \u003Ca href=\u0022https://www.cryptocoinsnews.com/bitcoin-exchange-btc-e-bitcointalk-forum-breaches-details-revealed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBitcoin Talk was hacked\u003C/a\u003E and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BitcoinTalk.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Passwords","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bitly","Title":"Bitly","Domain":"bitly.com","BreachDate":"2014-05-08","AddedDate":"2017-10-06T06:31:50Z","ModifiedDate":"2017-10-06T08:05:10Z","PwnCount":9313136,"Description":"In May 2014, the link management company \u003Ca href=\u0022https://bitly.com/blog/urgent-security-update-regarding-your-bitly-account/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBitly announced they\u0027d suffered a data breach\u003C/a\u003E. The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bitly.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BitTorrent","Title":"BitTorrent","Domain":"bittorrent.com","BreachDate":"2016-01-01","AddedDate":"2016-06-08T10:49:24Z","ModifiedDate":"2016-06-08T10:49:24Z","PwnCount":34235,"Description":"In January 2016, the forum for the popular torrent software \u003Ca href=\u0022https://motherboard.vice.com/read/another-day-another-hack-user-accounts-for-bittorrents-forum-hacking\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBitTorrent was hacked\u003C/a\u003E. The IP.Board based forum stored passwords as weak SHA1 salted hashes and the breached data also included usernames, email and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BitTorrent.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlackHatWorld","Title":"Black Hat World","Domain":"blackhatworld.com","BreachDate":"2014-06-23","AddedDate":"2015-11-03T22:20:17Z","ModifiedDate":"2015-11-03T22:20:17Z","PwnCount":777387,"Description":"In June 2014, the search engine optimisation forum \u003Ca href=\u0022http://www.blackhatworld.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlack Hat World\u003C/a\u003E had three quarters of a million accounts breached from their system. The breach included various personally identifiable attributes which were publicly released in a MySQL database script.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlackHatWorld.png","DataClasses":["Dates of birth","Email addresses","Instant messenger identities","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlackBerryFans","Title":"BlackBerry Fans","Domain":"blackberryfans.org","BreachDate":"2022-05-06","AddedDate":"2022-05-16T02:15:13Z","ModifiedDate":"2022-05-16T02:16:15Z","PwnCount":174168,"Description":"In May 2022, the Chinese BlackBerry enthusiasts website \u003Ca href=\u0022http://blackberryfans.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlackBerry Fans\u003C/a\u003E suffered a data breach that exposed 174k member records. The impacted data included usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlackBerryFans.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlackSpigotMC","Title":"BlackSpigotMC","Domain":"blackspigot.com","BreachDate":"2019-07-14","AddedDate":"2019-07-17T18:44:17Z","ModifiedDate":"2019-07-17T18:44:17Z","PwnCount":140029,"Description":"In July 2019, the hacking website \u003Ca href=\u0022https://blackspigot.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlackSpigotMC suffered a data breach\u003C/a\u003E. The XenForo forum based site was allegedly compromised by a rival hacking website and resulted in 8.5GB of data being leaked including the database and website itself. The exposed data included 140k unique email addresses, usernames, IP addresses, genders, geographic locations and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlackSpigotMC.png","DataClasses":["Device information","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlankMediaGames","Title":"BlankMediaGames","Domain":"blankmediagames.com","BreachDate":"2018-12-28","AddedDate":"2019-01-02T05:52:56Z","ModifiedDate":"2019-01-02T06:03:19Z","PwnCount":7633234,"Description":"In December 2018, the Town of Salem website produced by \u003Ca href=\u0022https://blog.dehashed.com/town-of-salem-blankmediagames-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlankMediaGames suffered a data breach\u003C/a\u003E. Reported to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDeHashed\u003C/a\u003E, the data contained 7.6M unique user email addresses alongside usernames, IP addresses, purchase histories and passwords stored as phpass hashes. DeHashed made multiple attempts to contact BlankMediaGames over various channels and many days but had yet to receive a response at the time of publishing.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlankMediaGames.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Passwords","Purchases","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BleachAnime","Title":"Bleach Anime Forum","Domain":"bleachanime.org","BreachDate":"2015-01-01","AddedDate":"2023-11-29T06:22:50Z","ModifiedDate":"2023-11-29T06:22:50Z","PwnCount":143711,"Description":"In 2015, the now defunct independent forum for the Bleach Anime series suffered a data breach that exposed 144k user records. The impacted data included usernames, email addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BleachAnime.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BloomsToday","Title":"Blooms Today","Domain":"bloomstoday.com","BreachDate":"2023-11-11","AddedDate":"2024-09-03T07:06:36Z","ModifiedDate":"2024-09-03T07:06:36Z","PwnCount":3184010,"Description":"In April 2024, \u003Ca href=\u0022https://dailydarkweb.net/blooms-today-alleged-data-breach-threat-actor-offers-15-million-records-for-sale-at-5000/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E15M records from the online florist Blooms Today were listed for sale on a popular hacking forum\u003C/a\u003E. The most recent data in the breach corpus was from November 2023 and appeared alongside 3.2M unique email addresses, names, phone numbers physical addresses and partial credit card data (card type, 4 digits of the number and expiry date). The breach did not expose sufficient card data to make purchases. Blooms Today did not respond when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BloomsToday.png","DataClasses":["Email addresses","Names","Partial credit card data","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"boAt","Title":"boAt","Domain":"boat-lifestyle.com","BreachDate":"2024-03-25","AddedDate":"2024-04-08T08:33:44Z","ModifiedDate":"2024-04-09T04:17:09Z","PwnCount":7528985,"Description":"In March 2024, the Indian audio and wearables brand \u003Ca href=\u0022https://www.forbesindia.com/article/news/hit-with-massive-data-breach-boat-loses-data-of-75-million-customers/92483/1\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EboAt suffered a data breach that exposed 7.5M customer records\u003C/a\u003E. The data included physical and email address, names and phone numbers, all of which were subsequently published to a popular clear web hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/boAt.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bolt","Title":"Bolt","Domain":"bolt.cd","BreachDate":"2017-03-01","AddedDate":"2017-11-24T08:15:24Z","ModifiedDate":"2017-11-24T08:16:45Z","PwnCount":995274,"Description":"In approximately March 2017, the file sharing website \u003Ca href=\u0022http://bolt.cd/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBolt\u003C/a\u003E suffered a data breach resulting in the exposure of 995k unique user records. The data was sourced from their vBulletin forum and contained email and IP addresses, usernames and salted MD5 password hashes. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bolt.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BombujEu","Title":"Bombuj.eu","Domain":"bombuj.eu","BreachDate":"2018-12-07","AddedDate":"2018-12-10T14:04:47Z","ModifiedDate":"2018-12-10T14:04:47Z","PwnCount":575437,"Description":"In December 2018, the Slovak website for watching movies online for free \u003Ca href=\u0022https://www.bombuj.eu\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBombuj.eu\u003C/a\u003E suffered a data breach. The incident exposed over 575k unique email addresses and passwords stored as unsalted MD5 hashes. No response was received from Bombuj.eu when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BombujEu.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bonobos","Title":"Bonobos","Domain":"bonobos.com","BreachDate":"2020-08-14","AddedDate":"2021-01-31T00:09:25Z","ModifiedDate":"2021-01-31T00:12:58Z","PwnCount":2811929,"Description":"In August 2020, the clothing store \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/bonobos-clothing-store-suffers-a-data-breach-hacker-leaks-70gb-database/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBonobos suffered a data breach\u003C/a\u003E that exposed almost 70GB of data containing 2.8 million unique email addresses. The breach also exposed names, physical and IP addresses, phone numbers, order histories and passwords stored as salted SHA-512 hashes, including historical passwords. The breach also exposed partial credit card data including card type, the name on the card, expiry date and the last 4 digits of the card. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bonobos.png","DataClasses":["Email addresses","Historical passwords","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bookchor","Title":"Bookchor","Domain":"bookchor.com","BreachDate":"2021-01-28","AddedDate":"2022-07-03T23:41:38Z","ModifiedDate":"2022-07-03T23:41:38Z","PwnCount":498297,"Description":"In January 2021, the Indian book trading website \u003Ca href=\u0022https://www.opindia.com/2021/04/bookchor-data-breach-information-of-over-5-lakh-users-leaked-what-we-know-so-far/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBookchor suffered a data breach that exposed half a million customer records\u003C/a\u003E. The exposed data included email and IP addresses, names, genders, dates of birth, phone numbers and passwords stored as unsalted MD5 hashes. The data was subsequently traded on a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bookchor.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BookCrossing","Title":"BookCrossing","Domain":"bookcrossing.com","BreachDate":"2012-11-05","AddedDate":"2023-07-25T02:24:52Z","ModifiedDate":"2023-07-25T03:53:37Z","PwnCount":1582323,"Description":"In August 2022, the book social networking site \u003Ca href=\u0022https://www.bookcrossing.com/forum/9/584194\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBookCrossing disclosed a data breach that dated back to a database backup from November 2012\u003C/a\u003E. The incident exposed almost 1.6M records including names, usernames, email and IP addresses, dates of birth and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BookCrossing.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bookmate","Title":"Bookmate","Domain":"bookmate.com","BreachDate":"2018-07-08","AddedDate":"2019-03-22T16:25:58Z","ModifiedDate":"2019-03-22T16:25:58Z","PwnCount":3830916,"Description":"In mid-2018, the social ebook subscription service \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBookmate was among a raft of sites that were breached and their data then sold in early-2019\u003C/a\u003E. The data included almost 4 million unique email addresses alongside names, genders, dates of birth and passwords stored as salted SHA-512 hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bookmate.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BotOfLegends","Title":"Bot of Legends","Domain":"botoflegends.com","BreachDate":"2014-11-13","AddedDate":"2016-12-27T08:24:52Z","ModifiedDate":"2016-12-27T08:24:52Z","PwnCount":238373,"Description":"In November 2014, the forum for \u003Ca href=\u0022http://botoflegends.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBot of Legends\u003C/a\u003E suffered a data breach. The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BotOfLegends.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BourseDesVols","Title":"Bourse des Vols","Domain":"bourse-des-vols.com","BreachDate":"2021-01-12","AddedDate":"2022-07-03T05:17:56Z","ModifiedDate":"2022-07-03T05:17:56Z","PwnCount":1460130,"Description":"In January 2021, the French travel company \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/02/19/dark-web-roundup-january-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBourse des Vols suffered a data breach that exposed 1.46M unique email addresses\u003C/a\u003E across more than 1.2k .sql files and over 9GB of data. The impacted data exposed personal information and travel histories including names, phone numbers, IP and physical addresses, dates of birth along with flights taken and purchases.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BourseDesVols.png","DataClasses":["Dates of birth","Email addresses","Flights taken","IP addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Boxee","Title":"Boxee","Domain":"forums.boxee.com","BreachDate":"2014-03-29","AddedDate":"2014-03-30T13:07:16Z","ModifiedDate":"2014-03-30T13:07:16Z","PwnCount":158093,"Description":"In March 2014, the home theatre PC software maker Boxee had their forums compromised in an attack. The attackers obtained the entire vBulletin MySQL database and promptly posted it for download on the Boxee forum itself. The data included 160k users, password histories, private messages and a variety of other data exposed across nearly 200 publicly exposed tables.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Boxee.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Historical passwords","Instant messenger identities","IP addresses","Passwords","Private messages","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BrandNewTube","Title":"Brand New Tube","Domain":"brandnewtube.com","BreachDate":"2022-08-14","AddedDate":"2022-09-08T08:00:37Z","ModifiedDate":"2022-09-08T08:00:37Z","PwnCount":349627,"Description":"In August 2022, the streaming website \u003Ca href=\u0022https://unitynewsnetwork.co.uk/streaming-site-brand-new-tube-sees-massive-data-breach-with-ip-addresses-and-names-of-users-revealed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBrand New Tube suffered a data breach that exposed the personal information of almost 350k subscribers\u003C/a\u003E. The impacted data included email and IP addresses, usernames, genders, passwords stored as unsalted SHA-1 hashes and private messages.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BrandNewTube.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Brazzers","Title":"Brazzers","Domain":"brazzers.com","BreachDate":"2013-04-01","AddedDate":"2016-09-05T10:02:23Z","ModifiedDate":"2016-09-05T10:02:23Z","PwnCount":790724,"Description":"In April 2013, the adult website known as \u003Ca href=\u0022https://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBrazzers was hacked\u003C/a\u003E and 790k accounts were exposed publicly. Each record included a username, email address and password stored in plain text. The breach was brought to light by the \u003Ca href=\u0022https://vigilante.pw\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E data breach reporting site in September 2016.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Brazzers.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BreachForums","Title":"BreachForums","Domain":"breached.vc","BreachDate":"2022-11-29","AddedDate":"2023-07-26T21:08:55Z","ModifiedDate":"2023-07-26T21:08:55Z","PwnCount":212156,"Description":"In November 2022, the well-known hacking forum \u0026quot;BreachForums\u0026quot; was itself, breached. Later the following year, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/fbi-seizes-breachforums-after-arresting-its-owner-pompompurin-in-march/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe operator of the website was arrested and the site seized by law enforcement agencies\u003C/a\u003E. The breach exposed 212k records including usernames, IP and email addresses, private messages between site members and passwords stored as argon2 hashes. The data was provided to HIBP by a source who requested it be attributed to \u003Ca href=\u0022http://t.me/breached_db_person\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;breached_db_person\u0026quot;\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BreachForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BreachForumsClone","Title":"BreachForums Clone","Domain":"breachforums.vc","BreachDate":"2023-06-17","AddedDate":"2023-06-25T05:47:36Z","ModifiedDate":"2023-06-25T05:52:08Z","PwnCount":4204,"Description":"In June 2023, \u003Ca href=\u0022https://www.hackread.com/breachforums-data-breach-members-data-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea clone of the previously shuttered popular hacking forum \u0026quot;BreachForums\u0026quot; suffered a data breach that exposed over 4k records\u003C/a\u003E. The breach was due to an exposed backup of the MyBB database which included email and IP addresses, usernames and Argon2 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BreachForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BTCAlpha","Title":"BTC-Alpha","Domain":"btc-alpha.com","BreachDate":"2021-11-02","AddedDate":"2022-01-27T23:39:18Z","ModifiedDate":"2022-01-27T23:39:18Z","PwnCount":362426,"Description":"In November 2021, the crypto exchange platform \u003Ca href=\u0022https://www.techtarget.com/searchsecurity/news/252509877/Cryptocurrency-exchange-BTC-Alpha-confirms-ransomware-attack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBTC-Alpha suffered a ransomware attack data breach\u003C/a\u003E after which customer data was publicly dumped. The impacted data included 362k email and IP addresses, usernames and passwords stored as PBKDF2 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BTCAlpha.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BTCE","Title":"BTC-E","Domain":"btc-e.com","BreachDate":"2014-10-01","AddedDate":"2017-03-12T03:21:52Z","ModifiedDate":"2017-03-12T03:21:52Z","PwnCount":568340,"Description":"In October 2014, \u003Ca href=\u0022https://www.databreaches.net/bitcoin-exchange-btc-e-and-bitcointalk-forum-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Bitcoin exchange BTC-E was hacked\u003C/a\u003E and 568k accounts were exposed. The data included email and IP addresses, wallet balances and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BTCE.png","DataClasses":["Account balances","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BtoBet","Title":"BtoBet","Domain":"btobet.com","BreachDate":"2019-12-26","AddedDate":"2020-01-11T20:16:42Z","ModifiedDate":"2020-01-11T20:28:06Z","PwnCount":444241,"Description":"In December 2019, \u003Ca href=\u0022https://www.troyhunt.com/the-difficulty-of-disclosure-surebet247-and-the-streisand-effect/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large collection of data from Nigerian gambling company Surebet247 was sent to HIBP\u003C/a\u003E. Alongside the Surebet247, database backups from gambling sites BetAlfa, BetWay, BongoBongo and TopBet was also included. Further investigation \u003Ca href=\u0022https://www.iafrikan.com/2020/01/09/btobet-sports-betting-technology-software-neuron-platform-surebet247-gambling-data-security-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eimplicated betting platform provider BtoBet as being the common source of the data\u003C/a\u003E. Impacted data included user records and extensive information on gambling histories.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BtoBet.png","DataClasses":["Dates of birth","Email addresses","Financial transactions","Geographic locations","IP addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BudTrader","Title":"BudTrader","Domain":"budtrader.com","BreachDate":"2024-06-27","AddedDate":"2024-10-01T13:51:19Z","ModifiedDate":"2024-10-01T13:51:19Z","PwnCount":2721185,"Description":"In July 2024, \u003Ca href=\u0022https://darkwebinformer.com/a-threat-actor-is-allegedly-selling-data-to-budtrader-com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach of the now defunct cannabis social platform BudTrader was posted for sale on a hacking forum\u003C/a\u003E. Dating back to the previous month, the breach of the website exposed 2.7M email addresses, usernames and WordPress password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BudTrader.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bukalapak","Title":"Bukalapak","Domain":"bukalapak.com","BreachDate":"2017-10-23","AddedDate":"2019-04-18T01:57:35Z","ModifiedDate":"2019-04-18T02:10:15Z","PwnCount":13369666,"Description":"In March 2019, the Indonesian e-commerce website \u003Ca href=\u0022https://www.bukalapak.com/blog/feature-updates/petunjuk-teknis-105502\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBukalapak discovered a data breach of the organisation\u0027s backups dating back to October 2017\u003C/a\u003E. The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;Maxime Thalet\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bukalapak.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BulgarianNationalRevenueAgency","Title":"Bulgarian National Revenue Agency","Domain":"nap.bg","BreachDate":"2019-07-15","AddedDate":"2019-07-18T18:38:49Z","ModifiedDate":"2019-07-18T18:38:49Z","PwnCount":471167,"Description":"In July 2019, \u003Ca href=\u0022https://thenextweb.com/security/2019/07/16/bulgaria-tax-agency-data-leak-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive data breach of the Bulgarian National Revenue Agency began circulating with data on 5 million people\u003C/a\u003E. Allegedly obtained in June, the data was broadly shared online and included taxation information alongside names, phone numbers, physical addresses and 471 thousand unique email addresses. The breach is said to have affected \u0026quot;nearly all adults in Bulgaria\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BulgarianNationalRevenueAgency.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Taxation records"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BusinessAcumen","Title":"Business Acumen Magazine","Domain":"businessacumen.biz","BreachDate":"2014-04-25","AddedDate":"2014-05-11T04:25:48Z","ModifiedDate":"2014-05-11T04:25:48Z","PwnCount":26596,"Description":"In April 2014, the Australian \u0022Business Acumen Magazine\u0022 website was \u003Ca href=\u0022http://1337mir.com/cracked/2014/04/businessacumen-biz-hacked-26000-user-password-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by an attacker known as 1337MiR\u003C/a\u003E. The breach resulted in over 26,000 accounts being exposed including usernames, email addresses and password stored with a weak cryptographic hashing algorithm (MD5 with no salt).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BusinessAcumen.png","DataClasses":["Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CafeMom","Title":"CafeMom","Domain":"cafemom.com","BreachDate":"2014-04-10","AddedDate":"2017-11-09T19:54:20Z","ModifiedDate":"2017-11-09T19:55:00Z","PwnCount":2628148,"Description":"In 2014, the social network for mothers \u003Ca href=\u0022http://www.cafemom.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECafeMom\u003C/a\u003E suffered a data breach. The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CafeMom.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CafePress","Title":"CafePress","Domain":"cafepress.com","BreachDate":"2019-02-20","AddedDate":"2019-08-05T01:18:43Z","ModifiedDate":"2019-08-05T20:02:32Z","PwnCount":23205290,"Description":"In February 2019, the custom merchandise retailer \u003Ca href=\u0022https://www.cafepress.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECafePress\u003C/a\u003E suffered a data breach. The exposed data included 23 million unique email addresses with some records also containing names, physical addresses, phone numbers and passwords stored as SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CafePress.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CannabisForum","Title":"Cannabis.com","Domain":"cannabis.com","BreachDate":"2014-02-05","AddedDate":"2014-06-01T07:55:24Z","ModifiedDate":"2014-06-01T07:55:24Z","PwnCount":227746,"Description":"In February 2014, the vBulletin forum for the Marijuana site cannabis.com was breached and \u003Ca href=\u0022https://www.google.com/search?q=%22cannabisforum.tar%22\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eleaked publicly\u003C/a\u003E. Whilst there has been no public attribution of the breach, the leaked data included over 227k accounts and nearly 10k private messages between users of the forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CannabisForum.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Historical passwords","Instant messenger identities","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Canva","Title":"Canva","Domain":"canva.com","BreachDate":"2019-05-24","AddedDate":"2019-08-09T14:24:01Z","ModifiedDate":"2019-08-09T14:24:01Z","PwnCount":137272116,"Description":"In May 2019, the graphic design tool website \u003Ca href=\u0022https://support.canva.com/contact/customer-support/may-24-security-incident-faqs/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECanva suffered a data breach\u003C/a\u003E that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords stored as bcrypt hashes for users not using social logins. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Canva.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CapialEconomics","Title":"Capital Economics","Domain":"capitaleconomics.com","BreachDate":"2020-12-12","AddedDate":"2022-07-04T08:16:36Z","ModifiedDate":"2022-07-04T08:16:36Z","PwnCount":263829,"Description":"In December 2020, the economic research company \u003Ca href=\u0022https://securityaffairs.co/wordpress/113581/deep-web/capital-economics-data-leak.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECapital Economics suffered a data breach that exposed 263k customer records\u003C/a\u003E. The exposed data included email and physical addresses, names, phone numbers, job titles and the employer of impacted customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CapialEconomics.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CardingMafiaDec2021","Title":"Carding Mafia (December 2021)","Domain":"cardmafia.cc","BreachDate":"2021-12-28","AddedDate":"2022-01-16T00:04:04Z","ModifiedDate":"2022-01-16T00:04:04Z","PwnCount":303877,"Description":"In December 2021, the Carding Mafia forum suffered a data breach that exposed over 300k members\u0027 email addresses. Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes. This breach came only 9 months after another breach of the forum in March 2021.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CardingMafia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CardingMafia","Title":"Carding Mafia (March 2021)","Domain":"cardmafia.cc","BreachDate":"2021-03-18","AddedDate":"2021-03-23T05:00:29Z","ModifiedDate":"2022-01-15T23:30:24Z","PwnCount":297744,"Description":"In March 2021, the Carding Mafia forum suffered a data breach that exposed almost 300k members\u0027 email addresses. Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CardingMafia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CashCrate","Title":"CashCrate","Domain":"cashcrate.com","BreachDate":"2016-11-17","AddedDate":"2018-04-20T21:40:38Z","ModifiedDate":"2018-04-20T21:40:38Z","PwnCount":6844490,"Description":"In June 2017, news broke that \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/bj8pvq/hackers-steal-6-million-user-accounts-for-cash-for-surveys-site\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECashCrate had suffered a data breach exposing 6.8 million records\u003C/a\u003E. The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CashCrate.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Catho","Title":"Catho","Domain":"catho.com.br","BreachDate":"2020-03-01","AddedDate":"2020-08-18T22:52:39Z","ModifiedDate":"2020-08-18T22:52:39Z","PwnCount":1173012,"Description":"In approximately March 2020, the Brazilian recruitment website \u003Ca href=\u0022https://www.binarydefense.com/threat_watch/shinyhunters-serving-up-21-new-compromised-databases/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECatho was compromised and subsequently appeared alongside 20 other breached websites\u003C/a\u003E listed for sale on a dark web marketplace. The breach included almost 11 million records with 1.2 million unique email addresses. Names, usernames and plain text passwords were also exposed. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Catho.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CDProjektRed","Title":"CD Projekt RED","Domain":"cdprojektred.com","BreachDate":"2016-03-01","AddedDate":"2017-01-31T06:40:09Z","ModifiedDate":"2017-01-31T06:40:09Z","PwnCount":1871373,"Description":"In March 2016, \u003Ca href=\u0022http://forums.cdprojektred.com/forum/en/the-witcher-series/news-aa/7248610-important-potential-unauthorized-access-to-the-forums%E2%80%99-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPolish game developer CD Projekt RED suffered a data breach\u003C/a\u003E. The hack of their forum led to the exposure of almost 1.9 million accounts along with usernames, email addresses and salted SHA1 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CDProjektRed.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CDEK","Title":"CDEK","Domain":"cdek.ru","BreachDate":"2022-03-09","AddedDate":"2022-03-17T06:19:02Z","ModifiedDate":"2022-03-17T06:19:02Z","PwnCount":19218203,"Description":"In early 2022, a collective known as \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/ukraine-recruits-it-army-to-hack-russian-entities-lists-31-targets/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EIT Army whose stated goal is to \u0026quot;completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases\u0026quot;\u003C/a\u003E published over 30GB of data allegedly sourced from Russian courier service CDEK. The data contained over 19M unique email addresses along with names and phone numbers. The authenticity of the breach could not be independently established and has been flagged as \u0026quot;unverfieid\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CDEK.png","DataClasses":["Email addresses","Names","Phone numbers"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CentralTickets","Title":"Central Tickets","Domain":"centraltickets.co.uk","BreachDate":"2024-07-01","AddedDate":"2024-09-30T15:57:13Z","ModifiedDate":"2024-09-30T15:57:13Z","PwnCount":722860,"Description":"In September 2024, \u003Ca href=\u0022https://www.linkedin.com/posts/threatmon_databreach-cybersecurity-centraltickets-activity-7243167088565960705-vUDM/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the ticketing service Central Tickets was publicly posted to a hacking forum\u003C/a\u003E. The data suggests the breach occurred several months earlier and exposed 723k unique email addresses alongside names, phone numbers, IP addresses, purchases and passwords stored as unsalted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CentralTickets.png","DataClasses":["Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chatbooks","Title":"Chatbooks","Domain":"chatbooks.com","BreachDate":"2020-03-26","AddedDate":"2020-07-29T21:21:46Z","ModifiedDate":"2020-07-29T21:21:46Z","PwnCount":2520441,"Description":"In March 2020, the photo print service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/chatbooks-discloses-data-breach-after-data-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChatbooks suffered a data breach\u003C/a\u003E which was subsequently put up for sale on a dark web marketplace. The breach contained 15 million user records with 2.5 million unique email addresses alongside names, phone numbers, social media profiles and salted SHA-512 password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chatbooks.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CheapAssGamer","Title":"CheapAssGamer.com","Domain":"cheapassgamer.com","BreachDate":"2015-07-01","AddedDate":"2016-11-08T01:58:39Z","ModifiedDate":"2016-11-08T01:58:39Z","PwnCount":444767,"Description":"In approximately mid-2015, the forum for \u003Ca href=\u0022https://www.cheapassgamer.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECheapAssGamer.com\u003C/a\u003E suffered a data breach. The database from the IP.Board based forum contained 445k accounts including usernames, email and IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CheapAssGamer.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chegg","Title":"Chegg","Domain":"chegg.com","BreachDate":"2018-04-28","AddedDate":"2019-08-16T07:24:58Z","ModifiedDate":"2024-04-27T05:34:09Z","PwnCount":39721127,"Description":"In April 2018, the textbook rental service \u003Ca href=\u0022https://techcrunch.com/2018/09/26/chegg-resets-40-million-user-passwords-after-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChegg suffered a data breach\u003C/a\u003E that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes. A small number of records also contained physical address or phone number. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chegg.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chess","Title":"Chess","Domain":"chess.com","BreachDate":"2023-11-08","AddedDate":"2023-11-10T02:02:26Z","ModifiedDate":"2023-11-10T02:02:26Z","PwnCount":827620,"Description":"In November 2023, \u003Ca href=\u0022https://www.hackread.com/hacker-leaks-scraped-chess-com-user-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 800k user records were scraped from the Chess website and posted to a popular hacking forum\u003C/a\u003E. The data included email address, name, username and the geographic location of the user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chess.png","DataClasses":["Email addresses","Geographic locations","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chowbus","Title":"Chowbus","Domain":"chowbus.com","BreachDate":"2020-10-05","AddedDate":"2020-10-06T06:07:45Z","ModifiedDate":"2020-10-06T06:07:45Z","PwnCount":444224,"Description":"In October 2020, the Asian food delivery app \u003Ca href=\u0022https://www.reddit.com/r/UIUC/comments/j5fcjp/chowbus_is_hacked_leaks_800000_entries_of/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChowbus suffered a data breach which led to over 800,000 records being emailed to customers\u003C/a\u003E. The email contained a link to a CSV file with customer data including physical addresses, names, phone numbers and over 444,000 unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chowbus.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ChrisLeong","Title":"Chris Leong","Domain":"chrisleong.com","BreachDate":"2024-08-10","AddedDate":"2024-08-13T22:16:41Z","ModifiedDate":"2024-08-13T22:16:41Z","PwnCount":27096,"Description":"In August 2024, \u003Ca href=\u0022https://x.com/DarkWebInformer/status/1822330521147376007\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe website of Master Chris Leong \u0026quot;a leading Tit Tar practitioner in Malaysia\u0026quot; suffered a data breach\u003C/a\u003E. The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many cases, links to Facebook profiles. The company did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ChrisLeong.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Nationalities","Phone numbers","Physical addresses","Purchases","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Cit0day","Title":"Cit0day","Domain":"cit0day.in","BreachDate":"2020-11-04","AddedDate":"2020-11-19T08:07:33Z","ModifiedDate":"2020-11-19T08:07:33Z","PwnCount":226883414,"Description":"In November 2020, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-cit0day-breach-collection\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea collection of more than 23,000 allegedly breached websites known as Cit0day were made available for download on several hacking forums\u003C/a\u003E. The data consisted of 226M unique email address alongside password pairs, often represented as both password hashes and the cracked, plain text versions. Independent verification of the data established it contains many legitimate, previously undisclosed breaches. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CityBee","Title":"CityBee","Domain":"citybee.lt","BreachDate":"2021-02-05","AddedDate":"2021-02-17T00:52:52Z","ModifiedDate":"2021-02-17T00:52:52Z","PwnCount":110156,"Description":"In February 2021, the Lithuanian car-sharing service \u003Ca href=\u0022https://www.reuters.com/article/us-baltic-dataprotection-idUSKBN2AG2BW\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECityBee announced they\u0027d suffered a data breach that exposed 110k customers\u0027 personal information\u003C/a\u003E. The breach exposed names, email addresses, government issued IDs and passwords stored as unsalted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CityBee.png","DataClasses":["Email addresses","Government issued IDs","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CityJerks","Title":"CityJerks","Domain":"cityjerks.com","BreachDate":"2023-02-27","AddedDate":"2023-04-27T21:50:05Z","ModifiedDate":"2023-04-27T21:50:05Z","PwnCount":177554,"Description":"In early 2023, the \u0026quot;mutual masturbation\u0026quot; website \u003Ca href=\u0022https://techcrunch.com/2023/04/27/hackers-steal-emails-private-messages-from-hookup-websites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECityJerks suffered a data breach that exposed 177k unique email addresses\u003C/a\u003E. The breach also included data from the TruckerSucker \u0026quot;dating app for REAL TRUCKERS and REAL MEN\u0026quot; with the combined corpus of data also exposing usernames, IP addresses, dates of birth, sexual orientations, geo locations, private messages between members and passwords stored as salted MD5 hashes. The data was listed on a public hacking site and provided to HIBP by a source who requested it be attributed to \u0026quot;discord.gg/gN9C9em\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CityJerks.png","DataClasses":["Bios","Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","Profile photos","Sexual orientations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CivilOnline","Title":"Civil Online","Domain":"co188.com","BreachDate":"2011-07-10","AddedDate":"2016-11-07T20:41:52Z","ModifiedDate":"2016-11-07T20:41:52Z","PwnCount":7830195,"Description":"In mid-2011, data was allegedly obtained from the Chinese engineering website known as \u003Ca href=\u0022http://www.co188.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECivil Online\u003C/a\u003E and contained 7.8M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email and IP addresses, user names and MD5 password hashes. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CivilOnline.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClashOfKings","Title":"Clash of Kings","Domain":"f.elex.com","BreachDate":"2016-07-14","AddedDate":"2019-07-27T22:03:03Z","ModifiedDate":"2019-07-27T22:03:03Z","PwnCount":1604957,"Description":"In July 2016, \u003Ca href=\u0022https://www.zdnet.com/article/hacker-steals-forums-of-clash-of-kings-mobile-game/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum for the game \u0026quot;Clash of Kings\u0026quot; suffered a data breach\u003C/a\u003E that impacted 1.6 million subscribers. The impacted data included usernames, IP and email addresses and passwords stored as MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClashOfKings.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClearVoiceSurveys","Title":"ClearVoice Surveys","Domain":"clearvoicesurveys.com","BreachDate":"2015-08-23","AddedDate":"2021-04-23T05:00:19Z","ModifiedDate":"2021-04-23T05:00:19Z","PwnCount":15074786,"Description":"In April 2021, the market research surveys company \u003Ca href=\u0022https://www.clearvoicesurveys.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClearVoice Surveys\u003C/a\u003E had a publicly facing database backup from 2015 taken and redistributed on a popular hacking forum. The data included 15M unique email addresses across more than 17M rows of data that also included names, physical and IP addresses, genders, dates of birth and plain text passwords. ClearVoice Surveys advised they were aware of the breach and confirmed its authenticity.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClearVoiceSurveys.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClickASnap","Title":"ClickASnap","Domain":"clickasnap.com","BreachDate":"2022-09-24","AddedDate":"2024-03-13T03:47:22Z","ModifiedDate":"2024-03-13T03:47:22Z","PwnCount":3262980,"Description":"In September 2022, the online photo sharing platform \u003Ca href=\u0022https://blog.clickasnap.com/2022/10/14/clickasnap-website-breach-24-09-22/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClickASnap suffered a data breach\u003C/a\u003E. The incident exposed almost 3.3M personal records including email addresses, usernames and passwords stored as SHA-512 hashes. Further, a collection of paid subscriptions were also included and contained names, physical addresses and amounts paid.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClickASnap.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Purchases","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClixSense","Title":"ClixSense","Domain":"clixsense.com","BreachDate":"2016-09-04","AddedDate":"2016-09-11T06:37:25Z","ModifiedDate":"2016-09-11T06:37:25Z","PwnCount":2424784,"Description":"In September 2016, the paid-to-click site \u003Ca href=\u0022http://cybercashworldwide.com/clixsense-has-been-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClixSense suffered a data breach\u003C/a\u003E which exposed 2.4 million subscriber identities. The breached data was then posted online by the attackers who claimed it was a subset of a larger data breach totalling 6.6 million records. The leaked data was extensive and included names, physical, email and IP addresses, genders and birth dates, account balances and passwords stored as plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClixSense.png","DataClasses":["Account balances","Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Payment histories","Payment methods","Physical addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CloudPets","Title":"CloudPets","Domain":"cloudpets.com","BreachDate":"2017-01-01","AddedDate":"2017-02-27T20:57:29Z","ModifiedDate":"2017-02-27T20:57:29Z","PwnCount":583503,"Description":"In January, the maker of teddy bears that record children\u0027s voices and sends them to family and friends via the internet \u003Ca href=\u0022https://www.troyhunt.com/data-from-connected-cloudpets-teddy-bears-leaked-and-ransomed-exposing-kids-voice-messages\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECloudPets left their database publicly exposed and it was subsequently downloaded by external parties\u003C/a\u003E (the data was also subject to 3 different ransom demands). 583k records were provided to HIBP via a data trader and included email addresses and bcrypt hashes, but the full extent of user data exposed by the system was over 821k records and also included children\u0027s names and references to portrait photos and voice recordings.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CloudPets.png","DataClasses":["Email addresses","Family members\u0027 names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClubPenguinRewritten","Title":"Club Penguin Rewritten (January 2018)","Domain":"cprewritten.net","BreachDate":"2018-01-21","AddedDate":"2019-04-23T05:05:16Z","ModifiedDate":"2019-07-30T14:05:55Z","PwnCount":1688176,"Description":"In January 2018, the children\u0027s gaming site \u003Ca href=\u0022https://community.cprewritten.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClub Penguin Rewritten\u003C/a\u003E (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney\u0027s Club Penguin game). The incident exposed almost 1.7 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes. When contacted, CPRewritten advised they were aware of the breach and had \u0026quot;contacted affected users\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClubPenguinRewritten.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClubPenguinRewrittenJul2019","Title":"Club Penguin Rewritten (July 2019)","Domain":"cprewritten.net","BreachDate":"2019-07-27","AddedDate":"2019-07-30T14:05:10Z","ModifiedDate":"2019-07-30T14:05:10Z","PwnCount":4007909,"Description":"In July 2019, the children\u0027s gaming site \u003Ca href=\u0022https://community.cprewritten.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClub Penguin Rewritten\u003C/a\u003E (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney\u0027s Club Penguin game). In addition to an earlier data breach that impacted 1.7 million accounts, the subsequent breach exposed 4 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClubPenguinRewritten.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Coachella","Title":"Coachella","Domain":"coachella.com","BreachDate":"2017-02-22","AddedDate":"2017-06-27T10:57:03Z","ModifiedDate":"2017-06-27T10:57:03Z","PwnCount":599802,"Description":"In February 2017, \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/mgkzkp/someone-is-selling-coachella-user-accounts-on-the-dark-web\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehundreds of thousands of records from the Coachella music festival were discovered being sold online\u003C/a\u003E. Allegedly taken from a combination of the main Coachella website and their vBulletin-based message board, the data included almost 600k usernames, IP and email addresses and salted hashes of passwords (MD5 in the case of the message board).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Coachella.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Coinmama","Title":"Coinmama","Domain":"coinmama.com","BreachDate":"2017-08-03","AddedDate":"2019-08-30T20:53:29Z","ModifiedDate":"2019-08-30T20:53:29Z","PwnCount":478824,"Description":"In August 2017, the crypto coin brokerage service \u003Ca href=\u0022https://cointelegraph.com/news/major-crypto-brokerage-coinmama-reports-450-000-users-affected-by-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoinmama suffered a data breach\u003C/a\u003E that impacted 479k subscribers. The breach was discovered in February 2019 with exposed data including email addresses, usernames and passwords stored as MD5 WordPress hashes. The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Coinmama.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CoinMarketCap","Title":"CoinMarketCap","Domain":"coinmarketcap.com","BreachDate":"2021-10-12","AddedDate":"2021-10-22T20:32:53Z","ModifiedDate":"2021-10-22T20:32:53Z","PwnCount":3117548,"Description":"During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website \u003Ca href=\u0022https://coinmarketcap.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoinMarketCap\u003C/a\u003E were discovered being traded on hacking forums. Whilst the email addresses were found to correlate with CoinMarketCap accounts, it\u0027s unclear precisely how they were obtained. CoinMarketCap has provided the following statement on the data: \u0026quot;CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses (no passwords), we have found a correlation with our subscriber base. We have not found any evidence of a data leak from our own servers \u2014 we are actively investigating this issue and will update our subscribers as soon as we have any new information.\u0026quot;","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CoinMarketCap.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CoinTracker","Title":"CoinTracker","Domain":"cointracker.io","BreachDate":"2022-12-01","AddedDate":"2022-12-12T08:55:48Z","ModifiedDate":"2023-01-01T07:04:48Z","PwnCount":1557153,"Description":"In December 2022, the Crypto \u0026 NFT taxes service \u003Ca href=\u0022https://www.databreaches.net/important-cointracker-security-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoinTracker reported a data breach that impacted over 1.5M of their customers\u003C/a\u003E. The company \u003Ca href=\u0022https://www.cointracker.io/blog/sendgrid-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Elater attributed the breach to a compromise SendGrid\u003C/a\u003E in an attack that targeted multiple customers of the email provider. The breach exposed email addresses and partially redacted phone numbers, with CoinTracker advising that the later did not originate from their service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CoinTracker.png","DataClasses":["Email addresses","Partial phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Collection1","Title":"Collection #1","Domain":"","BreachDate":"2019-01-07","AddedDate":"2019-01-16T21:46:07Z","ModifiedDate":"2019-01-16T21:50:21Z","PwnCount":772904991,"Description":"In January 2019, a large collection of credential stuffing lists (combinations of email addresses and passwords used to hijack accounts on other services) was discovered being distributed on a popular hacking forum. The data contained almost 2.7 \u003Cem\u003Ebillion\u003C/em\u003E records including 773 million unique email addresses alongside passwords those addresses had used on other breached services. Full details on the incident and how to search the breached passwords are provided in the blog post \u003Ca href=\u0022https://www.troyhunt.com/the-773-million-record-collection-1-data-reach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe 773 Million Record \u0022Collection #1\u0022 Data Breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TelegramCombolists","Title":"Combolists Posted to Telegram","Domain":"","BreachDate":"2024-05-28","AddedDate":"2024-06-03T19:10:03Z","ModifiedDate":"2024-06-11T07:01:09Z","PwnCount":361468099,"Description":"In May 2024, \u003Ca href=\u0022https://troyhunt.com/telegram-combolists-and-361m-email-addresses\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2B rows of data with 361M unique email addresses were collated from malicious Telegram channels\u003C/a\u003E. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Comcast","Title":"Comcast","Domain":"comcast.net","BreachDate":"2015-11-08","AddedDate":"2016-02-08T21:41:43Z","ModifiedDate":"2016-02-08T21:41:43Z","PwnCount":616882,"Description":"In November 2015, the US internet and cable TV provider Comcast \u003Ca href=\u0022http://www.ibtimes.co.uk/comcast-data-breach-590000-customer-passwords-go-sale-dark-web-1528026\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach that exposed 590k customer email addresses and plain text passwords\u003C/a\u003E. A further 27k accounts appeared with home addresses with the entire data set being sold on underground forums.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Comcast.png","DataClasses":["Email addresses","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"COMELEC","Title":"COMELEC (Philippines Voters)","Domain":"comelec.gov.ph","BreachDate":"2016-03-27","AddedDate":"2016-04-14T02:24:32Z","ModifiedDate":"2016-04-14T02:24:32Z","PwnCount":228605,"Description":"In March 2016, \u003Ca href=\u0022http://www.comelec.gov.ph/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Philippines Commission of Elections website\u003C/a\u003E (COMELEC) was \u003Ca href=\u0022http://www.rappler.com/nation/politics/elections/2016/127256-comelec-website-hacked-anonymous-philippines\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked and defaced\u003C/a\u003E, allegedly by Anonymous Philippines. Shortly after, \u003Ca href=\u0022http://www.theregister.co.uk/2016/04/07/philippine_voter_data_breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata on 55 million Filipino voters was leaked publicly\u003C/a\u003E and included sensitive information such as genders, marital statuses, height and weight and biometric fingerprint data. The breach only included 228k email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/COMELEC.png","DataClasses":["Biometric data","Dates of birth","Email addresses","Family members\u0027 names","Genders","Job titles","Marital statuses","Names","Passport numbers","Phone numbers","Physical addresses","Physical attributes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CondoCom","Title":"Condo.com","Domain":"condo.com","BreachDate":"2019-06-01","AddedDate":"2024-07-25T04:12:07Z","ModifiedDate":"2024-07-25T04:12:07Z","PwnCount":1481555,"Description":"In June 2019, now defunct website Condo.com suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The impacted data included 1.5M email addresses alongside names, phone numbers and for a small number of records, physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CondoCom.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Convex","Title":"Convex","Domain":"convex.ru","BreachDate":"2023-02-01","AddedDate":"2023-02-26T06:51:44Z","ModifiedDate":"2023-02-26T06:51:44Z","PwnCount":150129,"Description":"In February 2023, the Russian telecommunications provider \u003Ca href=\u0022https://www.hackread.com/anonymous-data-leak-russia-isp-convex/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EConvex was hacked by \u0026quot;Anonymous\u0026quot; who subsequently released 128GB of data publicly\u003C/a\u003E, alleging it revealed illegal government surveillance. The leaked data contained 150k unique email, IP and physical addresses, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Convex.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CouponMomAndArmorGames","Title":"Coupon Mom / Armor Games","Domain":"","BreachDate":"2014-02-08","AddedDate":"2017-11-09T23:46:52Z","ModifiedDate":"2020-07-21T08:45:24Z","PwnCount":11010525,"Description":"In 2014, a file allegedly containing data hacked from \u003Ca href=\u0022https://www.couponmom.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoupon Mom\u003C/a\u003E was created and included 11 million email addresses and plain text passwords. On further investigation, the file was also found to contain data indicating it had been sourced from \u003Ca href=\u0022https://armorgames.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArmor Games\u003C/a\u003E. Subsequent verification with HIBP subscribers confirmed the passwords had previously been used and many subscribers had used either Coupon Mom or Armor Games in the past. On disclosure to both organisations, each found that the data did not represent their entire customer base and possibly includes records from other sources with common subscribers. The breach has subsequently been flagged as \u0026quot;unverified\u0026quot; as the source cannot be emphatically proven. In July 2020, \u003Ca href=\u0022https://www.troyhunt.com/how-beeradvocate-learned-theyd-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data was also found to contain BeerAdvocate accounts sourced from a previously unknown breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CouponMomAndArmorGames.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"db8151dd","Title":"Covve","Domain":"covve.com","BreachDate":"2020-02-20","AddedDate":"2020-05-15T08:06:11Z","ModifiedDate":"2020-05-19T20:25:18Z","PwnCount":22802117,"Description":"In February 2020, \u003Ca href=\u0022https://www.troyhunt.com/the-unattributable-db8151dd-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive trove of personal information referred to as \u0026quot;db8151dd\u0026quot;\u003C/a\u003E was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. Later identified as originating from the Covve contacts app, the exposed data included extensive personal information and interactions between Covve users and their contacts. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Covve.png","DataClasses":["Email addresses","Job titles","Names","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrackCommunity","Title":"Crack Community","Domain":"crackcommunity.com","BreachDate":"2013-09-09","AddedDate":"2015-02-03T06:30:05Z","ModifiedDate":"2015-02-03T06:30:05Z","PwnCount":19210,"Description":"In late 2013, the \u003Ca href=\u0022http://crackcommunity.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECrack Community\u003C/a\u003E forum specialising in cracks for games was compromised and over 19k accounts published online. Built on the MyBB forum platform, the compromised data included email addresses, IP addresses and salted MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrackCommunity.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrackedTO","Title":"Cracked.to","Domain":"cracked.to","BreachDate":"2019-07-21","AddedDate":"2019-08-12T11:18:56Z","ModifiedDate":"2019-08-12T11:18:56Z","PwnCount":749161,"Description":"In July 2019, the hacking website \u003Ca href=\u0022https://cracked.to\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECracked.to\u003C/a\u003E suffered a data breach. There were 749k unique email addresses spread across 321k forum users and other tables in the database. A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrackedTO.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrackingForum","Title":"CrackingForum","Domain":"crackingforum.com","BreachDate":"2016-07-01","AddedDate":"2017-12-10T20:08:30Z","ModifiedDate":"2017-12-10T20:08:30Z","PwnCount":660305,"Description":"In approximately mid-2016, the cracking community forum known as \u003Ca href=\u0022http://crackingforum.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECrackingForum\u003C/a\u003E suffered a data breach. The vBulletin based forum exposed 660k email and IP addresses, usernames and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrackingForum.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CraftRise","Title":"CraftRise","Domain":"craftrise.com.tr","BreachDate":"2022-03-05","AddedDate":"2023-08-08T07:57:30Z","ModifiedDate":"2023-08-08T08:00:39Z","PwnCount":2532527,"Description":"In May 2023, \u003Ca href=\u0022https://memoryhackers.org/konular/craftrise-verileri-sizdirilmis.270536/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a data breach of the Turkish Minecraft server known as CraftRise\u003C/a\u003E. The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords. The newest records indicate the data was obtained in March 2022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CraftRise.png","DataClasses":["Email addresses","Geographic locations","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Creative","Title":"Creative","Domain":"creative.com","BreachDate":"2018-05-01","AddedDate":"2018-06-07T21:00:31Z","ModifiedDate":"2018-06-07T21:00:31Z","PwnCount":483015,"Description":"In May 2018, \u003Ca href=\u0022http://forums.creative.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum for Singaporean hardware company Creative Technology\u003C/a\u003E suffered a data breach which resulted in the disclosure of 483k unique email addresses. Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes. After being notified of the incident, Creative permanently shut down the forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Creative.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrimeAgencyVBulletin","Title":"CrimeAgency vBulletin Hacks","Domain":"","BreachDate":"2017-01-19","AddedDate":"2017-03-21T03:12:40Z","ModifiedDate":"2017-03-21T03:12:40Z","PwnCount":942044,"Description":"In January 2016, \u003Ca href=\u0022http://news.softpedia.com/news/vbulletin-hack-exposes-820-000-accounts-from-126-forums-513416.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large number of unpatched vBulletin forums were compromised by an actor known as \u0026quot;CrimeAgency\u0026quot;\u003C/a\u003E. A total of 140 forums had data including usernames, email addresses and passwords (predominantly stored as salted MD5 hashes), extracted and then distributed. Refer to \u003Ca href=\u0022https://troyhunt.com/i-just-added-another-140-data-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe complete list of the forums\u003C/a\u003E for further information on which sites were impacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrimeAgencyVBulletin.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrossFire","Title":"Cross Fire","Domain":"cfire.mail.ru","BreachDate":"2016-08-08","AddedDate":"2016-12-28T00:29:28Z","ModifiedDate":"2016-12-28T00:29:28Z","PwnCount":12865609,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/over-25-million-accounts-stolen-after-mail-ru-forums-raided-by-hackers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked\u003C/a\u003E along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrossFire.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CTARS","Title":"CTARS","Domain":"ctars.com.au","BreachDate":"2021-05-21","AddedDate":"2022-05-31T22:58:15Z","ModifiedDate":"2022-05-31T23:02:54Z","PwnCount":12314,"Description":"In May 2022, the client management system for the Australian government\u0027s NDIS (National Disability Insurance Scheme) \u003Ca href=\u0022https://ctars.com.au/ctars-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach which was subsequently posted to an online hacking forum\u003C/a\u003E. The CTARS cloud platform is used by care providers to record information about NDIS participants and often contains sensitive medical information. Impacted data includes over 12k unique email addresses, physical addresses, names, dates of birth, phone numbers and data related to patient conditions and treatments.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CTARS.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Personal health data","Phone numbers","Physical addresses","Salutations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CutoutPro","Title":"Cutout.Pro","Domain":"cutout.pro","BreachDate":"2024-02-26","AddedDate":"2024-02-28T22:16:27Z","ModifiedDate":"2024-02-28T22:16:27Z","PwnCount":19972829,"Description":"In February 2024, the AI-powered visual design platform \u003Ca href=\u0022https://twitter.com/H4ckManac/status/1762387053889675658\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECutout.Pro suffered a data breach that exposed 20M records\u003C/a\u003E. The data included email and IP addresses, names and salted MD5 password hashes which were subsequently broadly distributed on a popular hacking forum and Telegram channels.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CutoutPro.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CyberServe","Title":"CyberServe","Domain":"cyberserve.co.il","BreachDate":"2021-10-29","AddedDate":"2021-11-04T09:58:03Z","ModifiedDate":"2021-11-04T10:28:56Z","PwnCount":1107034,"Description":"In October 2021, the Israeli hosting provider \u003Ca href=\u0022https://www.timesofisrael.com/black-shadow-hackers-leak-medical-records-of-290000-israeli-patients/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECyberServe was breached and ransomed before having a substantial amount of their customer data leaked publicly by a group known as \u0026quot;Black Shadow\u0026quot;\u003C/a\u003E. Amongst the data was the LGBTQ dating site Atraf and the Machon Mor medical institute. Due to multiple different sites being compromised, the impacted data is broad and ranges from relationship information to medical data to email addresses and passwords stored in plain text. The data was made available to HIBP with support from May Brooks-Kempler, founder of \u003Ca href=\u0022https://www.facebook.com/groups/Think.Safe.Cyber/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Think Safe Cyber community in Israel\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CyberServe.png","DataClasses":["Dates of birth","Drinking habits","Email addresses","Family structure","Genders","Geographic locations","HIV statuses","IP addresses","Names","Passwords","Personal health data","Phone numbers","Physical attributes","Private messages","Profile photos","Religions","Sexual orientations","Smoking habits","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"D3scene","Title":"D3Scene","Domain":"d3scene.com","BreachDate":"2016-01-01","AddedDate":"2019-06-15T15:19:11Z","ModifiedDate":"2019-06-15T15:19:11Z","PwnCount":568827,"Description":"In January 2016, the gaming website D3Scene, suffered a data breach. The compromised vBulletin forum exposed 569k million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/D3scene.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DaFont","Title":"DaFont","Domain":"dafont.com","BreachDate":"2017-05-16","AddedDate":"2017-05-18T20:05:28Z","ModifiedDate":"2017-05-18T20:05:28Z","PwnCount":637340,"Description":"In May 2017, \u003Ca href=\u0022http://www.zdnet.com/article/font-sharing-site-dafont-hacked-thousands-of-accounts-stolen/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Efont sharing site DaFont suffered a data breach\u003C/a\u003E resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DaFont.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DailyQuiz","Title":"Daily Quiz","Domain":"dailyquiz.me","BreachDate":"2021-01-13","AddedDate":"2021-05-21T05:15:39Z","ModifiedDate":"2021-05-21T11:44:38Z","PwnCount":8032404,"Description":"In January 2021, the quiz website \u003Ca href=\u0022https://dailyquiz.me/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDaily Quiz\u003C/a\u003E suffered a data breach that exposed over 8 million unique email addresses. The data also included usernames, IP addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DailyQuiz.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dailymotion","Title":"Dailymotion","Domain":"dailymotion.com","BreachDate":"2016-10-20","AddedDate":"2017-08-07T02:51:12Z","ModifiedDate":"2017-08-07T02:51:12Z","PwnCount":85176234,"Description":"In October 2016, the video sharing platform \u003Ca href=\u0022http://thehackernews.com/2016/12/dailymotion-video-hacked.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDailymotion suffered a data breach\u003C/a\u003E. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dailymotion.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DailyObjects","Title":"DailyObjects","Domain":"dailyobjects.com","BreachDate":"2018-01-01","AddedDate":"2020-01-28T10:50:00Z","ModifiedDate":"2020-01-28T10:50:00Z","PwnCount":464260,"Description":"In approximately January 2018, a collection of more than 464k customer records from the Indian online retailer \u003Ca href=\u0022https://www.dailyobjects.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDailyObjects\u003C/a\u003E were leaked online. The data included names, physical and email addresses, phone numbers and \u0026quot;pincodes\u0026quot; stored in plain text. After multiple attempts to contact them, DailyObjects responded and received a copy of the data for verification, however failed to respond to multiple contact attempts following that.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DailyObjects.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dangdang","Title":"Dangdang","Domain":"dangdang.com","BreachDate":"2011-06-01","AddedDate":"2019-01-10T11:15:51Z","ModifiedDate":"2019-01-10T11:24:06Z","PwnCount":4848734,"Description":"In 2011, the Chinese e-commerce site \u003Ca href=\u0022https://www.marbridgeconsulting.com/marbridgedaily/2011-12-29/article/52564/rumor_dangdang_alipay_suffer_data_breaches\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDangdang suffered a data breach\u003C/a\u003E. The incident exposed over 4.8 million unique email addresses which were subsequently traded online over the ensuing years.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dangdang.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DaniWeb","Title":"DaniWeb","Domain":"daniweb.com","BreachDate":"2015-12-01","AddedDate":"2016-12-28T23:12:16Z","ModifiedDate":"2016-12-28T23:12:16Z","PwnCount":1131636,"Description":"In late 2015, the technology and social site \u003Ca href=\u0022https://www.daniweb.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDaniWeb\u003C/a\u003E suffered a data breach. The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords. However, DaniWeb have advised that \u0026quot;the breached password hashes and salts are incorrect\u0026quot; and that they have since switched to new infrastructure and software.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DaniWeb.png","DataClasses":["Email addresses","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DataAndLeads","Title":"Data \u0026 Leads","Domain":"datanleads.com","BreachDate":"2018-11-14","AddedDate":"2018-11-28T19:32:19Z","ModifiedDate":"2018-11-28T19:32:19Z","PwnCount":44320330,"Description":"In November 2018, \u003Ca href=\u0022https://blog.hackenproof.com/industry-news/new-data-breach-exposes-57-million-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator\u003C/a\u003E. Upon further investigation, the data was linked to marketing company \u003Ca href=\u0022http://web.archive.org/web/20180925092401/https://www.datanleads.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EData \u0026amp; Leads\u003C/a\u003E. The exposed Elasticsearch instance contained over 44M unique email addresses along with names, IP and physical addresses, phone numbers and employment information. No response was received from Data \u0026amp; Leads when contacted by Bob and their site subsequently went offline.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PDL","Title":"Data Enrichment Exposure From PDL Customer","Domain":"","BreachDate":"2019-10-16","AddedDate":"2019-11-22T20:13:04Z","ModifiedDate":"2019-11-22T20:13:04Z","PwnCount":622161052,"Description":"In October 2019, \u003Ca href=\u0022https://www.troyhunt.com/data-enrichment-people-data-labs-and-another-622m-email-addresses\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researchers Vinny Troia and Bob Diachenko identified an unprotected Elasticsearch server holding 1.2 billion records of personal data\u003C/a\u003E. The exposed data included an index indicating it was sourced from data enrichment company People Data Labs (PDL) and contained 622 million unique email addresses. The server was not owned by PDL and it\u0027s believed a customer failed to properly secure the database. Exposed information included email addresses, phone numbers, social media profiles and job history data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","Geographic locations","Job titles","Names","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DataEnrichment","Title":"Data Enrichment Records","Domain":"","BreachDate":"2016-12-23","AddedDate":"2017-06-08T16:23:07Z","ModifiedDate":"2017-06-08T16:23:07Z","PwnCount":8176132,"Description":"In December 2016, \u003Ca href=\u0022http://www.csoonline.com/article/3149713/security/data-enrichment-records-for-200-million-people-up-for-sale-on-the-darknet.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emore than 200 million \u0026quot;data enrichment profiles\u0026quot; were found for sale on the darknet\u003C/a\u003E. The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other legitimate locations. In total, there were more than 8 million unique email addresses in the data which also contained a raft of other personal attributes including credit ratings, home ownership status, family structure and other fields described in the story linked to above. The email addresses alone were provided to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Buying preferences","Charitable donations","Credit status information","Dates of birth","Email addresses","Family structure","Financial investments","Home ownership statuses","Income levels","Job titles","Marital statuses","Names","Net worths","Phone numbers","Physical addresses","Political donations"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DataCamp","Title":"DataCamp","Domain":"datacamp.com","BreachDate":"2017-01-30","AddedDate":"2019-04-09T04:29:55Z","ModifiedDate":"2019-04-09T21:12:53Z","PwnCount":760561,"Description":"In December 2018, the data science website \u003Ca href=\u0022https://support.datacamp.com/hc/en-us/articles/360017716074-DataCamp-Security-Update-Frequently-Asked-Questions\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDataCamp suffered a data breach\u003C/a\u003E of records dating back to January 2017. The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DataCamp.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DateHotBrunettes","Title":"Date Hot Brunettes","Domain":"datehotbrunettes.com","BreachDate":"2021-01-12","AddedDate":"2024-07-04T05:08:43Z","ModifiedDate":"2024-07-04T05:08:43Z","PwnCount":1494078,"Description":"In January 2021, the now defunct website Date Hot Brunettes which provided a service to \u0026quot;Date Neglected Women Who Can Keep a Secret\u0026quot;, suffered a data breach. The incident exposed 1.5M unique email addresses along with IP addresses, usernames, user-entered bios and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DateHotBrunettes.png","DataClasses":["Bios","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DatPiff","Title":"DatPiff","Domain":"datpiff.com","BreachDate":"2021-08-25","AddedDate":"2022-01-04T07:42:27Z","ModifiedDate":"2022-01-04T07:42:27Z","PwnCount":7476940,"Description":"In late 2021, \u003Ca href=\u0022https://www.numerama.com/cyberguerre/784965-la-plateforme-de-rap-datpiff-piratee-les-mots-de-passe-dans-la-nature.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eemail address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum\u003C/a\u003E. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M email addresses and cracked password pairs. The original data source allegedly contained usernames, security questions and answers and passwords stored as MD5 hashes with a static salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DatPiff.png","DataClasses":["Email addresses","Passwords","Security questions and answers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dave","Title":"Dave","Domain":"dave.com","BreachDate":"2020-06-28","AddedDate":"2020-07-27T02:38:41Z","ModifiedDate":"2020-07-27T02:38:41Z","PwnCount":2964182,"Description":"In June 2020, the digital banking app \u003Ca href=\u0022https://www.zdnet.com/article/tech-unicorn-dave-admits-to-security-breach-impacting-7-5-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDave suffered a data breach\u003C/a\u003E which exposed 7.5 million rows of data and subsequently appeared for public download on a hacking forum. The breach exposed extensive personal information including almost 3 million unique email addresses alongside names, dates of birth, encrypted social security numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dave.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"dBforums","Title":"dBforums","Domain":"dbforums.com","BreachDate":"2016-07-04","AddedDate":"2023-09-20T07:26:28Z","ModifiedDate":"2023-09-20T07:26:28Z","PwnCount":363468,"Description":"In July 2016, \u003Ca href=\u0022https://www.vice.com/en/article/78kwwe/hackers-allegedly-steal-14m-passwords-from-mac-forums-web-hosting-talk\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach of the now defunct database forum \u0026quot;dBforums\u0026quot; appeared for sale alongside several others hacked from the parent company, Penton\u003C/a\u003E. The breach of the vBulletin based forum contained 363k unique email addresses alongside usernames, IP addresses, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/dBforums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DCHealth","Title":"DC Health Link","Domain":"dchealthlink.com","BreachDate":"2023-03-06","AddedDate":"2023-12-14T19:11:43Z","ModifiedDate":"2023-12-14T23:34:44Z","PwnCount":48145,"Description":"In March 2023, \u003Ca href=\u0022https://cyberscoop.com/dc-health-link-breach-russia-hacker-congress/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDC Health Link discovered a data breach\u003C/a\u003E that was later publicly posted to a popular data breach forum. The impacted data included 48k unique email addresses alongside names, genders, dates of birth, home addresses, phone numbers and social security numbers. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;Aegis\u0026quot; and \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DCHealth.png","DataClasses":["Citizenship statuses","Dates of birth","Email addresses","Employers","Ethnicities","Genders","Names","Phone numbers","Physical addresses","Purchases","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Deezer","Title":"Deezer","Domain":"deezer.com","BreachDate":"2019-04-22","AddedDate":"2023-01-02T03:10:50Z","ModifiedDate":"2023-01-02T03:10:50Z","PwnCount":229037936,"Description":"In late 2022, the music streaming service \u003Ca href=\u0022https://restoreprivacy.com/music-service-deezer-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDeezer disclosed a data breach that impacted over 240M customers\u003C/a\u003E. The breach dated back to a mid-2019 backup exposed by a 3rd party partner which was subsequently sold and then broadly redistributed on a popular hacking forum. Impacted data included 229M unique email addresses, IP addresses, names, usernames, genders, DoBs and the geographic location of the customer.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Deezer.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DemonForums","Title":"Demon Forums","Domain":"demonforums.net","BreachDate":"2019-02-20","AddedDate":"2019-04-04T07:14:34Z","ModifiedDate":"2019-04-04T07:14:34Z","PwnCount":52623,"Description":"In February 2019, the hacking forum \u003Ca href=\u0022https://demonforums.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDemon Forums\u003C/a\u003E suffered a data breach. The compromise of the vBulletin forum exposed 52k unique email addresses alongside usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DemonForums.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Descomplica","Title":"Descomplica","Domain":"descomplica.com.br","BreachDate":"2021-03-14","AddedDate":"2021-04-28T08:37:04Z","ModifiedDate":"2021-04-28T08:37:04Z","PwnCount":4845378,"Description":"In March 2021, the Brazilian EdTech company \u003Ca href=\u0022https://atendimento.descomplica.com.br/hc/pt-br/articles/1500003993042-FAQ-Ataque-cibern%C3%A9tico-14-03\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDescomplica suffered a data breach\u003C/a\u003E which was subsequently posted to a popular hacking forum. The data included almost 5 million email addresses, names, the first 6 and last 4 digits and the expiry date of credit cards, purchase histories and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Descomplica.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DevilTorrents","Title":"Devil-Torrents.pl","Domain":"devil-torrents.pl","BreachDate":"2021-01-04","AddedDate":"2022-05-01T23:56:34Z","ModifiedDate":"2022-05-01T23:56:34Z","PwnCount":63451,"Description":"In early 2021, the Polish torrents website Devil-Torrents.pl suffered a data breach. A subset of the data including 63k unique email addresses and cracked passwords were subsequently socialised on a popular data breach sharing service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DevilTorrents.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"devkitPro","Title":"devkitPro","Domain":"devkitpro.org","BreachDate":"2019-02-03","AddedDate":"2019-02-11T07:21:44Z","ModifiedDate":"2019-02-11T07:21:44Z","PwnCount":1508,"Description":"In February 2019, \u003Ca href=\u0022https://devkitpro.org/viewtopic.php?f=13\u0026t=8846\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe devkitPro forum suffered a data breach\u003C/a\u003E. The phpBB based forum had 1,508 unique email addresses exposed in the breach alongside forum posts, private messages and passwords stored as weak salted hashes. The data breach was self-submitted to HIBP by the forum operator.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/devkitPro.png","DataClasses":["Email addresses","Passwords","Private messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DietCom","Title":"diet.com","Domain":"diet.com","BreachDate":"2014-08-10","AddedDate":"2017-10-13T21:37:10Z","ModifiedDate":"2017-10-13T21:37:10Z","PwnCount":1383759,"Description":"In August 2014, the diet and nutrition website \u003Ca href=\u0022https://diet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ediet.com\u003C/a\u003E suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DietCom.png","DataClasses":["Dates of birth","Eating habits","Email addresses","IP addresses","Names","Passwords","Physical attributes","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Digimon","Title":"Digimon","Domain":"digimon.co.in","BreachDate":"2016-09-05","AddedDate":"2018-09-28T01:34:56Z","ModifiedDate":"2018-09-28T01:34:56Z","PwnCount":7687679,"Description":"In September 2016, over 16GB of logs from a service indicated to be digimon.co.in were obtained, most likely from an unprotected Mongo DB instance. The service ceased running shortly afterwards and no information remains about the precise nature of it. Based on \u003Ca href=\u0022https://twitter.com/troyhunt/status/1045178309926051840\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eenquiries made via Twitter\u003C/a\u003E, it appears to have been a mail service possibly based on PowerMTA and used for delivering spam. The logs contained information including 7.7M unique email recipients (names and addresses), mail server IP addresses, email subjects and tracking information including mail opens and clicks.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Email messages","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Disqus","Title":"Disqus","Domain":"disqus.com","BreachDate":"2012-07-01","AddedDate":"2017-10-06T23:03:51Z","ModifiedDate":"2017-10-06T23:03:51Z","PwnCount":17551044,"Description":"In October 2017, the blog commenting service \u003Ca href=\u0022https://blog.disqus.com/security-alert-user-info-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDisqus announced they\u0027d suffered a data breach\u003C/a\u003E. The breach dated back to July 2012 but wasn\u0027t identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Disqus.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DivXSubTitles","Title":"DivX SubTitles","Domain":"divxsubtitles.net","BreachDate":"2010-01-01","AddedDate":"2022-06-14T02:57:46Z","ModifiedDate":"2022-06-14T04:55:40Z","PwnCount":783058,"Description":"In approximately 2010, the now defunct website DivX SubTitles suffered a data breach that exposed 783k user accounts including email addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DivXSubTitles.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DLH","Title":"DLH.net","Domain":"dlh.net","BreachDate":"2016-07-31","AddedDate":"2016-09-07T13:29:25Z","ModifiedDate":"2016-09-07T13:29:25Z","PwnCount":3264710,"Description":"In July 2016, the gaming news site \u003Ca href=\u0022http://www.zdnet.com/article/millions-of-steam-game-keys-stolen-after-site-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDLH.net suffered a data breach\u003C/a\u003E which exposed 3.3M subscriber identities. Along with the keys used to redeem and activate games on the Steam platform, the breach also resulted in the exposure of email addresses, birth dates and salted MD5 password hashes. The data was donated to Have I Been Pwned by data breach monitoring service \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DLH.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dodonew","Title":"Dodonew.com","Domain":"dodonew.com","BreachDate":"2011-12-01","AddedDate":"2016-11-10T00:26:01Z","ModifiedDate":"2016-11-10T00:26:01Z","PwnCount":8718404,"Description":"In late 2011, data was allegedly obtained from the Chinese website known as \u003Ca href=\u0022http://dodonew.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDodonew.com\u003C/a\u003E and contained 8.7M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and user names. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dodonew.png","DataClasses":["Email addresses","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dominos","Title":"Domino\u0027s","Domain":"pizza.dominos.be","BreachDate":"2014-06-13","AddedDate":"2015-01-04T03:03:34Z","ModifiedDate":"2015-01-04T03:03:34Z","PwnCount":648231,"Description":"In June 2014, \u003Ca href=\u0022http://www.welivesecurity.com/2014/06/16/dominos-pizza-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDomino\u0027s Pizza in France and Belgium was hacked\u003C/a\u003E by a group going by the name \u0026quot;Rex Mundi\u0026quot; and their customer data held to ransom. Domino\u0027s refused to pay the ransom and six months later, the attackers \u003Ca href=\u0022http://cyberintelligence.in/rex-mundi-hackers-leaked-data-dominos-accord-easypay/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereleased the data\u003C/a\u003E along with troves of other hacked accounts. Amongst the customer data was passwords stored with a weak MD5 hashing algorithm and no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dominos.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DominosIndia","Title":"Domino\u0027s India","Domain":"dominos.co.in","BreachDate":"2021-03-24","AddedDate":"2021-06-03T02:18:39Z","ModifiedDate":"2021-06-20T03:20:56Z","PwnCount":22527655,"Description":"In April 2021, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/dominos-india-discloses-data-breach-after-hackers-sell-data-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E13TB of compromised Domino\u0027s India appeared for sale on a hacking forum\u003C/a\u003E after which the company acknowledged a major data breach they dated back to March. The compromised data included 22.5 million unique email addresses, names, phone numbers, order histories and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dominos.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Doomworld","Title":"Doomworld","Domain":"doomworld.com","BreachDate":"2022-10-12","AddedDate":"2022-10-24T06:10:24Z","ModifiedDate":"2022-10-24T06:10:24Z","PwnCount":34478,"Description":"In October 2022, \u003Ca href=\u0022https://www.doomworld.com/announcement/4-doomworld-probably-got-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Doomworld fourm suffered a data breach\u003C/a\u003E that exposed 34k member records. The data included email and IP addresses, usernames and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Doomworld.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DoorDash","Title":"DoorDash","Domain":"doordash.com","BreachDate":"2022-08-02","AddedDate":"2023-01-07T03:59:32Z","ModifiedDate":"2023-01-07T03:59:32Z","PwnCount":367476,"Description":"In August 2022, the food ordering and delivery service \u003Ca href=\u0022https://mashable.com/article/doordash-hack-customer-details-exposed\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDoorDash disclosed a data breach that impacted a portion of their customers\u003C/a\u003E. DoorDash attributed the breach to an unnamed \u0026quot;third-party vendor\u0026quot; they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DoorDash.png","DataClasses":["Email addresses","Geographic locations","Names","Partial credit card data"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dota2","Title":"Dota2","Domain":"dev.dota2.com","BreachDate":"2016-07-10","AddedDate":"2024-05-23T06:44:21Z","ModifiedDate":"2024-05-23T06:44:21Z","PwnCount":1907205,"Description":"In July 2016, \u003Ca href=\u0022https://news.softpedia.com/news/data-of-nearly-2-million-users-exposed-in-dota2-forum-hack-507162.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Dota2 official developers forum suffered a data breach that exposed almost 2 million users\u003C/a\u003E. The hack of the vBulletin forum led to the disclosure of email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dota2.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Doxbin","Title":"Doxbin","Domain":"doxbin.com","BreachDate":"2022-01-05","AddedDate":"2022-01-08T05:51:48Z","ModifiedDate":"2022-01-09T06:23:56Z","PwnCount":370794,"Description":"In January 2022, the \u0026quot;doxing\u0026quot; website designed to disclose the personal information of targeted individuals (\u0026quot;doxes\u0026quot;) \u003Ca href=\u0022https://www.flashpoint-intel.com/blog/doxbin-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDoxbin suffered a data breach\u003C/a\u003E. The breach was subsequently leaked online and included over 370k unique email addresses across user accounts and doxes. User accounts also included usernames, password hashes and browser user agents. The personal information disclosed in the doxes was often extensive including names, physical addresses, phone numbers and more.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Doxbin.png","DataClasses":["Browser user agent details","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DriveSure","Title":"DriveSure","Domain":"drivesure.com","BreachDate":"2020-12-19","AddedDate":"2021-05-10T08:02:29Z","ModifiedDate":"2021-05-10T08:02:29Z","PwnCount":3675099,"Description":"In December 2020, the car dealership service provider \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/02/01/personal-data-of-3-million-people-exposed-in-drivesure-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDriveSure suffered a data breach\u003C/a\u003E. The incident resulted in 26GB of data being downloaded and later shared on a hacking forum. Impacted personal information included 3.6 million unique email addresses, names, phone numbers and physical addresses. Vehicle data was also exposed and included makes, models, VIN numbers and odometer readings. A small number of passwords stored as bcrypt hashes were also included in the data set.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DriveSure.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Drizly","Title":"Drizly","Domain":"drizly.com","BreachDate":"2020-07-02","AddedDate":"2020-07-28T21:45:05Z","ModifiedDate":"2020-07-28T21:45:05Z","PwnCount":2479044,"Description":"In approximately July 2020, the US-based online alcohol delivery service \u003Ca href=\u0022https://techcrunch.com/2020/07/28/drizly-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDrizly suffered a data breach\u003C/a\u003E. The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses alongside names, physical and IP addresses, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Drizly.png","DataClasses":["Dates of birth","Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dropbox","Title":"Dropbox","Domain":"dropbox.com","BreachDate":"2012-07-01","AddedDate":"2016-08-31T00:19:19Z","ModifiedDate":"2016-08-31T00:19:19Z","PwnCount":68648009,"Description":"In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, \u003Ca href=\u0022https://motherboard.vice.com/read/dropbox-forces-password-resets-after-user-credentials-exposed\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethey forced password resets for customers they believed may be at risk\u003C/a\u003E. A large volume of data totalling over 68 million records \u003Ca href=\u0022https://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas subsequently traded online\u003C/a\u003E and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dropbox.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dubsmash","Title":"Dubsmash","Domain":"dubsmash.com","BreachDate":"2018-12-01","AddedDate":"2019-02-25T08:35:58Z","ModifiedDate":"2019-02-25T08:35:58Z","PwnCount":161749950,"Description":"In December 2018, the video messaging service \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDubsmash suffered a data breach\u003C/a\u003E. The incident exposed 162 million unique email addresses alongside usernames and PBKDF2 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dubsmash.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DucksUnlimited","Title":"Ducks Unlimited","Domain":"ducks.org","BreachDate":"2021-01-29","AddedDate":"2021-11-16T01:24:35Z","ModifiedDate":"2021-11-16T05:39:28Z","PwnCount":1324364,"Description":"In mid-2021, \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/06/14/dark-web-roundup-may-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERisk Based Security reported on a database sourced from Ducks Unlimited being traded online\u003C/a\u003E. The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website users. Impacted data included names, phones numbers, physical addresses, dates of birth and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DucksUnlimited.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DuelingNetwork","Title":"Dueling Network","Domain":"duelingnetwork.com","BreachDate":"2017-03-29","AddedDate":"2020-03-30T00:44:49Z","ModifiedDate":"2020-03-31T07:18:51Z","PwnCount":6486626,"Description":"In March 2017, the Flash game based on the Yu-Gi-Oh trading card game \u003Ca href=\u0022https://www.vice.com/amp/en_us/article/783dkz/hacker-steals-millions-of-accounts-from-yu-gi-oh-fan-project-dueling-network\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDueling Network suffered a data breach\u003C/a\u003E. The site itself was taken offline in 2016 due to a cease-and-desist order but the forum remained online for another year. The data breach exposed usernames, IP and email addresses and passwords stored as MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;burger vault\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DuelingNetwork.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DDO","Title":"Dungeons \u0026 Dragons Online","Domain":"ddo.com","BreachDate":"2013-04-02","AddedDate":"2016-03-12T10:59:56Z","ModifiedDate":"2016-03-12T10:59:56Z","PwnCount":1580933,"Description":"In April 2013, the interactive video game \u003Ca href=\u0022https://www.ddo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDungeons \u0026amp; Dragons Online\u003C/a\u003E suffered a data breach that exposed almost 1.6M players\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DDO.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dunzo","Title":"Dunzo","Domain":"dunzo.com","BreachDate":"2020-06-19","AddedDate":"2020-07-29T04:38:23Z","ModifiedDate":"2020-07-29T04:38:23Z","PwnCount":3465259,"Description":"In approximately June 2019, the Indian delivery service \u003Ca href=\u0022https://www.thenewsminute.com/article/dunzo-suffers-data-breach-launches-internal-investigation-128415\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDunzo suffered a data breach\u003C/a\u003E. Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking forum. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dunzo.png","DataClasses":["Device information","Email addresses","Geographic locations","IP addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Duolingo","Title":"Duolingo","Domain":"duolingo.com","BreachDate":"2023-01-24","AddedDate":"2023-08-23T04:31:08Z","ModifiedDate":"2023-08-23T04:31:08Z","PwnCount":2676696,"Description":"In August 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/scraped-data-of-26-million-duolingo-users-released-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum\u003C/a\u003E. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Duolingo.png","DataClasses":["Email addresses","Names","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Duowan","Title":"Duowan.com","Domain":"duowan.com","BreachDate":"2011-01-01","AddedDate":"2016-11-07T12:53:19Z","ModifiedDate":"2016-11-07T12:53:19Z","PwnCount":2639894,"Description":"In approximately 2011, data was allegedly obtained from the Chinese gaming website known as \u003Ca href=\u0022http://www.duowan.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDuowan.com\u003C/a\u003E and contained 2.6M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses, user names and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Duowan.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DVDShopCH","Title":"dvd-shop.ch","Domain":"dvd-shop.ch","BreachDate":"2017-12-05","AddedDate":"2017-12-10T04:58:09Z","ModifiedDate":"2017-12-10T04:58:09Z","PwnCount":67973,"Description":"In December 2017, the online Swiss DVD store known as \u003Ca href=\u0022https://www.melani.admin.ch/melani/de/home/dokumentation/newsletter/passwoerter-von-70000-e-mail-konten-im-umlauf.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edvd-shop.ch suffered a data breach\u003C/a\u003E. The incident led to the exposure of 68k email addresses and plain text passwords. The site has since been updated to indicate that it is currently closed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DVDShopCH.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dymocks","Title":"Dymocks","Domain":"dymocks.com.au","BreachDate":"2023-06-20","AddedDate":"2023-09-08T07:35:22Z","ModifiedDate":"2023-09-08T07:46:30Z","PwnCount":836120,"Description":"In September 2023, the Australian book retailer \u003Ca href=\u0022https://www.abc.net.au/news/2023-09-08/dymocks-warns-customers-after-information-leaked-to-dark-web/102833430\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDymocks announced a data breach\u003C/a\u003E. The data dated back to June 2023 and contained 1.2M records with 836k unique email addresses. The breach also exposed names, dates of birth, genders, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dymocks.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eatigo","Title":"Eatigo","Domain":"eatigo.com","BreachDate":"2018-10-16","AddedDate":"2021-08-25T03:42:31Z","ModifiedDate":"2021-08-25T03:42:31Z","PwnCount":2789609,"Description":"In October 2018, the restaurant reservation service \u003Ca href=\u0022https://www.channelnewsasia.com/singapore/eatigo-data-breach-personal-information-millions-account-1307916\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEatigo suffered a data breach that exposed 2.8 million accounts\u003C/a\u003E. The data included email addresses, names, phone numbers, social media profiles, genders and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eatigo.png","DataClasses":["Email addresses","Genders","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EatStreet","Title":"EatStreet","Domain":"eatstreet.com","BreachDate":"2019-05-03","AddedDate":"2019-07-19T11:29:35Z","ModifiedDate":"2019-07-19T11:29:35Z","PwnCount":6353564,"Description":"In May 2019, the online food ordering service \u003Ca href=\u0022https://www.zdnet.com/article/eatstreet-food-ordering-service-discloses-security-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEatStreet suffered a data breach affecting 6.4 million customers\u003C/a\u003E. An extensive amount of personal data was obtained including names, phone numbers, addresses, partial credit card data and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EatStreet.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ECCIE","Title":"ECCIE","Domain":"eccie.net","BreachDate":"2021-07-01","AddedDate":"2023-08-21T23:19:18Z","ModifiedDate":"2023-08-21T23:19:18Z","PwnCount":536923,"Description":"In January 2021, the adult escort forum \u003Ca href=\u0022https://www.eccie.net/showthread.php?p=1062479958\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EECCIE suffered a data breach\u003C/a\u003E which was later posted to a popular hacking forum. The data included 536k user records with email and IP addresses, usernames, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ECCIE.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Edmodo","Title":"Edmodo","Domain":"edmodo.com","BreachDate":"2017-05-11","AddedDate":"2017-06-01T05:59:24Z","ModifiedDate":"2017-06-01T05:59:24Z","PwnCount":43423561,"Description":"In May 2017, the education platform \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/hacker-steals-millions-of-user-account-details-from-education-platform-edmodo\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEdmodo was hacked\u003C/a\u003E resulting in the exposure of 77 million records comprised of over 43 million unique customer email addresses. The data was consequently published to a popular hacking forum and made freely available. The records in the breach included usernames, email addresses and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Edmodo.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Elance","Title":"Elance","Domain":"elance.com","BreachDate":"2009-01-01","AddedDate":"2017-02-18T02:54:48Z","ModifiedDate":"2017-02-18T02:54:48Z","PwnCount":1291178,"Description":"Sometime in 2009, staffing platform \u003Ca href=\u0022http://www.ibtimes.co.uk/elance-data-breach-hacker-leaks-1-3-million-accounts-staffing-platform-1605368\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EElance suffered a data breach that impacted 1.3 million accounts\u003C/a\u003E. Appearing online 8 years later, the data contained usernames, email addresses, phone numbers and SHA1 hashes of passwords, amongst other personal data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Elance.png","DataClasses":["Email addresses","Employers","Geographic locations","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Elanic","Title":"Elanic","Domain":"elanic.in","BreachDate":"2018-01-01","AddedDate":"2020-05-04T23:25:28Z","ModifiedDate":"2020-05-04T23:25:28Z","PwnCount":2325283,"Description":"In January 2020, the Indian fashion marketplace \u003Ca href=\u0022https://elanic.in/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EElanic\u003C/a\u003E had 2.8M records with 2.3M unique email addresses posted publicly to a popular hacking forum. Elanic confirmed that they had \u0026quot;verified the data and it was pulled from one of our test servers where this data was exposed publicly\u0026quot; and that the data was \u0026quot;old\u0026quot; (the hacking forum reported it as being from 2016-2018). When asked about disclosure to impacted customers, Elanic advised that they had \u0026quot;decided to not have as such any communication and public disclosure\u0026quot;. ","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Elanic.png","DataClasses":["Email addresses","Geographic locations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ElasticsearchSalesLeads","Title":"Elasticsearch Instance of Sales Leads on AWS","Domain":"","BreachDate":"2018-10-29","AddedDate":"2018-11-17T09:04:54Z","ModifiedDate":"2018-11-18T03:30:53Z","PwnCount":5788169,"Description":"In October 2018, \u003Ca href=\u0022https://blog.hacken.io/how-sensitive-is-your-non-sensitive-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records\u003C/a\u003E. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained information relating to individuals and the companies they worked for including their names, email addresses and company name and contact information. Despite best efforts, it was not possible to identify the owner of the data hence this breach as been titled \u0026quot;Elasticsearch Sales Leads\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Emotet","Title":"Emotet","Domain":"","BreachDate":"2021-01-27","AddedDate":"2021-04-26T22:25:15Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":4324770,"Description":"In January 2021, \u003Ca href=\u0022https://www.troyhunt.com/data-from-the-emotet-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-nhtcu\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe FBI in partnership with the Dutch NHTCU, German BKA and other international law enforcement agencies brought down the world\u0027s most dangerous malware: Emotet\u003C/a\u003E. The agencies obtained data collected by the malware and provided impacted email addresses to HIBP so that impacted individuals and domain owners could assess their exposure. \u003Ca href=\u0022https://www.troyhunt.com/data-from-the-emotet-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-nhtcu\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about the takedown and recommended actions\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":true},{"Name":"Emuparadise","Title":"Emuparadise","Domain":"emuparadise.me","BreachDate":"2018-04-01","AddedDate":"2019-06-09T06:23:35Z","ModifiedDate":"2019-06-15T15:19:53Z","PwnCount":1131229,"Description":"In April 2018, the self-proclaimed \u0026quot;biggest retro gaming website on earth\u0026quot;, Emuparadise, suffered a data breach. The compromised vBulletin forum exposed 1.1 million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Emuparadise.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ECB","Title":"England Cricket","Domain":"ecb.co.uk","BreachDate":"2024-03-23","AddedDate":"2024-03-29T01:10:19Z","ModifiedDate":"2024-03-29T01:15:59Z","PwnCount":43299,"Description":"In March 2024, \u003Ca href=\u0022https://www.thecricketer.com/Topics/grassroots/ecb_issue_warning_to_users_of_online_coaching_platform_following_data_breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEnglish Cricket\u0027s icoachcricket website suffered a data breach that exposed over 40k records\u003C/a\u003E. The data included email addresses and passwords stored as either bcrypt hashes, salted MD5 hashes or both. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ECB.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EPal","Title":"E-Pal","Domain":"epal.gg","BreachDate":"2022-04-15","AddedDate":"2022-10-24T04:54:30Z","ModifiedDate":"2022-10-24T04:56:02Z","PwnCount":108887,"Description":"In October 2022, the service dedicated to finding friends on Discord known as \u003Ca href=\u0022https://twitter.com/PogoWasRight/status/1578496290534539264\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EE-Pal disclosed a data breach\u003C/a\u003E. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EPal.png","DataClasses":["Email addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EpicGames","Title":"Epic Games","Domain":"epicgames.com","BreachDate":"2016-08-11","AddedDate":"2016-11-07T10:19:34Z","ModifiedDate":"2016-11-07T10:19:34Z","PwnCount":251661,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/epic-games-unreal-engine-forums-hacked-in-latest-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Epic Games forum suffered a data breach\u003C/a\u003E, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 252k accounts including usernames, email addresses and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EpicGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EpicBot","Title":"EpicBot","Domain":"epicbot.com","BreachDate":"2019-09-01","AddedDate":"2019-11-19T23:29:42Z","ModifiedDate":"2019-11-19T23:33:02Z","PwnCount":816662,"Description":"In September 2019, the RuneScape bot provider \u003Ca href=\u0022https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEpicBot suffered a data breach that impacted 817k subscribers\u003C/a\u003E. Data from the breach was subsequently shared on a popular hacking forum and included usernames, email and IP addresses and passwords stored as either salted MD5 or bcrypt hashes. EpicBot did not respond when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EpicBot.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EpicNPC","Title":"EpicNPC","Domain":"epicnpc.com","BreachDate":"2016-01-02","AddedDate":"2019-07-27T23:11:30Z","ModifiedDate":"2019-07-27T23:20:02Z","PwnCount":408795,"Description":"In January 2016, the hacked account reseller \u003Ca href=\u0022https://www.epicnpc.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEpicNPC\u003C/a\u003E suffered a data breach that impacted 409k subscribers. The impacted data included usernames, IP and email addresses and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EpicNPC.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Epik","Title":"Epik","Domain":"epik.com","BreachDate":"2021-09-13","AddedDate":"2021-09-19T21:27:17Z","ModifiedDate":"2021-09-19T21:27:17Z","PwnCount":15003961,"Description":"In September 2021, \u003Ca href=\u0022https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe domain registrar and web host Epik suffered a significant data breach\u003C/a\u003E, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Epik.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eroticy","Title":"Eroticy","Domain":"eroticy.com","BreachDate":"2015-06-01","AddedDate":"2017-01-10T02:19:56Z","ModifiedDate":"2017-01-10T02:19:56Z","PwnCount":1370175,"Description":"In mid-2016, it\u0027s alleged that the adult website known as \u003Ca href=\u0022http://eroticy.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEroticy\u003C/a\u003E was hacked. Almost 1.4 million unique accounts were found circulating in late 2016 which contained a raft of personal information ranging from email addresses to phone numbers to plain text passwords. Whilst many HIBP subscribers confirmed their data was legitimate, the actual source of the breach remains inconclusive. \u003Ca href=\u0022https://www.troyhunt.com/a-data-breach-investigation-blow-by-blow\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EA detailed account of the data has been published\u003C/a\u003E in the hope of identifying the origin of the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eroticy.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Payment histories","Phone numbers","Physical addresses","Usernames","Website activity"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eskimi","Title":"Eskimi","Domain":"eskimi.com","BreachDate":"2020-09-25","AddedDate":"2022-07-16T07:51:26Z","ModifiedDate":"2022-07-16T07:51:26Z","PwnCount":1197620,"Description":"In late 2020, the AdTech platform \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/01/25/shinyhunters-wave-3-one-hacker-exposes-over-125-million-credentials/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEskimi suffered a data breach that exposed 26M records with 1.2M unique email addresses\u003C/a\u003E. The data included usernames, dates of birth, genders and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eskimi.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EstanteVirtual","Title":"Estante Virtual","Domain":"estantevirtual.com.br","BreachDate":"2019-02-28","AddedDate":"2023-11-29T22:13:34Z","ModifiedDate":"2023-11-29T22:13:34Z","PwnCount":5412603,"Description":"In February 2019, the Brazilian book store \u003Ca href=\u0022https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEstante Virtual suffered a data breach that impacted 5.4M customers\u003C/a\u003E. The exposed data included names, usernames, email and physical addresses, phone numbers, dates of birth and unsalted SHA-1 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EstanteVirtual.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Estonia","Title":"Estonian Citizens (via Estonian Cybercrime Bureau)","Domain":"","BreachDate":"2018-06-07","AddedDate":"2018-06-11T09:41:17Z","ModifiedDate":"2018-06-11T09:41:17Z","PwnCount":655161,"Description":"In June 2018, \u003Ca href=\u0022https://www.troyhunt.com/data-provided-by-the-estonian-central-criminal-police-is-now-searchable-on-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Cybercrime Bureau of the Estonian Central Criminal Police contacted HIBP\u003C/a\u003E and asked for assistance in making a data set of 655k email addresses searchable. The Estonian police suspected the email addresses and passwords they obtained were being used to access mailboxes, cryptocurrency exchanges, cloud service accounts and other similar online assets. They\u0027ve requested that individuals who find themselves in the data set \u003Cb\u003E\u003Ci\u003Eand also identify that cryptocurrency has been stolen\u003C/i\u003E\u003C/b\u003E contact them at \u003Ca href=\u0022mailto:cybercrime@politsei.ee\u0022\u003Ecybercrime@politsei.ee\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Estonia.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"eThekwiniMunicipality","Title":"eThekwini Municipality","Domain":"eservices.durban.gov.za","BreachDate":"2016-09-07","AddedDate":"2016-09-15T00:01:47Z","ModifiedDate":"2016-09-15T00:01:47Z","PwnCount":81830,"Description":"In September 2016, \u003Ca href=\u0022http://eservices.durban.gov.za\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe new eThekwini eServices website\u003C/a\u003E in South Africa was launched with a number of security holes that lead to \u003Ca href=\u0022http://mybroadband.co.za/news/security/179064-ethekwini-municipality-leaking-private-details-of-over-300000-residents.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe leak of over 98k residents\u0027 personal information and utility bills\u003C/a\u003E across 82k unique email addresses. Emails were sent prior to launch containing passwords in plain text and the site allowed anyone to download utility bills without sufficient authentication. Various methods of customer data enumeration was possible and phishing attacks began appearing the day after launch.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/eThekwiniMunicipality.png","DataClasses":["Dates of birth","Deceased date","Email addresses","Genders","Government issued IDs","Names","Passport numbers","Passwords","Phone numbers","Physical addresses","Utility bills"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ethereum","Title":"Ethereum","Domain":"ethereum.org","BreachDate":"2016-12-16","AddedDate":"2016-12-20T23:56:26Z","ModifiedDate":"2016-12-20T23:56:26Z","PwnCount":16431,"Description":"In December 2016, the forum for the public blockchain-based distributed computing platform \u003Ca href=\u0022https://blog.ethereum.org/2016/12/19/security-alert-12192016-ethereum-org-forums-database-compromised/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEthereum suffered a data breach\u003C/a\u003E. The database contained over 16k unique email addresses along with IP addresses, private forum messages and (mostly) bcrypt hashed passwords. \u003Ca href=\u0022https://www.troyhunt.com/the-ethereum-forum-was-hacked-and-theyve-voluntarily-submitted-the-data-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEthereum elected to self-submit the data to HIBP\u003C/a\u003E, providing the service with a list of email addresses impacted by the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ethereum.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EuropaJobs","Title":"europa.jobs","Domain":"europa.jobs","BreachDate":"2019-08-11","AddedDate":"2020-01-15T08:51:05Z","ModifiedDate":"2020-01-15T08:51:05Z","PwnCount":226095,"Description":"In August 2019, the now defunct European jobs website \u003Ca href=\u0022https://webcache.googleusercontent.com/search?q=cache:Qk_zaGEqx70J:https://en.europa.jobs/\u002B\u0026cd=1\u0026hl=en\u0026ct=clnk\u0026gl=au\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eeuropa.jobs\u003C/a\u003E (Google cache link) suffered a data breach. The incident exposed 226k unique email addresses alongside extensive personal information including names, dates of birth, job applications and passwords. The data was subsequently redistributed on a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EuropaJobs.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Job applications","Names","Passwords","Phone numbers","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Evermotion","Title":"Evermotion","Domain":"evermotion.org","BreachDate":"2015-05-07","AddedDate":"2017-07-02T13:49:09Z","ModifiedDate":"2017-07-02T13:49:09Z","PwnCount":435510,"Description":"In May 2015, the Polish 3D modelling website known as \u003Ca href=\u0022https://evermotion.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEvermotion\u003C/a\u003E suffered a data breach resulting in the exposure of 435k unique user records. The data was sourced from a vBulletin forum and contained email addresses, usernames, dates of birth and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Evermotion.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EverybodyEdits","Title":"Everybody Edits","Domain":"everybodyedits.com","BreachDate":"2019-03-23","AddedDate":"2019-04-03T10:50:16Z","ModifiedDate":"2019-04-03T10:55:58Z","PwnCount":871190,"Description":"In March 2019, the multiplayer platform game \u003Ca href=\u0022https://everybodyedits.wordpress.com/2019/03/28/everybody-edits-data-security-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEverybody Edits suffered a data breach\u003C/a\u003E. The incident exposed 871k unique email addresses alongside usernames and IP addresses. The data was subsequently distributed online across a collection of files.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EverybodyEdits.png","DataClasses":["Email addresses","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Evite","Title":"Evite","Domain":"evite.com","BreachDate":"2013-08-11","AddedDate":"2019-07-14T14:51:51Z","ModifiedDate":"2019-07-14T14:51:51Z","PwnCount":100985047,"Description":"In April 2019, the social planning website for managing online invitations \u003Ca href=\u0022https://www.evite.com/security/update?usource=lc\u0026lctid=1800182\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEvite identified a data breach of their systems\u003C/a\u003E. Upon investigation, they found unauthorised access to a database archive dating back to 2013. The exposed data included a total of 101 million unique email addresses, most belonging to recipients of invitations. Members of the service also had names, phone numbers, physical addresses, dates of birth, genders and passwords stored in plain text exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Evite.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Evony","Title":"Evony","Domain":"evony.com","BreachDate":"2016-06-01","AddedDate":"2017-03-25T23:43:45Z","ModifiedDate":"2017-03-25T23:43:45Z","PwnCount":29396116,"Description":"In June 2016, the online multiplayer game \u003Ca href=\u0022http://securityaffairs.co/wordpress/52260/data-breach/evony-data-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEvony was hacked\u003C/a\u003E and over 29 million unique accounts were exposed. The attack led to the exposure of usernames, email and IP addresses and MD5 hashes of passwords (without salt).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Evony.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Exactis","Title":"Exactis","Domain":"exactis.com","BreachDate":"2018-06-01","AddedDate":"2018-07-25T20:00:44Z","ModifiedDate":"2018-07-25T20:00:44Z","PwnCount":131577763,"Description":"In June 2018, \u003Ca href=\u0022https://www.wired.com/story/exactis-database-leak-340-million-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe marketing firm Exactis inadvertently publicly leaked 340 million records of personal data\u003C/a\u003E. Security researcher \u003Ca href=\u0022https://www.nightlionsecurity.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVinny Troia of Night Lion Security\u003C/a\u003E discovered the leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data. The data was collected as part of Exactis\u0027 service as a \u0026quot;compiler and aggregator of premium business \u0026amp; consumer data\u0026quot; which they then sell for profiling and marketing purposes. A small subset of the exposed fields were provided to Have I Been Pwned and contained 132 million unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Exactis.png","DataClasses":["Credit status information","Dates of birth","Education levels","Email addresses","Ethnicities","Family structure","Financial investments","Genders","Home ownership statuses","Income levels","IP addresses","Marital statuses","Names","Net worths","Occupations","Personal interests","Phone numbers","Physical addresses","Religions","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Experian","Title":"Experian (2015)","Domain":"experian.com","BreachDate":"2015-09-16","AddedDate":"2016-09-06T23:49:00Z","ModifiedDate":"2020-11-22T05:42:00Z","PwnCount":7196890,"Description":"In September 2015, the US based credit bureau and consumer data broker \u003Ca href=\u0022http://krebsonsecurity.com/2015/10/experian-breach-affects-15-million-consumers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EExperian suffered a data breach\u003C/a\u003E that impacted 15 million customers who had applied for financing from T-Mobile. An alleged data breach was subsequently circulated containing personal information including names, physical and email addresses, birth dates and various other personal attributes. Multiple Have I Been Pwned subscribers verified portions of the data as being accurate, but the actual source of it was inconclusive therefor this breach has been flagged as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Experian.png","DataClasses":["Credit status information","Dates of birth","Email addresses","Ethnicities","Family structure","Genders","Home ownership statuses","Income levels","IP addresses","Names","Phone numbers","Physical addresses","Purchasing habits"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Experian2020","Title":"Experian (South Africa)","Domain":"","BreachDate":"2020-08-19","AddedDate":"2020-09-01T23:39:52Z","ModifiedDate":"2020-09-02T00:00:41Z","PwnCount":1284637,"Description":"In August 2020, \u003Ca href=\u0022https://www.iafrikan.com/2020/09/01/experian-data-breach-database-public-data-information-south-africa/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EExperian South Africa suffered a data breach\u003C/a\u003E which exposed the personal information of tens of millions of individuals. Only 1.3M of the records contained email addresses, whilst most contained government issued identity numbers, names, addresses, occupations and employers, amongst other person information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Experian.png","DataClasses":["Email addresses","Employers","Government issued IDs","Names","Occupations","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ExploitIn","Title":"Exploit.In","Domain":"","BreachDate":"2016-10-13","AddedDate":"2017-05-06T07:03:18Z","ModifiedDate":"2017-05-06T07:03:18Z","PwnCount":593427119,"Description":"In late 2016, a huge list of email address and password pairs appeared in a \u0026quot;combo list\u0026quot; referred to as \u0026quot;Exploit.In\u0026quot;. The list contained 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for \u0026quot;credential stuffing\u0026quot;, that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read \u003Ca href=\u0022https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPassword reuse, credential stuffing and another billion records in Have I Been Pwned\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ExploreTalentAug2024","Title":"Explore Talent (August 2024)","Domain":"exploretalent.com","BreachDate":"2024-08-15","AddedDate":"2024-08-19T05:52:35Z","ModifiedDate":"2024-08-19T05:52:35Z","PwnCount":8929384,"Description":"In August 2024, \u003Ca href=\u0022https://maia.crimew.gay/posts/gps-track-deez-nuts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent\u003C/a\u003E. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach which occurred in 2022 and was loaded into HIBP in July 2024.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ExploreTalent.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ExploreTalent","Title":"Explore Talent (July 2024)","Domain":"exploretalent.com","BreachDate":"2022-02-28","AddedDate":"2024-07-25T03:21:40Z","ModifiedDate":"2024-08-19T05:52:35Z","PwnCount":5371574,"Description":"In July 2024, \u003Ca href=\u0022https://x.com/H4ckManac/status/1813528139881988225\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach attributed to Explore Talent was publicly posted to a popular hacking forum\u003C/a\u003E. Containing 5.7M rows with 5.4M unique email addresses, the incident has been described by various sources as occurring between early 2022 to 2023 and also contains names, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ExploreTalent.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VINs","Title":"Exposed VINs","Domain":"","BreachDate":"2017-06-05","AddedDate":"2017-06-09T05:35:19Z","ModifiedDate":"2017-06-09T05:35:19Z","PwnCount":396650,"Description":"In June 2017, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/car-thieves-everywhere-rejoice-as-unsecured-database-exposes-10-million-car-vins/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean unsecured database with more than 10 million VINs (vehicle identification numbers) was discovered by researchers\u003C/a\u003E. Believed to be sourced from US car dealerships, the data included a raft of personal information and vehicle data along with 397k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Family structure","Genders","Names","Phone numbers","Physical addresses","Vehicle details"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Exvagos","Title":"Exvagos","Domain":"exvagos.org","BreachDate":"2022-07-21","AddedDate":"2024-03-28T06:28:55Z","ModifiedDate":"2024-03-28T06:28:55Z","PwnCount":2121789,"Description":"In July 2022, the direct download website Exvagos suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Exvagos.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eye4Fraud","Title":"Eye4Fraud","Domain":"eye4fraud.com","BreachDate":"2023-01-25","AddedDate":"2023-03-06T04:46:58Z","ModifiedDate":"2023-03-06T06:04:28Z","PwnCount":16000591,"Description":"In February 2023, \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1622838659689988098\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum\u003C/a\u003E. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who\u0027d placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eye4Fraud.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EyeEm","Title":"EyeEm","Domain":"eyeem.com","BreachDate":"2018-02-28","AddedDate":"2019-02-16T07:17:45Z","ModifiedDate":"2019-02-16T07:17:45Z","PwnCount":19611022,"Description":"In February 2018, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ephotography website EyeEm suffered a data breach\u003C/a\u003E. The breach was identified among a collection of other large incidents and exposed almost 20M unique email addresses, names, usernames, bios and password hashes. The data was provided to HIBP by a source who asked for it to be attributed to \u0026quot;Kuroi\u0027sh or Gabriel Kimiaie-Asadi Bildstein\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EyeEm.png","DataClasses":["Bios","Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Facebook","Title":"Facebook","Domain":"facebook.com","BreachDate":"2019-08-01","AddedDate":"2021-04-04T03:20:45Z","ModifiedDate":"2021-04-06T09:09:21Z","PwnCount":509458528,"Description":"In April 2021, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/533-million-facebook-users-phone-numbers-leaked-on-hacker-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large data set of over 500 million Facebook users was made freely available for download\u003C/a\u003E. Encompassing approximately 20% of Facebook\u0027s subscribers, the data was allegedly obtained by exploiting a vulnerability Facebook advises they rectified in August 2019. The primary value of the data is the association of phone numbers to identities; whilst each record included phone, only 2.5 million contained an email address. Most records contained names and genders with many also including dates of birth, location, relationship status and employer.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Facebook.png","DataClasses":["Dates of birth","Email addresses","Employers","Genders","Geographic locations","Names","Phone numbers","Relationship statuses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FacebookMarketplace","Title":"Facebook Marketplace","Domain":"facebook.com","BreachDate":"2023-10-01","AddedDate":"2024-02-22T00:53:37Z","ModifiedDate":"2024-02-22T00:55:02Z","PwnCount":77267,"Description":"In February 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/200-000-facebook-marketplace-user-records-leaked-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum\u003C/a\u003E. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations. The data also contained bcrypt password hashes, although there is no indication these belong to the corresponding Facebook accounts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Facebook.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Facepunch","Title":"Facepunch","Domain":"facepunch.com","BreachDate":"2016-06-03","AddedDate":"2018-10-17T13:15:39Z","ModifiedDate":"2018-10-17T13:31:23Z","PwnCount":342913,"Description":"In June 2016, the game development studio \u003Ca href=\u0022https://facepunch.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFacepunch\u003C/a\u003E suffered a data breach that exposed 343k users. The breached data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes. Facepunch advised they were aware of the incident and had notified people at the time. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Facepunch.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FaceUP","Title":"FaceUP","Domain":"faceup.dk","BreachDate":"2013-01-01","AddedDate":"2019-01-13T09:50:41Z","ModifiedDate":"2019-01-13T09:50:41Z","PwnCount":87633,"Description":"In 2013, the Danish social media site \u003Ca href=\u0022https://faceup.dk/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFaceUP\u003C/a\u003E suffered a data breach. The incident exposed 87k unique email addresses alongside genders, dates of birth, names, phone numbers and passwords stored as unsalted MD5 hashes. When notified of the incident, FaceUP advised they had identified a SQL injection vulnerability at the time and forced password resets on impacted customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FaceUP.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Factual","Title":"Factual","Domain":"factual.com","BreachDate":"2017-03-22","AddedDate":"2019-12-24T10:56:18Z","ModifiedDate":"2019-12-24T10:56:18Z","PwnCount":2461696,"Description":"In March 2017, a file containing 8M rows of data \u003Ca href=\u0022https://www.troyhunt.com/when-is-data-public-and-2-5m-public-factual-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eallegedly sourced from data aggregator Factual\u003C/a\u003E was compiled and later exchanged on the premise it was a \u0026quot;breach\u0026quot;. The data contained 2.5M unique email addresses alongside business names, addresses and phone numbers. After consultation with Factual, they advised the data was \u0026quot;publicly available information about businesses and other points of interest that Factual makes available on its website and to customers\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Factual.png","DataClasses":["Email addresses","Employers","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Famm","Title":"Famm","Domain":"famm.us","BreachDate":"2020-10-08","AddedDate":"2022-07-16T09:57:48Z","ModifiedDate":"2022-07-16T09:57:48Z","PwnCount":535240,"Description":"In late 2020, the Japanese family photos website \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/01/25/shinyhunters-wave-3-one-hacker-exposes-over-125-million-credentials/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFamm suffered a data breach that subsequently exposed 1.3M customer records\u003C/a\u003E, including 535k unique email addresses. Impacted data also included names, dates of birth, genders and passwords stored as SHA-256 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Famm.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fanpass","Title":"Fanpass","Domain":"fanpass.co.uk","BreachDate":"2022-04-30","AddedDate":"2022-05-24T03:55:30Z","ModifiedDate":"2022-05-24T23:28:33Z","PwnCount":112251,"Description":"In April 2022, the UK based website for buying and selling soccer tickets \u003Ca href=\u0022https://milled.com/fanpass/fanpass-incident-notification-V6odeYPOxOTPZFq-\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFanpass suffered a data breach\u003C/a\u003E which exposed 112k customer records. Impacted data includes names, phone numbers, physical addresses, purchase histories and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;\u003Ca href=\u0022https://breaches.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreaches.net\u003C/a\u003E\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fanpass.png","DataClasses":["Email addresses","Genders","Names","Partial dates of birth","Passwords","Phone numbers","Physical addresses","Purchases","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FantasyFootballHub","Title":"Fantasy Football Hub","Domain":"fantasyfootballhub.co.uk","BreachDate":"2021-10-02","AddedDate":"2021-10-07T06:32:57Z","ModifiedDate":"2021-10-07T06:32:57Z","PwnCount":66479,"Description":"In October 2021, the fantasy premier league (soccer) website \u003Ca href=\u0022https://fantasyfootballhub.co.uk/we-have-suffered-a-cyber-attack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFantasy Football Hub suffered a data breach that exposed 66 thousand unique email addresses\u003C/a\u003E. The data included names, usernames, IP addresses, transactions and passwords stored as WordPress MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FantasyFootballHub.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WhiteRoom","Title":"Fashion Nexus","Domain":"fashionnexus.co.uk","BreachDate":"2018-07-09","AddedDate":"2018-07-31T08:20:54Z","ModifiedDate":"2018-07-31T08:20:54Z","PwnCount":1279263,"Description":"In July 2018, UK-based ecommerce company \u003Ca href=\u0022https://www.grahamcluley.com/online-fashion-shoppers-exposed-ecommerce-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFashion Nexus suffered a data breach which exposed 1.4 million records\u003C/a\u003E. Multiple websites developed by sister company White Room Solutions were impacted in the breach amongst which were sites including \u003Ca href=\u0022https://jadedldn.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJaded London\u003C/a\u003E and \u003Ca href=\u0022http://axparis.co.uk\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAX Paris\u003C/a\u003E. The various sites exposed in the incident included a range of different data types including names, phone numbers, addresses and passwords stored as a mix of salted MD5 and SHA-1 as well as unsalted MD5 passwords. When asked by reporter Graham Cluley if a public statement on the incident was available, a one-word response of \u0026quot;No\u0026quot; was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WhiteRoom.png","DataClasses":["Browser user agent details","Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FashionFantasyGame","Title":"FashionFantasyGame","Domain":"fashionfantasygame.com","BreachDate":"2016-12-01","AddedDate":"2017-04-20T10:33:38Z","ModifiedDate":"2017-04-20T10:33:38Z","PwnCount":2357872,"Description":"In late 2016, the fashion gaming website \u003Ca href=\u0022http://www.zdnet.com/article/amid-data-breach-responsibility-thrown-to-the-wind/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFashion Fantasy Game suffered a data breach\u003C/a\u003E. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FashionFantasyGame.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FilmaiIn","Title":"Filmai.in","Domain":"filmai.in","BreachDate":"2020-01-01","AddedDate":"2021-02-23T08:52:26Z","ModifiedDate":"2021-02-23T08:52:26Z","PwnCount":645786,"Description":"In approximately 2019 or 2020, the Lithuanian movie streaming service \u003Ca href=\u0022http://filmai.in/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFilmai.in\u003C/a\u003E suffered a data breach exposing 645k email addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FilmaiIn.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FFShrine","Title":"Final Fantasy Shrine","Domain":"ffshrine.org","BreachDate":"2015-09-18","AddedDate":"2015-10-31T12:43:58Z","ModifiedDate":"2015-10-31T12:43:58Z","PwnCount":620677,"Description":"In September 2015, \u003Ca href=\u0022http://ffshrine.org\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Final Fantasy discussion forum known as FFShrine\u003C/a\u003E was breached and the data dumped publicly. Approximately 620k records were released containing email addresses, IP addresses and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FFShrine.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fitmart","Title":"Fitmart","Domain":"fitmart.de","BreachDate":"2021-10-01","AddedDate":"2023-11-03T05:57:10Z","ModifiedDate":"2023-11-03T05:57:10Z","PwnCount":214492,"Description":"In October 2021, \u003Ca href=\u0022https://www.mydealz.de/diskussion/datenleck-bei-fitmart-2214625\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the German fitness supplies store Fitmart was obtained and later redistributed online\u003C/a\u003E. The data included 214k unique email addresses accompanied by plain text passwords, allegedly \u0026quot;dehashed\u0026quot; from the original stored version.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fitmart.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlashFlashRevolution","Title":"Flash Flash Revolution (2016 breach)","Domain":"flashflashrevolution.com","BreachDate":"2016-02-01","AddedDate":"2016-09-06T08:08:29Z","ModifiedDate":"2019-07-21T16:28:59Z","PwnCount":1771845,"Description":"In February 2016, the music-based rhythm game known as \u003Ca href=\u0022http://www.flashflashrevolution.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlash Flash Revolution\u003C/a\u003E was hacked and 1.8M accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlashFlashRevolution.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlashFlashRevolution2019","Title":"Flash Flash Revolution (2019 breach)","Domain":"flashflashrevolution.com","BreachDate":"2019-07-16","AddedDate":"2019-07-21T20:31:54Z","ModifiedDate":"2019-07-21T20:31:54Z","PwnCount":1858124,"Description":"In July 2019, the music-based rhythm game \u003Ca href=\u0022http://www.flashflashrevolution.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlash Flash Revolution\u003C/a\u003E suffered a data breach. The 2019 breach imapcted almost 1.9 million members and is \u003Cem\u003Ein addition to\u003C/em\u003E \u003Ca href=\u0022http://www.flashflashrevolution.com/ffr/information-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe 2016 data breach of the same service\u003C/a\u003E. Email and IP addesses, usernames, dates of birth and salted MD5 hashes were all exposed in the breach. The data was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlashFlashRevolution.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Flashback","Title":"Flashback","Domain":"flashback.se","BreachDate":"2015-02-11","AddedDate":"2015-02-12T05:42:12Z","ModifiedDate":"2015-02-12T05:42:12Z","PwnCount":40256,"Description":"In February 2015, \u003Ca href=\u0022http://www.flashback.se/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Swedish forum known as Flashback\u003C/a\u003E had sensitive internal data on 40k members published via the tabloid newspaper \u003Ca href=\u0022http://www.aftonbladet.se/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAftonbladet\u003C/a\u003E. The data was \u003Ca href=\u0022http://swedishsurveyor.com/2015/02/11/the-inquisition/\u0022\u003Eallegedly sold to them via Researchgruppen\u003C/a\u003E (The Research Group) \u003Ca href=\u0022http://www.technologyreview.com/photoessay/533426/the-troll-hunters/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewho have a history of exposing otherwise anonymous users\u003C/a\u003E, primarily those who they believe participate in \u0026quot;troll like\u0026quot; behaviour. The compromised data includes social security numbers, home and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Flashback.png","DataClasses":["Email addresses","Government issued IDs","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlexBooker","Title":"FlexBooker","Domain":"flexbooker.com","BreachDate":"2021-12-23","AddedDate":"2022-01-06T06:11:10Z","ModifiedDate":"2022-01-06T06:34:26Z","PwnCount":3756794,"Description":"In December 2021, the online booking service \u003Ca href=\u0022https://www.flexbooker.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlexBooker\u003C/a\u003E suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. FlexBooker has identified the breach as originating from a compromised account within their AWS infrastructure. The data was found being actively traded on a popular hacking forum and was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlexBooker.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fling","Title":"Fling","Domain":"fling.com","BreachDate":"2011-03-10","AddedDate":"2016-05-28T23:08:07Z","ModifiedDate":"2016-05-28T23:08:07Z","PwnCount":40767652,"Description":"In 2011, the self-proclaimed \u0026quot;World\u0027s Best Adult Social Network\u0026quot; website known as Fling \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-passwords-and-sexual-desires-for-dating-site-fling\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and more than 40 million accounts obtained by the attacker\u003C/a\u003E. The breached data included highly sensitive personal attributes such as sexual orientation and sexual interests as well as email addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fling.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Phone numbers","Sexual fetishes","Sexual orientations","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FLVS","Title":"Florida Virtual School","Domain":"flvs.net","BreachDate":"2018-02-12","AddedDate":"2018-03-18T01:40:31Z","ModifiedDate":"2018-03-18T01:40:31Z","PwnCount":542902,"Description":"In March 2018, the Florida Virtual School (FLVS) \u003Ca href=\u0022https://www.flvs.net/notices?source=homepage\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eposted a data breach notification to their website\u003C/a\u003E. The school had identified a data breach which had occurred sometime between 6 May 2016 and 12 Feb 2018 and an XML file containing 368k student records was subsequently found circulating. Each record contained student name, date of birth, password, grade, email \u003Cem\u003Eand\u003C/em\u003E parent email resulting in a total of 543k unique email addresses. Due to the prevalence of email addresses belonging to individuals who are still legally children, the data breach has been flagged as \u0026quot;sensitive\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FLVS.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","School grades (class levels)","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RobloxDeveloperConference2024","Title":"FNTECH","Domain":"fntech.com","BreachDate":"2024-07-04","AddedDate":"2024-07-06T01:21:29Z","ModifiedDate":"2024-07-10T06:59:15Z","PwnCount":10386,"Description":"In July 2024, the events management platform FNTECH suffered a data breach that exposed 10k unique email addresses. The data contained registrants from various events, \u003Ca href=\u0022https://x.com/Roblox_RTC/status/1809300821701427220\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eincluding participants of the Roblox Developer Conference registration list\u003C/a\u003E. The data also included names and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FNTECH.png","DataClasses":["Email addresses","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Foodora","Title":"Foodora","Domain":"foodora.com","BreachDate":"2016-04-22","AddedDate":"2020-06-16T02:09:33Z","ModifiedDate":"2020-06-16T02:09:33Z","PwnCount":582578,"Description":"In April 2016, the online food delivery service \u003Ca href=\u0022https://www.databreachtoday.com/delivery-hero-confirms-foodora-data-breach-a-14435\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFoodora suffered a data breach\u003C/a\u003E which was then extensively redistributed online. The breach included the personal information of hundreds of thousands of customers from multiple countries including their names, delivery addresses, phone numbers and passwords stored as either a salted MD5 or a bcrypt hash.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Foodora.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Forbes","Title":"Forbes","Domain":"forbes.com","BreachDate":"2014-02-15","AddedDate":"2014-02-15T11:24:42Z","ModifiedDate":"2014-02-15T11:24:42Z","PwnCount":1057819,"Description":"In February 2014, the Forbes website \u003Ca href=\u0022http://news.cnet.com/8301-1009_3-57618945-83/syrian-electronic-army-hacks-forbes-steals-user-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuccumbed to an attack that leaked over 1 million user accounts\u003C/a\u003E. The attack was attributed to the Syrian Electronic Army, allegedly as retribution for a perceived \u0022Hate of Syria\u0022. The attack not only leaked user credentials, but also resulted in the posting of fake news stories to forbes.com.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Forbes.png","DataClasses":["Email addresses","Passwords","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ForumCommunity","Title":"ForumCommunity","Domain":"forumcommunity.net","BreachDate":"2016-06-01","AddedDate":"2018-12-05T05:04:45Z","ModifiedDate":"2018-12-05T07:29:20Z","PwnCount":776648,"Description":"In approximately mid-2016, the Italian-based service for creating forums known as \u003Ca href=\u0022https://www.forumcommunity.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EForumCommunity\u003C/a\u003E suffered a data breach. The incident impacted over 776k unique email addresses along with usernames and unsalted MD5 password hashes. No response was received from ForumCommunity when contacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ForumCommunity.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fotolog","Title":"Fotolog","Domain":"fotolog.com","BreachDate":"2018-12-01","AddedDate":"2021-06-15T03:20:43Z","ModifiedDate":"2021-06-15T03:20:43Z","PwnCount":16717854,"Description":"In December 2018, the photo sharing social network \u003Ca href=\u0022https://www.theregister.com/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFotolog suffered a data breach\u003C/a\u003E that exposed 16.7 million unique email addresses. The data also included usernames and unsalted SHA-256 password hashes. The site was dissolved the following year and repurposed as a news website based in Brcko, Bosnia and Herzegovina.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fotolog.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FoxyBingo","Title":"Foxy Bingo","Domain":"foxybingo.com","BreachDate":"2008-04-04","AddedDate":"2015-11-22T01:05:05Z","ModifiedDate":"2015-11-22T01:05:05Z","PwnCount":252216,"Description":"In April 2007, the online gambling site \u003Ca href=\u0022https://www.foxybingo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFoxy Bingo\u003C/a\u003E was hacked and 252,000 accounts were obtained by the hackers. The breached records \u003Ca href=\u0022http://www.itpro.co.uk/637279/gambler-busted-flogging-stolen-data-to-gaming-firms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewere subsequently sold and traded\u003C/a\u003E and included personal information data such as plain text passwords, birth dates and home addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FoxyBingo.png","DataClasses":["Account balances","Browser user agent details","Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FreedomHostingII","Title":"Freedom Hosting II","Domain":"fhostingesps6bly.onion","BreachDate":"2017-01-31","AddedDate":"2017-02-05T10:06:58Z","ModifiedDate":"2017-02-05T10:06:58Z","PwnCount":380830,"Description":"In January 2017, the free hidden service host \u003Ca href=\u0022http://www.theverge.com/2017/2/3/14497992/freedom-hosting-ii-hacked-anonymous-dark-web-tor\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFreedom Hosting II suffered a data breach\u003C/a\u003E. The attack allegedly took down 20% of dark web sites running behind Tor hidden services with the attacker claiming that of the 10,613 impacted sites, more than 50% of the content was child pornography. The hack led to the exposure of MySQL databases for the sites which included a vast amount of information on the hidden services Freedom Hosting II was managing. The impacted data classes far exceeds those listed for the breach and differ between the thousands of impacted sites.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FreedomHostingII.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FreshMenu","Title":"FreshMenu","Domain":"freshmenu.com","BreachDate":"2016-07-01","AddedDate":"2018-09-10T12:27:19Z","ModifiedDate":"2018-09-10T12:27:19Z","PwnCount":110355,"Description":"In July 2016, the India-based food delivery service \u003Ca href=\u0022https://www.freshmenu.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFreshMenu\u003C/a\u003E suffered a data breach. The incident exposed the personal data of over 110k customers and included their names, email addresses, phone numbers, home addresses and order histories. When advised of the incident, FreshMenu acknowledged being already aware of the breach but stated they had decided not to notify impacted customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FreshMenu.png","DataClasses":["Device information","Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fridae","Title":"Fridae","Domain":"fridae.asia","BreachDate":"2014-05-02","AddedDate":"2014-05-06T02:48:35Z","ModifiedDate":"2014-05-06T02:48:35Z","PwnCount":35368,"Description":"In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as \u0022Fridae\u0022. The attack which was \u003Ca href=\u0022https://twitter.com/Survela/status/463327706361659392\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eannounced on Twitter\u003C/a\u003E appears to have been \u003Ca href=\u0022http://pastebin.com/ipFKjv6z\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eorchestrated by Deletesec\u003C/a\u003E who claim that \u0022Digital weapons shall annihilate all secrecy within governments and corporations\u0022. The exposed data included password stored in plain text. ","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fridae.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Funimation","Title":"Funimation","Domain":"funimation.com","BreachDate":"2016-07-01","AddedDate":"2017-02-20T00:43:26Z","ModifiedDate":"2017-02-20T00:43:26Z","PwnCount":2491103,"Description":"In July 2016, the anime site \u003Ca href=\u0022https://www.funimation.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFunimation\u003C/a\u003E suffered a data breach that impacted 2.5 million accounts. The data contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Funimation.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FunnyGames","Title":"Funny Games","Domain":"funny-games.biz","BreachDate":"2018-04-28","AddedDate":"2018-07-24T03:01:35Z","ModifiedDate":"2018-07-24T03:01:35Z","PwnCount":764357,"Description":"In April 2018, the online entertainment site \u003Ca href=\u0022https://www.funny-games.biz/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFunny Games\u003C/a\u003E suffered a data breach that disclosed 764k records including usernames, email and IP addresses and salted MD5 password hashes. The incident was disclosed to Funny Games in July who acknowledged the breach and identified it had been caused by legacy code no longer in use. The record count in the breach constitute approximately half of the user base.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FunnyGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FurAffinity","Title":"Fur Affinity","Domain":"furaffinity.net","BreachDate":"2016-05-17","AddedDate":"2016-05-27T09:36:18Z","ModifiedDate":"2016-05-27T09:36:18Z","PwnCount":1270564,"Description":"In May 2016, the Fur Affinity website for people with an interest in anthropomorphic animal characters (also known as \u0022furries\u0022) \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-furry-site-hacked-content-deleted\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E. The attack exposed 1.2M email addresses (many accounts had a different \u0022first\u0022 and \u0022last\u0022 email against them) and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FurAffinity.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gaadi","Title":"Gaadi","Domain":"gaadi.com","BreachDate":"2015-05-14","AddedDate":"2018-07-01T07:17:02Z","ModifiedDate":"2018-07-01T07:17:02Z","PwnCount":4261179,"Description":"In May 2015, the Indian motoring website known as \u003Ca href=\u0022https://www.gaadi.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGaadi\u003C/a\u003E had 4.3 million records exposed in a data breach. The data contained usernames, email and IP addresses, genders, the city of users as well as passwords stored in both plain text and as MD5 hashes. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gaadi.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gab","Title":"Gab","Domain":"gab.com","BreachDate":"2021-02-26","AddedDate":"2021-03-03T23:03:30Z","ModifiedDate":"2021-03-03T23:03:30Z","PwnCount":66521,"Description":"In February 2021, the alt-tech social network service \u003Ca href=\u0022https://www.troyhunt.com/gab-has-been-breached/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGab suffered a data breach\u003C/a\u003E. The incident exposed almost 70GB of data including 4M user accounts, a small number of private chat logs and a list of public groups and public posts made to the service. Only a small number of accounts included email addresses and / or passwords stored as bcrypt hashes with a total of 66.5k unique email addresses being exposed across the corpus of data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gab.png","DataClasses":["Avatars","Email addresses","Names","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GamerzPlanet","Title":"Gamerzplanet","Domain":"gamerzplanet.net","BreachDate":"2015-10-23","AddedDate":"2016-02-05T20:12:26Z","ModifiedDate":"2016-02-05T20:12:26Z","PwnCount":1217166,"Description":"In approximately October 2015, the online gaming forum known as \u003Ca href=\u0022http://gamerzplanet.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGamerzplanet\u003C/a\u003E was hacked and more than 1.2M accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GamerzPlanet.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GamesBox","Title":"Games Box","Domain":"gamesbox.com","BreachDate":"2020-09-21","AddedDate":"2024-09-15T02:41:52Z","ModifiedDate":"2024-09-15T02:41:52Z","PwnCount":1439354,"Description":"In September 2020, now defunct website Games Box suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The impacted data included 1.4M email addresses alongside usernames, genders, ages and passwords stored as either a hash or plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GamesBox.png","DataClasses":["Ages","Email addresses","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameSalad","Title":"GameSalad","Domain":"gamesalad.com","BreachDate":"2019-02-24","AddedDate":"2019-07-21T14:18:46Z","ModifiedDate":"2019-07-21T14:23:46Z","PwnCount":1506242,"Description":"In February 2019, the education and game creation website \u003Ca href=\u0022https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGame Salad suffered a data breach\u003C/a\u003E. The incident impacted 1.5M accounts and exposed email addresses, usernames, IP addresses and passwords stored as SHA-256 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameSalad.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameSprite","Title":"GameSprite","Domain":"gamesprite.me","BreachDate":"2019-12-17","AddedDate":"2023-10-30T02:32:54Z","ModifiedDate":"2023-10-30T07:06:29Z","PwnCount":6164643,"Description":"In December 2019, the now defunct gaming platform \u003Ca href=\u0022https://gamesprite.me\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGameSprite\u003C/a\u003E suffered a data breach that exposed over 6M unique email addresses. The impacted data also included usernames, IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameSprite.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameTuts","Title":"GameTuts","Domain":"game-tuts.com","BreachDate":"2015-03-01","AddedDate":"2016-09-23T23:59:38Z","ModifiedDate":"2016-09-23T23:59:38Z","PwnCount":2064274,"Description":"Likely in early 2015, the video game website GameTuts suffered a data breach and over 2 million user accounts were exposed. The site later \u003Ca href=\u0022https://twitter.com/TeamModio/status/756705841168916486\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eshut down in July 2016\u003C/a\u003E but was identified as having been hosted on a vBulletin forum. The exposed data included usernames, email and IP addresses and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameTuts.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameVN","Title":"GameVN","Domain":"gamevn.com","BreachDate":"2016-05-01","AddedDate":"2024-09-23T01:39:12Z","ModifiedDate":"2024-09-23T01:39:12Z","PwnCount":1369485,"Description":"In May 2016, the Vietnamese gaming forum GameVN suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. Data breached from the XenForo-based forum included 1.4M unique email addresses, usernames, IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameVN.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gamigo","Title":"Gamigo","Domain":"gamigo.com","BreachDate":"2012-03-01","AddedDate":"2016-01-18T16:26:24Z","ModifiedDate":"2016-01-18T16:26:24Z","PwnCount":8243604,"Description":"In March 2012, the German online game publisher Gamigo \u003Ca href=\u0022http://www.zdnet.com/article/8-24-million-gamigo-passwords-leaked-after-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E and more than 8 million accounts publicly leaked. The breach included email addresses and passwords stored as weak MD5 hashes with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gamigo.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GamingMonk","Title":"GamingMonk","Domain":"gamingmonk.com","BreachDate":"2020-12-02","AddedDate":"2023-11-05T23:05:37Z","ModifiedDate":"2023-11-05T23:05:37Z","PwnCount":654510,"Description":"In December 2020, India\u0027s \u0026quot;largest esports community\u0026quot; \u003Ca href=\u0022http://gamingmonk.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGamingMonk\u003C/a\u003E (since acquired by and redirected to MPL Esports), suffered a data breach. The incident exposed 655k unique email addresses along with names, usernames, phone numbers, dates of birth and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GamingMonk.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GateHub","Title":"GateHub","Domain":"gatehub.net","BreachDate":"2019-06-04","AddedDate":"2019-11-20T00:29:29Z","ModifiedDate":"2019-12-24T13:09:23Z","PwnCount":1408078,"Description":"In October 2019, \u003Ca href=\u0022https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E1.4M accounts from the cryptocurrency wallet service GateHub were posted to a popular hacking forum\u003C/a\u003E. GateHub had \u003Ca href=\u0022https://gatehub.net/blog/gatehub-update-investigation-continues/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epreviously acknowledged a data breach in June\u003C/a\u003E, albeit with a smaller number of impacted accounts. Data from the breach included email addresses, mnemonic phrases, encrypted master keys, encrypted recovery keys and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GateHub.png","DataClasses":["Email addresses","Encrypted keys","Mnemonic phrases","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gawker","Title":"Gawker","Domain":"gawker.com","BreachDate":"2010-12-11","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":1247574,"Description":"In December 2010, Gawker was attacked by the hacker collective \u0026quot;Gnosis\u0026quot; in retaliation for what was reported to be a feud between Gawker and 4Chan. Information about Gawkers 1.3M users was published along with the data from Gawker\u0027s other web presences including Gizmodo and Lifehacker. Due to the prevalence of password reuse, many victims of the breach \u003Ca href=\u0022http://www.troyhunt.com/2011/01/why-your-apps-security-design-could.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethen had their Twitter accounts compromised to send Acai berry spam\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gawker.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gett","Title":"Ge.tt","Domain":"ge.tt","BreachDate":"2017-05-04","AddedDate":"2021-02-16T06:22:20Z","ModifiedDate":"2021-02-22T12:16:44Z","PwnCount":2481121,"Description":"In May 2017, the file sharing platform \u003Ca href=\u0022https://www.zdnet.com/article/127-million-user-records-from-8-companies-put-up-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGe.tt suffered a data breach\u003C/a\u003E. The data was subsequently put up for sale on a dark web marketplace in February 2019 alongside a raft of other breaches. The Ge.tt breach included names, social media profile identifiers, SHA256 password hashes and almost 2.5M unique email addresses. The data was provided to HIBP by a source who requested it be attributed to \u003Ca href=\u0022https://www.linkedin.com/company/breachdirectory/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBreachDirectory\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gett.png","DataClasses":["Email addresses","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GeekedIn","Title":"GeekedIn","Domain":"geekedin.net","BreachDate":"2016-08-15","AddedDate":"2016-11-17T19:44:24Z","ModifiedDate":"2022-03-06T05:21:27Z","PwnCount":1073164,"Description":"In August 2016, the technology recruitment site GeekedIn left a MongoDB database exposed and over 8M records were extracted by an unknown third party. The breached data was originally scraped from GitHub in violation of their terms of use and contained information exposed in public profiles, including over 1 million members\u0027 email addresses. Full details on the incident (including how impacted members can see their leaked data) are covered in the blog post on \u003Ca href=\u0022https://www.troyhunt.com/8-million-github-profiles-were-leaked-from-geekedins-mongodb-heres-how-to-see-yours\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E8 million GitHub profiles were leaked from GeekedIn\u0027s MongoDB - here\u0027s how to see yours\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GeekedIn.png","DataClasses":["Email addresses","Geographic locations","Names","Professional skills","Usernames","Years of professional experience"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gemini","Title":"Gemini","Domain":"gemini.com","BreachDate":"2022-12-13","AddedDate":"2022-12-16T16:47:43Z","ModifiedDate":"2024-04-23T19:32:40Z","PwnCount":5274214,"Description":"In late 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata allegedly taken from the Gemini crypto exchange was posted to a public hacking forum\u003C/a\u003E. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to \u003Ca href=\u0022https://www.gemini.com/blog/protecting-our-customers-from-phishing-campaigns\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean incident at a third-party vendor\u003C/a\u003E (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to \u0026quot;ZAN @ BF\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Partial phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gemplex","Title":"Gemplex","Domain":"gemplex.tv","BreachDate":"2021-02-18","AddedDate":"2023-12-09T02:19:40Z","ModifiedDate":"2023-12-09T02:19:40Z","PwnCount":4563166,"Description":"In February 2021, the Indian streaming platform Gemplex suffered a data breach that exposed 4.6M user accounts. The impacted data included device information, names, phone numbers, email addresses and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gemplex.png","DataClasses":["Device information","Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GenesisMarket","Title":"Genesis Market","Domain":"genesis.market","BreachDate":"2023-04-05","AddedDate":"2023-04-05T12:00:00Z","ModifiedDate":"2023-04-05T12:00:00Z","PwnCount":8000000,"Description":"In April 2023, the stolen identity marketplace \u003Ca href=\u0022https://www.troyhunt.com/seized-genesis-market-data-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-operation-cookie-monster/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGenesis Market was shut down by the FBI and a coalition of law enforcement agencies across the globe in \u0026quot;Operation Cookie Monster\u0026quot;\u003C/a\u003E. The service traded in \u0026quot;browser fingerprints\u0026quot; which enabled criminals to impersonate victims and access their online services. As many of the impacted accounts did not include email addresses, \u0026quot;8M\u0026quot; is merely an approximation intended to indicate scale. Other personal data compromised by the service included names, addresses and credit card information, although not all individuals had each of these fields exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GenesisMarket.png","DataClasses":["Browser user agent details","Credit card CVV","Credit cards","Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"GeniusU","Title":"GeniusU","Domain":"geniusu.com","BreachDate":"2020-10-02","AddedDate":"2021-01-08T21:49:21Z","ModifiedDate":"2021-01-10T00:45:52Z","PwnCount":1301460,"Description":"In November 2020, \u003Ca href=\u0022https://www.databreaches.net/more-drama-on-a-forum-and-a-slew-of-new-databases-dumped/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea collection of data breaches were made public including the \u0026quot;Entrepreneur Success Platform\u0026quot;, GeniusU\u003C/a\u003E. Dating back to the previous month, the data included 1.3M names, email and IP addresses, genders, links to social media profiles and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GeniusU.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GetRevengeOnYourEx","Title":"Get Revenge On Your Ex","Domain":"getrevengeonyourex.com","BreachDate":"2022-09-09","AddedDate":"2022-11-15T01:57:17Z","ModifiedDate":"2022-12-11T12:24:54Z","PwnCount":79195,"Description":"In September 2022, the revenge website \u003Ca href=\u0022https://getrevengeonyourex.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGet Revenge On Your Ex\u003C/a\u003E suffered a data breach that exposed almost 80k unique email addresses. The data spanned both customers and victims including names, IP and physical addresses, phone numbers, purchase histories and plain text passwords. The data was subsequently shared on a public hacking forum, Get Revenge On Your Ex did not reply when contacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GetRevengeOnYourEx.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GFAN","Title":"GFAN","Domain":"gfan.com","BreachDate":"2016-10-10","AddedDate":"2016-10-10T16:32:34Z","ModifiedDate":"2016-10-10T16:32:34Z","PwnCount":22526334,"Description":"In October 2016, data surfaced that was allegedly obtained from the Chinese website known as \u003Ca href=\u0022http://www.gfan.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGFAN\u003C/a\u003E and contained 22.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email and IP addresses, user names and salted and hashed passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GFAN.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GGCorp","Title":"GGCorp","Domain":"ggcorp.me","BreachDate":"2022-08-11","AddedDate":"2022-11-08T07:35:13Z","ModifiedDate":"2022-11-08T07:35:13Z","PwnCount":2376330,"Description":"In August 2022, the MMORPG website \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1558362615067250688\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGGCorp suffered a data breach that exposed almost 2.4M unique email addresses\u003C/a\u003E. The data also included IP addresses, usernames and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GGCorp.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GiantTiger","Title":"Giant Tiger","Domain":"gianttiger.com","BreachDate":"2024-03-04","AddedDate":"2024-04-12T22:31:29Z","ModifiedDate":"2024-04-12T22:57:56Z","PwnCount":2842669,"Description":"In March 2024, \u003Ca href=\u0022https://cybernews.com/news/giant-tiger-customers-exposed/#google_vignette\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECanadian discount store Giant Tiger suffered a data breach that exposed 2.8M customer records\u003C/a\u003E. Attributed to a vendor of the retailer, the breach included physical and email addresses, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GiantTiger.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GiveSendGo","Title":"GiveSendGo","Domain":"givesendgo.com","BreachDate":"2022-02-07","AddedDate":"2022-02-15T00:01:14Z","ModifiedDate":"2022-02-15T00:01:14Z","PwnCount":89966,"Description":"In February 2022, the Christian fundraising service \u003Ca href=\u0022https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGiveSendGo suffered a data breach which exposed the personal data of 90k donors to the Canadian \u0026quot;Freedom Convoy\u0026quot; protest against vaccine mandates\u003C/a\u003E. The breach exposed names, email addresses, post codes, donation amount and comments left at the time of donation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GiveSendGo.png","DataClasses":["Email addresses","Geographic locations","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Glofox","Title":"Glofox","Domain":"glofox.com","BreachDate":"2020-03-27","AddedDate":"2021-01-10T01:30:48Z","ModifiedDate":"2021-01-10T01:30:48Z","PwnCount":2330735,"Description":"In March 2020, the Irish gym management software company \u003Ca href=\u0022https://www.irishtimes.com/business/technology/irish-start-up-glofox-investigates-possible-data-breach-1.4414837\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGlofox suffered a data breach which exposed 2.3M membership records\u003C/a\u003E. The data included email addresses, names, phone numbers, genders, dates of birth and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Glofox.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GoGames","Title":"Go Games","Domain":"gogames.me","BreachDate":"2015-10-24","AddedDate":"2020-01-11T00:06:33Z","ModifiedDate":"2020-01-11T00:06:33Z","PwnCount":3430083,"Description":"In approximately October 2015, the manga website \u003Ca href=\u0022http://gogames.me\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGo Games\u003C/a\u003E suffered a data breach. The exposed data included 3.4M customer records including email and IP addresses, usernames and passwords stored as salted MD5 hashes. Go Games did not respond when contacted about the incident. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GoGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GoNinja","Title":"Go Ninja","Domain":"goninja.de","BreachDate":"2019-12-17","AddedDate":"2023-11-30T07:18:59Z","ModifiedDate":"2023-11-30T07:18:59Z","PwnCount":4999001,"Description":"In December 2019, the now defunct German gaming website Go Ninja suffered a data breach that exposed 5M unique email addresses. The impacted data included usernames, email and IP addresses and salted MD5 password hashes. More than 4M of the email addresses appeared to have been generated as opposed to organically provided by the user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GoNinja.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GoldSilver","Title":"GoldSilver","Domain":"goldsilver.com","BreachDate":"2018-10-21","AddedDate":"2018-12-27T08:49:18Z","ModifiedDate":"2018-12-27T08:51:50Z","PwnCount":242715,"Description":"In October 2018, the bullion education and dealer services site \u003Ca href=\u0022https://goldsilver.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGoldSilver\u003C/a\u003E suffered a data breach that exposed 243k unique email addresses spanning customers and mailing list subscribers. An extensive amount of personal information on customers was obtained including names, addresses, phone numbers, purchases and passwords and answers to security questions stored as MD5 hashes. In a small number of cases, passport, social security numbers and partial credit card data was also exposed. The data breach and source code belonging to GoldSilver was publicly posted on a dark web service where it remained months later. When notified about the incident, GoldSilver advised that \u0026quot;all affected customers have been directly notified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GoldSilver.png","DataClasses":["Bank account numbers","Email addresses","IP addresses","Names","Partial credit card data","Passport numbers","Phone numbers","Physical addresses","Purchases","Security questions and answers","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"gPotato","Title":"gPotato","Domain":"gpotato.com","BreachDate":"2007-07-12","AddedDate":"2016-09-24T21:37:43Z","ModifiedDate":"2016-09-24T21:37:43Z","PwnCount":2136520,"Description":"In July 2007, the multiplayer game portal known as \u003Ca href=\u0022https://web.archive.org/web/20070710161412/http://gpotato.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EgPotato\u003C/a\u003E (link to archive of the site at that time) suffered a data breach and over 2 million user accounts were exposed. The site later merged into the \u003Ca href=\u0022http://www.webzen.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWebzen portal\u003C/a\u003E where the original accounts still exist today. The exposed data included usernames, email and IP addresses, MD5 hashes and personal attributes such as gender, birth date, physical address and security questions and answers stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/gPotato.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GPSUnderground","Title":"GPS Underground","Domain":"gpsunderground.com","BreachDate":"2016-07-01","AddedDate":"2019-11-19T06:13:42Z","ModifiedDate":"2019-11-19T06:13:42Z","PwnCount":669584,"Description":"In early 2017, \u003Ca href=\u0022https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGPS Underground was amongst a collection of compromised vBulletin websites that were found being sold online\u003C/a\u003E. The breach dated back to mid-2016 and included 670k records with usernames, email and IP addresses, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GPSUnderground.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gravatar","Title":"Gravatar","Domain":"gravatar.com","BreachDate":"2020-10-03","AddedDate":"2021-12-05T22:45:58Z","ModifiedDate":"2021-12-08T01:47:02Z","PwnCount":113990759,"Description":"In October 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/online-avatar-service-gravatar-allows-mass-collection-of-user-info/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars \u003C/a\u003E. 167 million names, usernames and MD5 hashes of email addresses used to reference users\u0027 avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, \u003Ca href=\u0022https://en.gravatar.com/support/data-privacy\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGravatar release an FAQ detailing the incident\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gravatar.png","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GSMHosting","Title":"GSM Hosting","Domain":"gsmhosting.com","BreachDate":"2016-08-01","AddedDate":"2024-03-27T06:23:58Z","ModifiedDate":"2024-03-27T06:29:15Z","PwnCount":2607440,"Description":"In August 2016, \u003Ca href=\u0022https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreached data from the vBulletin forum for GSM-Hosting appeared for sale alongside dozens of other hacked services\u003C/a\u003E. The breach impacted 2.6M users of the service and included email and IP addresses, usernames and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GSMHosting.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GTAGaming","Title":"GTAGaming","Domain":"gtagaming.com","BreachDate":"2016-08-01","AddedDate":"2016-08-23T20:41:17Z","ModifiedDate":"2016-08-23T20:41:17Z","PwnCount":197184,"Description":"In August 2016, the Grand Theft Auto forum \u003Ca href=\u0022https://motherboard.vice.com/read/grand-theft-auto-fan-site-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGTAGaming was hacked and nearly 200k user accounts were leaked\u003C/a\u003E. The vBulletin based forum included usernames, email addresses and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GTAGaming.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GunAuction","Title":"GunAuction.com","Domain":"gunauction.com","BreachDate":"2022-12-03","AddedDate":"2023-03-02T19:43:51Z","ModifiedDate":"2023-03-05T03:13:20Z","PwnCount":565470,"Description":"In December 2022, the online firearms auction website \u003Ca href=\u0022https://techcrunch.com/2023/03/02/hackers-steal-gun-owners-data-from-firearm-auction-website/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGunAuction.com suffered a data breach which was later discovered left unprotected on the hacker\u0027s server\u003C/a\u003E. The data included over 565k user records with extensive personal data including email, IP and physical addresses, names, phone numbers, genders, years of birth, credit card type and passwords stored in plain text. The leaked identities could subsequently be matched to firearms listed for sale on the website.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GunAuction.png","DataClasses":["Browser user agent details","Email addresses","Genders","IP addresses","Partial credit card data","Partial dates of birth","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Playgar","Title":"Guns and Robots","Domain":"play-gar.com","BreachDate":"2016-04-01","AddedDate":"2018-02-14T22:32:25Z","ModifiedDate":"2018-02-14T22:32:25Z","PwnCount":143569,"Description":"In approximately April 2016, the gaming website \u003Ca href=\u0022https://www.play-gar.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGuns and Robots\u003C/a\u003E suffered a data breach resulting in the exposure of 143k unique records. The data contained email and IP addresses, usernames and SHA-1 password hashes. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Playgar.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GunsDotCom","Title":"Guns.com","Domain":"guns.com","BreachDate":"2021-01-12","AddedDate":"2022-01-13T05:14:53Z","ModifiedDate":"2022-01-13T06:32:48Z","PwnCount":375928,"Description":"In January 2021, the firearms website \u003Ca href=\u0022https://gizmodo.com/guns-com-gets-hacked-spilling-gun-owner-information-al-1846544734\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eguns.com suffered a data breach\u003C/a\u003E. The breach exposed 376k unique email addresses along with names, phone numbers, physical addresses, gun purchases, partial credit card data, dates of birth and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GunsDotCom.png","DataClasses":["Dates of birth","Email addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Guntrader","Title":"Guntrader","Domain":"guntrader.uk","BreachDate":"2021-07-17","AddedDate":"2021-07-21T20:24:24Z","ModifiedDate":"2021-07-21T20:24:24Z","PwnCount":112031,"Description":"In July 2021, the United Kingdom based website \u003Ca href=\u0022https://www.fieldsportschannel.tv/guntrader-co-uk-hacked-not-much-lost/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGuntrader suffered a data breach that exposed 112k unique email addresses\u003C/a\u003E. Extensive personal information was also exposed including names, phone numbers, geolocation data, IP addresses and various physical address attributes (cities for all users, complete addresses for some). Passwords stored as bcrypt hashes were also exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Guntrader.png","DataClasses":["Browser user agent details","Email addresses","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HackForums","Title":"hackforums.net","Domain":"hackforums.net","BreachDate":"2011-06-25","AddedDate":"2014-05-11T10:30:43Z","ModifiedDate":"2014-05-11T10:30:43Z","PwnCount":191540,"Description":"In June 2011, the hacktivist group known as \u0022LulzSec\u0022 leaked \u003Ca href=\u0022http://www.forbes.com/sites/andygreenberg/2011/06/25/lulzsec-says-goodbye-dumping-nato-att-gamer-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eone final large data breach they titled \u002250 days of lulz\u0022\u003C/a\u003E. The compromised data came from sources such as AT\u0026T, Battlefield Heroes and the \u003Ca href=\u0022http://hackforums.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackforums.net website\u003C/a\u003E. The leaked Hack Forums data included credentials and personal information of nearly 200,000 registered forum users.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HackForums.png","DataClasses":["Dates of birth","Email addresses","Instant messenger identities","IP addresses","Passwords","Social connections","Spoken languages","Time zones","User website URLs","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HackingTeam","Title":"Hacking Team","Domain":"hackingteam.com","BreachDate":"2015-07-06","AddedDate":"2015-07-12T23:52:27Z","ModifiedDate":"2015-07-12T23:52:27Z","PwnCount":32310,"Description":"In July 2015, the Italian security firm \u003Ca href=\u0022http://hackingteam.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHacking Team\u003C/a\u003E suffered a major data breach that resulted in over 400GB of their data being \u003Ca href=\u0022http://www.techtimes.com/articles/68204/20150711/hacking-team-hacked-400gb-data-dump-state-surveillance-exposes-dirty.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eposted online via a torrent\u003C/a\u003E. The data searchable on \u0026quot;Have I Been Pwned?\u0026quot; is from 189GB worth of PST mail folders in the dump. The contents of the PST files is \u003Ca href=\u0022https://wikileaks.org/hackingteam/emails\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esearchable on Wikileaks\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HackingTeam.png","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hathway","Title":"Hathway","Domain":"hathway.com","BreachDate":"2023-12-17","AddedDate":"2024-01-12T09:34:25Z","ModifiedDate":"2024-01-12T09:34:25Z","PwnCount":4670080,"Description":"In December 2023, \u003Ca href=\u0022https://restoreprivacy.com/hacker-allegedly-holds-data-of-41-million-hathway-customers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehundreds of gigabytes of data allegedly taken from Indian ISP and digital TV provider Hathway appeared on a popular hacking website\u003C/a\u003E. The incident exposed extensive personal information including 4.7M unique email addresses along with names, physical and IP addresses, phone numbers, password hashes and support ticket logs.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hathway.png","DataClasses":["Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations","Support tickets"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HauteLook","Title":"HauteLook","Domain":"hautelook.com","BreachDate":"2018-08-07","AddedDate":"2019-03-21T21:57:32Z","ModifiedDate":"2019-03-21T21:57:32Z","PwnCount":28510459,"Description":"In mid-2018, the fashion shopping site \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHauteLook was among a raft of sites that were breached and their data then sold in early-2019\u003C/a\u003E. The data included over 28 million unique email addresses alongside names, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HauteLook.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Havenly","Title":"Havenly","Domain":"havenly.com","BreachDate":"2020-06-25","AddedDate":"2020-08-01T01:53:40Z","ModifiedDate":"2020-08-01T01:53:40Z","PwnCount":1369180,"Description":"In June 2020, the interior design website \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHavenly suffered a data breach\u003C/a\u003E which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Havenly.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HDBFinancialServices","Title":"HDB Financial Services","Domain":"hdbfs.com","BreachDate":"2023-02-22","AddedDate":"2023-03-11T03:00:06Z","ModifiedDate":"2023-03-11T03:04:29Z","PwnCount":1658750,"Description":"In March 2023, the Indian non-bank lending unit \u003Ca href=\u0022https://economictimes.indiatimes.com/industry/banking/finance/banking/hdb-financial-services-flags-data-breach-at-service-provider/articleshow/98483482.cms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHDB Financial Services suffered a data breach that disclosed over 70M customer records\u003C/a\u003E. Containing 1.6M unique email addresses, the breach also disclosed names, dates of birth, phone numbers, genders, post codes and loan information belonging to the customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HDBFinancialServices.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Loan information","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HealthNowNetworks","Title":"Health Now Networks","Domain":"healthnow.co","BreachDate":"2017-03-25","AddedDate":"2017-04-07T18:37:15Z","ModifiedDate":"2017-04-07T18:37:15Z","PwnCount":321920,"Description":"In March 2017, the telemarketing service \u003Ca href=\u0022https://www.databreaches.net/leak-of-diabetic-patients-data-highlights-risks-of-giving-info-to-telemarketers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHealth Now Networks left a database containing hundreds of thousands of medical records exposed\u003C/a\u003E. There were over 900,000 records in total containing significant volumes of personal information including names, dates of birth, various medical conditions and operator notes on the individuals\u0027 health. The data included over 320k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HealthNowNetworks.png","DataClasses":["Dates of birth","Email addresses","Genders","Health insurance information","IP addresses","Names","Personal health data","Phone numbers","Physical addresses","Security questions and answers","Social connections"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hemmakvall","Title":"Hemmakv\u00E4ll","Domain":"hemmakvall.se","BreachDate":"2015-07-08","AddedDate":"2015-07-09T09:23:52Z","ModifiedDate":"2015-07-09T09:23:52Z","PwnCount":47297,"Description":"In July 2015, the Swedish video store chain \u003Ca href=\u0022http://www.hemmakvall.se/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHemmakv\u00E4ll\u003C/a\u003E \u003Ca href=\u0022http://www.dn.se/ekonomi/hemmakvall-hackat-50000-kunders-uppgifter-pa-vift/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E and nearly 50k records dumped publicly. The disclosed data included various attributes of their customers including email and physical addresses, names and phone numbers. Passwords were also leaked, stored with a weak MD5 hashing algorithm.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hemmakvall.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hemmelig","Title":"hemmelig.com","Domain":"hemmelig.com","BreachDate":"2011-12-21","AddedDate":"2014-03-25T07:23:52Z","ModifiedDate":"2014-03-25T07:23:52Z","PwnCount":28641,"Description":"In December 2011, Norway\u0027s largest online sex shop hemmelig.com was \u003Ca href=\u0022http://www.dazzlepod.com/hemmelig/?page=93\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by a collective calling themselves \u0026quot;Team Appunity\u0026quot;\u003C/a\u003E. The attack exposed over 28,000 usernames and email addresses along with nicknames, gender, year of birth and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hemmelig.png","DataClasses":["Email addresses","Genders","Nicknames","Partial dates of birth","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HeroesOfGaia","Title":"Heroes of Gaia","Domain":"heroesofgaia.com","BreachDate":"2013-01-04","AddedDate":"2016-11-07T08:11:03Z","ModifiedDate":"2016-11-07T08:11:03Z","PwnCount":179967,"Description":"In early 2013, the online fantasy multiplayer game \u003Ca href=\u0022http://hog.playsnail.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHeroes of Gaia\u003C/a\u003E suffered a data breach. The newest records in the data set indicate a breach date of 4 January 2013 and include usernames, IP and email addresses but no passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HeroesOfGaia.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HeroesOfNewerth","Title":"Heroes of Newerth","Domain":"heroesofnewerth.com","BreachDate":"2012-12-17","AddedDate":"2016-01-24T16:27:23Z","ModifiedDate":"2016-01-24T16:27:23Z","PwnCount":8089103,"Description":"In December 2012, the multiplayer online battle arena game known as \u003Ca href=\u0022http://www.heroesofnewerth.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHeroes of Newerth\u003C/a\u003E \u003Ca href=\u0022https://www.reddit.com/r/HeroesofNewerth/comments/14zj2p/i_am_the_guy_who_hacked_hon/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E was hacked\u003C/a\u003E and over 8 million accounts extracted from the system. The compromised data included usernames, email addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HeroesOfNewerth.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HIAPK","Title":"HiAPK","Domain":"hiapk.com","BreachDate":"2014-01-01","AddedDate":"2018-04-01T07:13:44Z","ModifiedDate":"2018-04-01T07:13:44Z","PwnCount":13873674,"Description":"In approximately 2014, it\u0027s alleged that the Chinese Android store known as \u003Ca href=\u0022http://hiapk.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHIAPK\u003C/a\u003E suffered a data breach that impacted 13.8 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided to HIBP by white hat security researcher and data analyst Adam Davies. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HIAPK.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hjedd","Title":"Hjedd","Domain":"hjedd.com","BreachDate":"2022-07-18","AddedDate":"2023-10-05T03:41:42Z","ModifiedDate":"2023-10-05T03:41:42Z","PwnCount":13204029,"Description":"In July 2022, the Chinese adult website \u003Ca href=\u0022https://www.bitdefender.com.au/blog/hotforsecurity/leaky-platform-at-chinese-adult-platform-exposed-sensitive-info-of-14-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHjedd was found to be leaking more than 13M customer records which subsequently appeared on a popular hacking forum\u003C/a\u003E. The exposed data included email and IP addresses, usernames and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hjedd.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HLTV","Title":"HLTV","Domain":"hltv.org","BreachDate":"2016-06-19","AddedDate":"2017-03-22T08:58:10Z","ModifiedDate":"2017-03-22T08:58:10Z","PwnCount":611070,"Description":"In June 2016, the \u0026quot;home of competitive Counter Strike\u0026quot; website \u003Ca href=\u0022http://www.hltv.org/news/18087-security-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHLTV was hacked\u003C/a\u003E and 611k accounts were exposed. The attack led to the exposure of names, usernames, email addresses and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HLTV.png","DataClasses":["Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HomeChef","Title":"Home Chef","Domain":"homechef.com","BreachDate":"2020-02-10","AddedDate":"2020-11-13T03:41:24Z","ModifiedDate":"2020-11-13T03:41:24Z","PwnCount":8815692,"Description":"In early 2020, the food delivery service \u003Ca href=\u0022https://techcrunch.com/2020/05/20/home-chef-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHome Chef suffered a data breach\u003C/a\u003E which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including names, IP addresses, post codes, the last 4 digits of credit card numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HomeChef.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Partial credit card data","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HongFire","Title":"HongFire","Domain":"hongfire.com","BreachDate":"2015-03-01","AddedDate":"2017-02-05T20:36:21Z","ModifiedDate":"2017-02-05T20:36:21Z","PwnCount":999991,"Description":"In March 2015, the anime and manga forum \u003Ca href=\u0022http://www.hongfire.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHongFire\u003C/a\u003E suffered a data breach. The hack of their vBulletin forum led to the exposure of 1 million accounts along with email and IP addresses, usernames, dates of birth and salted MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HongFire.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HookersNL","Title":"Hookers.nl","Domain":"hookers.nl","BreachDate":"2019-10-10","AddedDate":"2019-10-23T09:51:59Z","ModifiedDate":"2019-10-23T09:56:08Z","PwnCount":290955,"Description":"In October 2019, the Dutch prostitution forum \u003Ca href=\u0022https://www.forbes.com/sites/thomasbrewster/2019/10/10/dutch-prostitution-site-hookersnl-hacked--250000-users-data-leaked/#3e3f231522f8\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHookers.nl suffered a data breach\u003C/a\u003E which exposed the personal information of sex workers and their customers. The IP and email addresses, usernames and either bcrypt or salted MD5 password hashes of 291k members were accessed via an unpatched vulnerability in the vBulletin forum software.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HookersNL.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HorseIsle","Title":"Horse Isle","Domain":"horseisle.com","BreachDate":"2020-09-19","AddedDate":"2023-10-02T06:47:11Z","ModifiedDate":"2023-10-02T06:48:42Z","PwnCount":27786,"Description":"In June 2020 then again in September that same year, \u003Ca href=\u0022https://hi1.horseisle.com/web/news.php\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHorse Isle \u0026quot;The Secrent Land of Horses\u0026quot; suffered a data breach\u003C/a\u003E. The incident exposed 28k unique email addresses along with names, usernames, IP addresses, genders, purchases and plain text passwords. The system also stored and exposed failed password attempts for each user with the password retained in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HorseIsle.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HoundDawgs","Title":"HoundDawgs","Domain":"hounddawgs.org","BreachDate":"2017-12-30","AddedDate":"2018-01-03T12:48:10Z","ModifiedDate":"2018-01-03T12:48:10Z","PwnCount":45701,"Description":"In December 2017, the Danish torrent tracker known as \u003Ca href=\u0022https://torrentfreak.com/popular-danish-torrent-tracker-shuts-down-after-hack-180102/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHoundDawgs suffered a data breach\u003C/a\u003E. More than 55GB of data was dumped publicly and whilst \u003Ca href=\u0022https://www.flashback.org/p62770812\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethere was initially contention as to the severity of the incident\u003C/a\u003E, the data did indeed contain more than 45k unique email addresses complete extensive logs of torrenting activity, IP addresses and SHA1 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HoundDawgs.png","DataClasses":["Email addresses","IP addresses","Passwords","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Houzz","Title":"Houzz","Domain":"houzz.com","BreachDate":"2018-05-23","AddedDate":"2019-03-12T20:57:35Z","ModifiedDate":"2019-03-12T20:57:35Z","PwnCount":48881308,"Description":"In mid-2018, the housing design website \u003Ca href=\u0022https://help.houzz.com/s/article/security-update?language=en_US\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHouzz suffered a data breach\u003C/a\u003E. The company learned of the incident later that year then disclosed it to impacted members in February 2019. Almost 49 million unique email addresses were in the breach alongside names, IP addresses, geographic locations and either salted hashes of passwords or links to social media profiles used to authenticate to the service. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Houzz.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Passwords","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HTCMania","Title":"HTC Mania","Domain":"htcmania.com","BreachDate":"2020-01-04","AddedDate":"2020-04-06T04:16:53Z","ModifiedDate":"2020-04-06T04:25:18Z","PwnCount":1488089,"Description":"In January 2020, the Spanish mobile phone forum \u003Ca href=\u0022https://www.htcmania.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHTC Mania\u003C/a\u003E suffered a data breach of the vBulletin based site. The incident exposed 1.5M member email addresses, usernames, IP addresses, dates of birth and salted MD5 password hashes and password histories. Data from the breach was subsequently redistributed on popular hacking websites.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HTCMania.png","DataClasses":["Dates of birth","Email addresses","Historical passwords","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HTHStudios","Title":"HTH Studios","Domain":"hthstudios.com","BreachDate":"2018-08-24","AddedDate":"2018-11-20T21:22:09Z","ModifiedDate":"2020-08-07T03:20:56Z","PwnCount":411755,"Description":"In August 2018, the adult furry interactive game creator \u003Ca href=\u0022https://hthstudios.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHTH Studios\u003C/a\u003E suffered a data breach impacting multiple repositories of customer data. Several months later, the data surfaced on a popular hacking forum and included 411k unique email addresses along with physical and IP addresses, names, orders, salted SHA-1 and salted MD5 hashes. HTH Studios is aware of the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HTHStudios.png","DataClasses":["Browser user agent details","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hub4Tech","Title":"Hub4Tech","Domain":"hub4tech.com","BreachDate":"2017-01-01","AddedDate":"2018-12-09T22:40:51Z","ModifiedDate":"2018-12-09T22:43:38Z","PwnCount":36916,"Description":"On an unknown date in approximately 2017, the Indian training and assessment service known as \u003Ca href=\u0022https://www.forumcommunity.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHub4Tech\u003C/a\u003E suffered a data breach via a SQL injection attack. The incident exposed almost 37k unique email addresses and passwords stored as unsalted MD5 hashes. No response was received from Hub4Tech when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hub4Tech.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HuntStand","Title":"HuntStand","Domain":"huntstand.com","BreachDate":"2024-03-08","AddedDate":"2024-09-19T07:31:13Z","ModifiedDate":"2024-09-19T07:31:13Z","PwnCount":2795947,"Description":"In March 2024, \u003Ca href=\u0022https://dailydarkweb.net/alleged-database-leak-over-2-9-million-scrapped-huntstand-user-records-reportedly-compromised/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emillions of records scraped from the hunting and land management service HuntStand were publicly posted to a popular hacking forum\u003C/a\u003E. The data included 2.8M unique email addresses with many records also containing name, date of birth and country.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HuntStand.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hurb","Title":"Hurb","Domain":"hurb.com","BreachDate":"2019-03-14","AddedDate":"2020-07-27T21:46:20Z","ModifiedDate":"2020-07-27T21:46:20Z","PwnCount":20727771,"Description":"In approximately March 2019, the online Brazilian travel agency \u003Ca href=\u0022https://cybleinc.com/2020/07/24/around-43-million-user-records-belonging-to-two-online-platforms-leaked-on-darknet-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHurb (formerly Hotel Urbano) suffered a data breach\u003C/a\u003E. The data subsequently appeared online for download the following year and included over 20 million customer records with email and IP addresses, names, dates of birth, phone numbers and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hurb.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HuskyOwners","Title":"Husky Owners","Domain":"husky-owners.com","BreachDate":"2024-07-04","AddedDate":"2024-07-07T20:40:12Z","ModifiedDate":"2024-07-07T20:40:12Z","PwnCount":16502,"Description":"In July 2024, \u003Ca href=\u0022https://archive.is/lFPTL\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Husky Owners forum website was defaced\u003C/a\u003E and linked to a breach of user data containing 16k records. The exposed data included usernames, email addresses, dates of birth and time zones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HuskyOwners.png","DataClasses":["Dates of birth","Email addresses","Time zones","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iDTech","Title":"iD Tech","Domain":"idtech.com","BreachDate":"2023-01-03","AddedDate":"2023-03-06T02:31:18Z","ModifiedDate":"2023-03-06T02:31:18Z","PwnCount":415121,"Description":"In February 2023, the tech camps for kids service \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1629340450149498881\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EiD Tech had almost 1M records posted to a popular hacking forum\u003C/a\u003E. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iDTech.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IDCGames","Title":"IDC Games","Domain":"idcgames.com","BreachDate":"2021-03-15","AddedDate":"2021-11-17T06:41:24Z","ModifiedDate":"2021-11-17T06:55:42Z","PwnCount":3966871,"Description":"In March 2021, \u003Ca href=\u0022https://socradar.io/the-week-in-dark-web-19-march-2021-us-law-firms-on-target/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E4 million records sourced from IDC Games were shared on a public hacking forum\u003C/a\u003E. The data included usernames, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IDCGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iDressup","Title":"i-Dressup","Domain":"i-dressup.com","BreachDate":"2016-07-15","AddedDate":"2016-09-26T20:14:51Z","ModifiedDate":"2016-09-26T20:14:51Z","PwnCount":2191565,"Description":"In June 2016, the teen social site known as \u003Ca href=\u0022http://arstechnica.com/security/2016/09/social-hangout-site-for-teens-leaks-millions-of-plaintext-passwords/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ei-Dressup was hacked\u003C/a\u003E and over 2 million user accounts were exposed. At the time the hack was reported, the i-Dressup operators were not contactable and the underlying SQL injection flaw remained open, allegedly exposing a total of 5.5 million accounts. The breach included email addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iDressup.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IIMJobs","Title":"IIMJobs","Domain":"iimjobs.com","BreachDate":"2018-12-31","AddedDate":"2021-05-21T04:44:18Z","ModifiedDate":"2021-05-21T04:45:09Z","PwnCount":4216063,"Description":"In December 2018, the Indian job portal \u003Ca href=\u0022https://www.hackread.com/indian-job-portal-iimjobs-hacked-database-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EIIMJobs suffered a data breach that exposed 4.1 million unique email addresses\u003C/a\u003E. The data also included names, phone numbers, geographic locations, dates of birth, job titles, job applications and cover letters plus passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IIMJobs.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Job applications","Job titles","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ILikeCheats","Title":"ILikeCheats","Domain":"ilikecheats.net","BreachDate":"2014-10-18","AddedDate":"2018-04-22T08:18:28Z","ModifiedDate":"2018-04-22T08:27:56Z","PwnCount":188847,"Description":"In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts. The vBulletin based forum leaked usernames, IP and email addresses and weak MD5 hashes of passwords. The data was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ILikeCheats.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Imavex","Title":"Imavex","Domain":"imavex.com","BreachDate":"2021-08-20","AddedDate":"2021-08-26T05:48:29Z","ModifiedDate":"2021-08-26T05:48:29Z","PwnCount":878209,"Description":"In August 2021, the website development company \u003Ca href=\u0022https://www.imavex.com/breach-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EImavex suffered a data breach that exposed 878 thousand unique email addresses\u003C/a\u003E. The data included user records containing names, usernames and password material with some records also containing genders and partial credit card data, including the last 4 digits of the card and expiry date. Hundreds of thousands of form submissions and orders via Imavex customers were also exposed and contained further personal information of submitters and the contents of the form.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Imavex.png","DataClasses":["Email addresses","Genders","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iMenu360","Title":"iMenu360","Domain":"imenu360.com","BreachDate":"2022-08-11","AddedDate":"2023-08-17T20:55:07Z","ModifiedDate":"2023-08-17T20:55:07Z","PwnCount":3425860,"Description":"In approximately late 2022, 3.4M customer records from iMenu360 (\u0026quot;The world\u0027s #1 most trusted online ordering platform\u0026quot;) were exposed. The data appeared to be from ordering systems using the platform and contained email and physical addresses, latitudes and longitudes, names and phone numbers. Numerous attempts were made to contact iMenu360 about the incident between April and August 2023, but no response was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iMenu360.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iMesh","Title":"iMesh","Domain":"imesh.com","BreachDate":"2013-09-22","AddedDate":"2016-07-02T05:42:13Z","ModifiedDate":"2016-07-02T05:42:13Z","PwnCount":49467477,"Description":"In September 2013, the media and file sharing client known as \u003Ca href=\u0022http://www.ibtimes.co.uk/imesh-hack-more-51-million-user-records-former-filesharing-site-sale-dark-web-1565185\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EiMesh was hacked and approximately 50M accounts were exposed\u003C/a\u003E. The data was later put up for sale on a dark market website in mid-2016 and included email and IP addresses, usernames and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iMesh.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"imgur","Title":"imgur","Domain":"imgur.com","BreachDate":"2013-09-01","AddedDate":"2017-11-25T00:00:33Z","ModifiedDate":"2017-11-25T00:00:33Z","PwnCount":1749806,"Description":"In September 2013, the online image sharing community \u003Ca href=\u0022http://www.zdnet.com/article/imgur-reveals-hackers-stole-login-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eimgur suffered a data breach\u003C/a\u003E. A selection of the data containing 1.7 million email addresses and passwords surfaced more than 4 years later in November 2017. Although imgur stored passwords as SHA-256 hashes, the data in the breach contained plain text passwords suggesting that many of the original hashes had been cracked. imgur advises that they rolled over to bcrypt hashes in 2016.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/imgur.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IndiaMART","Title":"IndiaMART","Domain":"indiamart.com","BreachDate":"2021-05-23","AddedDate":"2021-08-27T05:33:29Z","ModifiedDate":"2021-08-27T05:33:29Z","PwnCount":20154583,"Description":"In August 2021, \u003Ca href=\u0022https://economictimes.indiatimes.com/industry/services/retail/data-breach-or-data-scraping-with-over-38-million-records-up-for-grabs-indiamart-has-some-answering-to-do/articleshow/85563628.cms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E38 million records from Indian e-commerce company IndiaMART were found being traded on a popular hacking forum\u003C/a\u003E. Dated several months earlier, the data included over 20 million unique email addresses alongside names, phone numbers and physical addresses. It\u0027s unclear whether IndiaMART intentionally exposed the data attributes as part of the intended design of the platform or whether the data was obtained by exploiting a vulnerability in the service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IndiaMART.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IndianRailways","Title":"Indian Railways","Domain":"indianrails.in","BreachDate":"2019-10-28","AddedDate":"2020-01-10T19:13:39Z","ModifiedDate":"2020-01-10T19:13:39Z","PwnCount":583377,"Description":"In November 2019, \u003Ca href=\u0022https://medium.com/dvuln/why-you-should-choo-choo-choose-to-have-a-vulnerability-disclosure-policy-2m-accounts-exposed-7cd7eaec4da5\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe website for Indian Rail left more than 2M records exposed on an unprotected Firebase database instance\u003C/a\u003E. The exposed data included 583k unique email addresses alongside usernames and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IndianRailways.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IndiHome","Title":"IndiHome","Domain":"indihome.co.id","BreachDate":"2019-11-01","AddedDate":"2023-11-27T07:02:10Z","ModifiedDate":"2023-11-27T21:36:59Z","PwnCount":12629245,"Description":"In mid-2021, \u003Ca href=\u0022https://en.antaranews.com/news/245609/communication-ministry-studying-report-of-indihome-data-leak\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereports emerged of a data breach of Indonesia\u0027s telecommunications company, IndiHome\u003C/a\u003E. Over 26M rows of data alleged to have been sourced from the company was posted to a popular hacking forum and contained 12.6M unique email addresses alongside names, IP addresses, genders and geographic locations. The most recent data was stamped as being recorded in November 2019.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IndiHome.png","DataClasses":["Device information","Email addresses","Genders","Geographic locations","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InflateVids","Title":"InflateVids","Domain":"tube.inflatevids.xyz","BreachDate":"2023-12-12","AddedDate":"2023-12-12T00:13:41Z","ModifiedDate":"2023-12-12T00:13:41Z","PwnCount":13405,"Description":"In December 2023, the inflatable and balloon fetish videos website \u003Ca href=\u0022https://twitter.com/InflateVids/status/1734114873317925294\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInflateVids suffered a data breach\u003C/a\u003E. The incident exposed over 13k unique email addresses alongside usernames, IP addresses, genders and SHA-1 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InflateVids.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Insanelyi","Title":"Insanelyi","Domain":"insanelyi.com","BreachDate":"2014-07-22","AddedDate":"2014-07-22T22:56:15Z","ModifiedDate":"2014-07-22T22:56:15Z","PwnCount":104097,"Description":"In July 2014, the iOS forum \u003Ca href=\u0022http://insanelyi.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInsanelyi\u003C/a\u003E was \u003Ca href=\u0022http://securityaffairs.co/wordpress/26835/hacking/hacked-bigboss-cydia.html?utm_content=bufferc7e16\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by an attacker known as Kim Jong-Cracks\u003C/a\u003E. A popular source of information for users of jailbroken iOS devices running Cydia, the Insanelyi breach disclosed over 104k users\u0027 emails addresses, user names and weakly hashed passwords (salted MD5).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Insanelyi.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InstantCheckmate","Title":"Instant Checkmate","Domain":"instantcheckmate.com","BreachDate":"2019-04-12","AddedDate":"2023-02-04T00:26:28Z","ModifiedDate":"2023-02-04T00:26:28Z","PwnCount":11943887,"Description":"In 2019, the public records search service \u003Ca href=\u0022https://www.instantcheckmate.com/security-incident-alert/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInstant Checkmate suffered a data breach that later came to light in early 2023\u003C/a\u003E. The data included almost 12M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InstantCheckmate.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InstitutoNacionalDeDeportesDeChile","Title":"Instituto Nacional de Deportes de Chile","Domain":"ind.cl","BreachDate":"2024-09-12","AddedDate":"2024-09-16T22:04:06Z","ModifiedDate":"2024-09-16T22:04:06Z","PwnCount":319613,"Description":"In September 2024, \u003Ca href=\u0022https://doingfedtime.com/1-7-million-users-affected-in-massive-data-breach-at-chiles-national-sports-institute/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Instituto Nacional de Deportes de Chile (Chile\u0027s National Sports Institute) suffered a data breach\u003C/a\u003E. The incident exposed 1.7M rows of data with 320k unique email addresses alongside names, dates of birth, genders and bcrypt password hashes. The newest records in the data date back to August 2022, suggesting the breach may be of an older data set.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InstitutoNacionalDeDeportesDeChile.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Intelimost","Title":"Intelimost","Domain":"intelimost.com","BreachDate":"2019-03-10","AddedDate":"2019-04-02T20:52:19Z","ModifiedDate":"2019-04-02T20:52:19Z","PwnCount":3073409,"Description":"In March 2019, \u003Ca href=\u0022https://techcrunch.com/2019/04/02/inside-a-spam-operation/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea spam operation known as \u0026quot;Intelimost\u0026quot; sent millions of emails appearing to come from people the recipients knew\u003C/a\u003E. Security researcher \u003Ca href=\u0022https://securitydiscovery.com/massive-spam-operation-uncovered-in-a-database-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBob Diachenko found over 3 million unique email addresses in an exposed Elasticsearch database\u003C/a\u003E, alongside plain text passwords used to access the victim\u0027s mailbox and customise the spam.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InternetArchive","Title":"Internet Archive","Domain":"archive.org","BreachDate":"2024-09-28","AddedDate":"2024-10-09T22:31:53Z","ModifiedDate":"2024-10-09T22:31:53Z","PwnCount":31081179,"Description":"In September 2024, the digital library of internet sites \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInternet Archive suffered a data breach that exposed 31M records\u003C/a\u003E. The breach exposed user records including email addresses, screen names and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InternetArchive.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Interpals","Title":"InterPals","Domain":"interpals.net","BreachDate":"2015-11-04","AddedDate":"2016-08-30T11:22:42Z","ModifiedDate":"2016-08-30T11:22:42Z","PwnCount":3439414,"Description":"In late 2015, the online penpal site InterPals had their website hacked and 3.4 million accounts exposed. The compromised data included email addresses, geographical locations, birthdates and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Interpals.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iPmart","Title":"iPmart","Domain":"ipmart-forum.com","BreachDate":"2015-07-01","AddedDate":"2016-02-23T10:13:22Z","ModifiedDate":"2016-02-23T10:13:22Z","PwnCount":2460787,"Description":"During 2015, the \u003Ca href=\u0022http://ipmart-forum.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EiPmart forum\u003C/a\u003E (now known as Mobi NUKE) was hacked and over 2 million forum members\u0027 details were exposed. The vBulletin forum included IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 368k accounts were added to \u0026quot;Have I Been Pwned\u0026quot; in March 2016 bringing the total to over 2.4M.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iPmart.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ixigo","Title":"ixigo","Domain":"ixigo.com","BreachDate":"2019-01-03","AddedDate":"2019-03-17T13:27:11Z","ModifiedDate":"2019-03-17T13:27:11Z","PwnCount":17204697,"Description":"In January 2019, the travel and hotel booking site \u003Ca href=\u0022https://techcrunch.com/2019/02/14/hacker-strikes-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eixigo suffered a data breach\u003C/a\u003E. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers, connections to Facebook profiles and passwords stored as MD5 hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ixigo.png","DataClasses":["Auth tokens","Device information","Email addresses","Genders","Names","Passwords","Phone numbers","Salutations","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JamTangan","Title":"Jam Tangan","Domain":"jamtangan.com","BreachDate":"2021-07-06","AddedDate":"2023-11-27T03:49:33Z","ModifiedDate":"2023-11-27T03:49:33Z","PwnCount":434784,"Description":"In July 2021, the online Indonesian watch store, Jam Tangan (AKA Machtwatch), suffered a data breach that exposed over 400k customer records which were subsequently posted to a popular hacking forum. The data included email and IP addresses, names, phone numbers, physical addresses and passwords stored as either unsalted MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JamTangan.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"James","Title":"James","Domain":"jamesdelivery.com.br","BreachDate":"2020-03-25","AddedDate":"2020-11-05T04:34:51Z","ModifiedDate":"2020-11-05T04:34:51Z","PwnCount":1541284,"Description":"In June 2020, \u003Ca href=\u0022https://www.binarydefense.com/threat_watch/seller-floods-forums-with-stolen-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E14 previously undisclosed data breaches appeared for sale\u003C/a\u003E including the Brazilian delivery service, \u0026quot;James\u0026quot;. The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations expressed in longitude and latitude and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/James.png","DataClasses":["Email addresses","Geographic locations","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JD","Title":"JD","Domain":"jd.com","BreachDate":"2013-01-01","AddedDate":"2021-06-02T07:06:02Z","ModifiedDate":"2021-06-02T07:06:02Z","PwnCount":77449341,"Description":"In 2013 (exact date unknown), the Chinese e-commerce service \u003Ca href=\u0022https://ecommercechinaagency.com/jd-ecommerce-giant-made-apology-user-data-leakage/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJD suffered a data breach\u003C/a\u003E that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JD.png","DataClasses":["Email addresses","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JDGroup","Title":"JD Group","Domain":"jdgroup.co.za","BreachDate":"2023-05-31","AddedDate":"2023-06-05T19:47:51Z","ModifiedDate":"2023-06-05T19:47:51Z","PwnCount":521878,"Description":"In May 2023, the South African retailer \u003Ca href=\u0022https://mybroadband.co.za/news/security/494239-half-a-million-customers-hit-by-incredible-hifi-corp-and-everyshop-data-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJD Group announced a data breach affecting a number of their online assets\u003C/a\u003E including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records including names, email and physical addresses, phone numbers and South African ID numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JDGroup.png","DataClasses":["Email addresses","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Jefit","Title":"Jefit","Domain":"jefit.com","BreachDate":"2020-08-11","AddedDate":"2021-04-27T23:29:31Z","ModifiedDate":"2021-04-27T23:29:31Z","PwnCount":9052457,"Description":"In August 2020, the workout tracking app \u003Ca href=\u0022https://www.jefit.com/jefit-news-product-updates/jefit-data-incident-public-announcement\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJefit suffered a data breach\u003C/a\u003E. The data was subsequently sold within the hacking community and included over 9 million email and IP addresses, usernames and passwords stored as either vBulletin or argon2 hashes. Several million cracked passwords later appeared in broad circulation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Jefit.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JobAndTalent","Title":"Jobandtalent","Domain":"jobandtalent.com","BreachDate":"2018-02-01","AddedDate":"2021-01-17T22:31:00Z","ModifiedDate":"2021-01-17T22:31:00Z","PwnCount":10981207,"Description":"In approximately February 2018, \u003Ca href=\u0022https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe employment website Jobandtalent suffered a data breach which then appeared for sale alongside other breaches a year later\u003C/a\u003E. The incident impacted 11 million subscribers and exposed their names, email and IP addresses and passwords stored as salted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JobAndTalent.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JobStreet","Title":"JobStreet","Domain":"jobstreet.com","BreachDate":"2012-03-07","AddedDate":"2017-10-30T01:12:14Z","ModifiedDate":"2017-10-30T01:12:14Z","PwnCount":3883455,"Description":"In October 2017, the Malaysian website \u003Ca href=\u0022https://www.lowyat.net/2017/145654/personal-data-millions-malaysians-sale-source-breach-still-unknown/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Elowyat.net ran a story on a massive set of breached data affecting millions of Malaysians\u003C/a\u003E after someone posted it for sale on their forums. The data spanned multiple separate breaches including \u003Ca href=\u0022https://www.jobstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe JobStreet jobs website\u003C/a\u003E which contained almost 4 million unique email addresses. The dates in the breach indicate the incident occurred in March 2012. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers including names, genders, birth dates, phone numbers, physical addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JobStreet.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Government issued IDs","Marital statuses","Names","Nationalities","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Jobzone","Title":"Jobzone","Domain":"jobzone.co.il","BreachDate":"2023-04-15","AddedDate":"2023-08-15T02:43:10Z","ModifiedDate":"2023-08-15T02:43:10Z","PwnCount":29708,"Description":"In April 2023, \u003Ca href=\u0022https://twitter.com/PalCyberNews/status/1647208008806461440\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the Israeli jobs website Jobzone was posted online\u003C/a\u003E. The data included 30k records of email addresses, names, social security numbers, genders, dates of birth, fathers\u0027 names and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Jobzone.png","DataClasses":["Dates of birth","Email addresses","Family members\u0027 names","Genders","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JoomlArt","Title":"JoomlArt","Domain":"joomlart.com","BreachDate":"2018-01-30","AddedDate":"2018-11-01T03:27:26Z","ModifiedDate":"2020-08-07T03:20:30Z","PwnCount":22477,"Description":"In January 2018, the Joomla template website \u003Ca href=\u0022https://www.joomlart.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJoomlArt\u003C/a\u003E inadvertently exposed more than 22k unique customer records in a Jira ticket. The exposed data was from iJoomla and JomSocial, both services that \u003Ca href=\u0022https://www.joomlart.com/blog/joomlart-acquires-ijoomla-and-jomsocial\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJoomlArt acquired the previous year\u003C/a\u003E. The data included usernames, email addresses, purchases and passwords stored as MD5 hashes. When contacted, JoomlArt advised they were aware of the incident and had previously notified impacted parties.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JoomlArt.png","DataClasses":["Email addresses","Names","Passwords","Payment histories","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JoyGames","Title":"JoyGames","Domain":"joygames.me","BreachDate":"2019-12-14","AddedDate":"2023-12-07T05:52:24Z","ModifiedDate":"2023-12-07T05:52:24Z","PwnCount":4461787,"Description":"In December 2019, the forum for the JoyGames website suffered a data breach that exposed 4.5M unique email addresses. The impacted data also included usernames, IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JoyGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JukinMedia","Title":"JukinMedia","Domain":"jukinmedia.com","BreachDate":"2021-10-28","AddedDate":"2022-07-17T04:50:13Z","ModifiedDate":"2022-07-17T04:55:21Z","PwnCount":314290,"Description":"In October 2021, the \u0026quot;global leader in user-generated entertainment\u0026quot; \u003Ca href=\u0022https://www.databreaches.net/jukin-media-hacked-and-data-dumped-while-company-claims-a-password-reset-is-required-due-to-a-security-upgrade/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJukin Media suffered a data breach\u003C/a\u003E. The breach exposed 13GB of code, configuration and data consisting of 314k unique email addresses along with names, phone numbers, IP addresses and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JukinMedia.png","DataClasses":["Email addresses","Employers","IP addresses","Names","Occupations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JustDate","Title":"Justdate.com","Domain":"justdate.com","BreachDate":"2016-09-29","AddedDate":"2017-02-07T01:28:41Z","ModifiedDate":"2017-02-07T01:28:41Z","PwnCount":24451312,"Description":"An alleged breach of the dating website \u003Ca href=\u0022http://www.justdate.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJustdate.com\u003C/a\u003E began circulating in approximately September 2016. Comprised of over 24 million records, the data contained various personal attributes such as email addresses, dates of birth and physical locations. However, upon verification with HIBP subscribers, only a fraction of the data was found to be accurate and no account owners recalled using the Justdate.com service. This breach has consequently been flagged as \u003Ca href=\u0022https://www.troyhunt.com/introducing-fabricated-data-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Efabricated\u003C/a\u003E; it\u0027s highly unlikely the data was sourced from Justdate.com.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JustDate.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names"],"IsVerified":false,"IsFabricated":true,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kaneva","Title":"Kaneva","Domain":"kaneva.com","BreachDate":"2016-07-01","AddedDate":"2023-12-09T07:00:29Z","ModifiedDate":"2023-12-09T07:00:29Z","PwnCount":3901179,"Description":"In July 2016, now defunct website Kaneva, the service to \u0026quot;build and explore virtual worlds\u0026quot;, suffered a data breach that exposed 3.9M user records. The data included email addresses, usernames, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kaneva.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KasperskyClub","Title":"Kaspersky Club","Domain":"kasperskyclub.ru","BreachDate":"2024-03-24","AddedDate":"2024-04-09T06:22:14Z","ModifiedDate":"2024-04-09T06:22:14Z","PwnCount":55971,"Description":"In March 2024, the independent fan forum \u003Ca href=\u0022https://www.hackread.com/57000-kaspersky-fan-club-forum-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKaspersky Club suffered a data breach\u003C/a\u003E. The incident exposed 56k unique email addresses alongside usernames, IP addresses and passwords stored as either MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KasperskyClub.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KayoMoe","Title":"Kayo.moe Credential Stuffing List","Domain":"","BreachDate":"2018-09-11","AddedDate":"2018-09-13T09:37:49Z","ModifiedDate":"2018-09-13T20:12:18Z","PwnCount":41826763,"Description":"In September 2018, a collection of almost 42 million email address and plain text password pairs was uploaded to the anonymous file sharing service \u003Ca href=\u0022https://kayo.moe/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ekayo.moe\u003C/a\u003E. The operator of the service contacted HIBP to report the data which, upon further investigation, turned out to be a large credential stuffing list. For more information, read about \u003Ca href=\u0022https://www.troyhunt.com/the-42m-record-kayo-moe-credential-stuffing-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe 42M Record kayo.moe Credential Stuffing Data\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kickstarter","Title":"Kickstarter","Domain":"kickstarter.com","BreachDate":"2014-02-16","AddedDate":"2017-10-06T07:29:07Z","ModifiedDate":"2017-10-06T07:29:07Z","PwnCount":5176463,"Description":"In February 2014, the crowdfunding platform \u003Ca href=\u0022https://www.kickstarter.com/blog/important-kickstarter-security-notice\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKickstarter announced they\u0027d suffered a data breach\u003C/a\u003E. The breach contained almost 5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kickstarter.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kimsufi","Title":"Kimsufi","Domain":"kimsufi.com","BreachDate":"2015-05-01","AddedDate":"2016-12-27T07:05:43Z","ModifiedDate":"2016-12-27T07:05:43Z","PwnCount":504565,"Description":"In mid-2015, the forum for the providers of affordable dedicated servers known as \u003Ca href=\u0022https://www.kimsufi.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKimsufi\u003C/a\u003E suffered a data breach. The vBulletin forum contained over half a million accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kimsufi.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KitchenPal","Title":"KitchenPal","Domain":"kitchenpalapp.com","BreachDate":"2023-11-14","AddedDate":"2023-11-24T20:42:36Z","ModifiedDate":"2023-11-24T20:42:36Z","PwnCount":98726,"Description":"In November 2023, the kitchen management application \u003Ca href=\u0022https://restoreprivacy.com/hackers-claim-attack-on-general-electric-leak-data-samples/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKitchenPal suffered a data breach that exposed 146k lines of data\u003C/a\u003E. When contacted about the incident, KitchenPal advised the corpus of data came from a staging environment, although acknowledged it contained a small number of users for debugging purposes and included passwords that could not be used. Impacted data included almost 100k email addresses, names, geolocations and incomplete data on dates of birth, genders, height and weight, social media profile identifiers and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KitchenPal.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Physical attributes","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KiwiFarms","Title":"KiwiFarms","Domain":"kiwifarms.net","BreachDate":"2019-09-10","AddedDate":"2019-09-17T09:48:25Z","ModifiedDate":"2019-09-17T09:54:23Z","PwnCount":4606,"Description":"In September 2019, the forum for discussing \u0026quot;lolcows\u0026quot; (people who can be milked for laughs) \u003Ca href=\u0022https://kiwifarms.net/threads/dealing-with-the-compromise.60767/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKiwi Farms suffered a data breach\u003C/a\u003E. The disclosure notice advised that email and IP addresses, dates of birth and content created by members were all exposed in the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KiwiFarms.png","DataClasses":["Avatars","Dates of birth","Email addresses","IP addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KMRU","Title":"KM.RU","Domain":"km.ru","BreachDate":"2016-02-29","AddedDate":"2016-03-03T06:12:04Z","ModifiedDate":"2016-03-03T06:12:04Z","PwnCount":1476783,"Description":"In February 2016, the Russian portal and email service \u003Ca href=\u0022http://km.ru\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKM.RU\u003C/a\u003E was the target of an attack which was consequently \u003Ca href=\u0022https://www.reddit.com/r/pwned/comments/47u1bf/operation_wrath_of_anakin_evolved\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edetailed on Reddit\u003C/a\u003E. Allegedly protesting \u0026quot;the foreign policy of Russia in regards to Ukraine\u0026quot;, KM.RU was one of several Russian sites in the breach and impacted almost 1.5M accounts including sensitive personal information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KMRU.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Recovery email addresses","Security questions and answers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KnownCircle","Title":"KnownCircle","Domain":"knowncircle.com","BreachDate":"2016-04-12","AddedDate":"2018-11-17T02:33:54Z","ModifiedDate":"2018-11-17T02:38:15Z","PwnCount":1957600,"Description":"In approximately April 2016, the \u0026quot;marketing automation for agents and professional service providers\u0026quot; company \u003Ca href=\u0022https://web.archive.org/web/20171020171534/https://knowncircle.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKnownCircle\u003C/a\u003E had a large volume of data obtained by an external party. The data belonging to the now defunct service appeared in JSON format and contained gigabytes of data related to the real estate and insurance sectors. The personal data in the breach appears to have primarily been used for marketing purposes, including logs of emails sent and tracking of gift cards. A small number of passwords for KnownCircle staff were also present and were stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KnownCircle.png","DataClasses":["Email addresses","Email messages","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Knuddels","Title":"Knuddels","Domain":"knuddels.de","BreachDate":"2018-09-05","AddedDate":"2019-04-08T21:11:56Z","ModifiedDate":"2019-04-08T21:11:56Z","PwnCount":808330,"Description":"In September 2018, the German social media website \u003Ca href=\u0022https://forum.knuddels.de/ubbthreads.php?ubb=showflat\u0026Number=2916081\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKnuddels suffered a data breach\u003C/a\u003E. The incident exposed 808k unique email addresses alongside usernames, real names, the city of the person and their password in plain text. Knuddels was \u003Ca href=\u0022https://blog.avira.com/german-flirting-network-gets-fined-20000e-for-leaking-user-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esubsequently fined \u20AC20k for the breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Knuddels.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KomplettFritid","Title":"KomplettFritid","Domain":"komplettfritid.no","BreachDate":"2021-02-01","AddedDate":"2023-01-23T22:24:47Z","ModifiedDate":"2023-01-23T22:24:47Z","PwnCount":139401,"Description":"In January 2023, \u003Ca href=\u0022https://www.digi.no/artikler/selger-datalekkasje-med-140-000-berorte-kunder-fra-lars-monsens-nettbutikk/525070\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe online Norwegian store KomplettFritid was reported as having had a data breach dating back to February 2021\u003C/a\u003E. The incident exposed 140k customer records including physical, email and IP addresses, names, phone numbers and passwords. Most passwords were stored as bcrypt hashes with a small number appearing in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KomplettFritid.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kreditplus","Title":"Kreditplus","Domain":"kreditplus.com","BreachDate":"2020-06-23","AddedDate":"2020-08-03T03:52:51Z","ModifiedDate":"2020-08-07T03:47:45Z","PwnCount":768890,"Description":"In June 2020, the Indonesian credit service \u003Ca href=\u0022https://nakedsecurity.sophos.com/2020/07/02/133m-records-for-sale-as-fruits-of-data-breach-spree-keep-raining-down/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKreditplus suffered a data breach\u003C/a\u003E which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup, information on spouses, income and expenses, religions and employment information. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kreditplus.png","DataClasses":["Dates of birth","Email addresses","Employers","Family structure","Genders","Income levels","Living costs","Marital statuses","Mothers maiden names","Names","Phone numbers","Physical addresses","Places of birth","Religions","Spouses names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LaPosteMobile","Title":"La Poste Mobile","Domain":"lapostemobile.fr","BreachDate":"2022-07-04","AddedDate":"2022-07-14T00:29:21Z","ModifiedDate":"2022-07-14T00:57:52Z","PwnCount":533886,"Description":"In July 2022, the French telecommunications company \u003Ca href=\u0022https://securityaffairs.co/wordpress/133080/cyber-crime/la-poste-mobile-ransomware.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELa Poste Mobile was the target of an attack by the LockBit ransomware\u003C/a\u003E which resulted in company data being published publicly. The impacted data included 533k unique email addresses along with names, physical addresses, phone numbers, dates of births, genders and banking information. 10 days after the attack, the La Poste Mobile website remained offline.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LaPosteMobile.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lanwar","Title":"Lanwar","Domain":"lanwar.com","BreachDate":"2018-07-28","AddedDate":"2018-08-08T02:57:06Z","ModifiedDate":"2018-08-08T02:57:06Z","PwnCount":45120,"Description":"In July 2018, staff of \u003Ca href=\u0022https://lanwar.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Lanwar gaming site\u003C/a\u003E discovered a data breach they believe dates back to sometime over the previous several months. The data contained 45k names, email addresses, usernames and plain text passwords. A Lanwar staff member self-submitted the breach to HIBP and has also contacted the relevant authorities about the incident after identifying a phishing attempt to extort Bitcoin from a user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lanwar.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lastfm","Title":"Last.fm","Domain":"last.fm","BreachDate":"2012-03-22","AddedDate":"2016-09-20T20:00:49Z","ModifiedDate":"2016-09-20T20:00:49Z","PwnCount":37217682,"Description":"In March 2012, the music website \u003Ca href=\u0022https://techcrunch.com/2016/09/01/43-million-passwords-hacked-in-last-fm-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELast.fm was hacked\u003C/a\u003E and 43 million user accounts were exposed. Whilst \u003Ca href=\u0022http://www.last.fm/passwordsecurity\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELast.fm knew of an incident back in 2012\u003C/a\u003E, the scale of the hack was not known until the data was released publicly in September 2016. The breach included 37 million unique email addresses, usernames and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lastfm.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lazada","Title":"Lazada RedMart","Domain":"redmart.lazada.sg","BreachDate":"2020-07-30","AddedDate":"2020-11-10T00:58:49Z","ModifiedDate":"2020-11-10T01:01:56Z","PwnCount":1107789,"Description":"In October 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/over-1m-lazada-redmart-accounts-sold-online-after-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of Lazada RedMart data breach\u003C/a\u003E containing records as recent as July 2020 and being sold via an online marketplace. In all, the data contained 1.1 million customer email addresses alongside names, phone numbers, physical addresses, partial credit card numbers and passwords stored as SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lazada.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LBB","Title":"LBB","Domain":"lbb.in","BreachDate":"2019-02-14","AddedDate":"2023-03-05T07:35:48Z","ModifiedDate":"2023-03-05T07:35:48Z","PwnCount":39288,"Description":"In August 2022, customer data of \u003Ca href=\u0022https://lbb.in/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Indian shopping site \u0026quot;LBB\u0026quot; (Little Black Book)\u003C/a\u003E was posted to a popular hacking forum. The data contained over 3M records with 39k unique email addresses alongside IP and physical addresses, names and device information with the most recent data dating back to early 2019. LBB advised they believe the data was exposed by a third party service and whilst it contained information they retain on their customers, it had also been enriched with additional data attributes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LBB.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LDLC","Title":"LDLC","Domain":"ldlc.com","BreachDate":"2024-02-28","AddedDate":"2024-08-13T21:05:38Z","ModifiedDate":"2024-08-13T21:23:54Z","PwnCount":1266026,"Description":"In March 2024, \u003Ca href=\u0022https://www.groupe-ldlc.com/information-relative-a-un-incident-de-cybersecurite-2/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFrench retailer LDLC disclosed a data breach that impacted customers of their physical stores\u003C/a\u003E. The data was \u003Ca href=\u0022https://x.com/H4ckManac/status/1763100569810420017\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epreviously listed for sale on a popular hacking forum\u003C/a\u003E and contained 1.26M unique email addresses along with names, phone numbers and physical addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LDLC.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeSlipFrancais","Title":"Le Slip Fran\u00E7ais","Domain":"leslipfrancais.fr","BreachDate":"2024-04-13","AddedDate":"2024-04-18T07:44:32Z","ModifiedDate":"2024-04-18T07:44:32Z","PwnCount":1495127,"Description":"In April 2024, the French underwear maker \u003Ca href=\u0022https://twitter.com/troyhunt/status/1780856574787064075\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELe Slip Fran\u00E7ais suffered a data breach\u003C/a\u003E. The breach included 1.5M email addresses, physical addresses, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LeSlipFrancais.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeadHunter","Title":"Lead Hunter","Domain":"","BreachDate":"2020-03-04","AddedDate":"2020-06-03T10:55:31Z","ModifiedDate":"2020-06-03T10:55:31Z","PwnCount":68693853,"Description":"In March 2020, \u003Ca href=\u0022https://www.troyhunt.com/the-unattributable-lead-hunter-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive trove of personal information referred to as \u0026quot;Lead Hunter\u0026quot;\u003C/a\u003E was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. The data contained 69 million unique email addresses across 110 million rows of data accompanied by additional personal information including names, phone numbers, genders and physical addresses. At the time of publishing, the breach could not be attributed to those responsible for obtaining and exposing it. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeagueOfLegends","Title":"League of Legends","Domain":"leagueoflegends.com","BreachDate":"2012-06-11","AddedDate":"2018-07-28T21:52:12Z","ModifiedDate":"2018-07-28T21:52:12Z","PwnCount":339487,"Description":"In June 2012, the multiplayer online game \u003Ca href=\u0022https://www.cio.com/article/2395205/security0/european-league-of-legends-game-players-have-their-account-data-compromised.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELeague of Legends suffered a data breach\u003C/a\u003E. At the time, the service had more than 32 million registered accounts and the breach affected various personal data attributes including \u0026quot;encrypted\u0026quot; passwords. In 2018, a 339k record subset of the data emerged with email addresses, usernames and plain text passwords, likely cracked from the original cryptographically protected ones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LeagueOfLegends.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeakedReality","Title":"Leaked Reality","Domain":"leakedreality.com","BreachDate":"2022-01-31","AddedDate":"2023-03-31T01:38:59Z","ModifiedDate":"2023-03-31T01:38:59Z","PwnCount":114907,"Description":"In January 2022, \u003Ca href=\u0022https://twitter.com/LeakedReality/status/1531953947216338945\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe now defunct uncensored video website Leaked Reality\u003C/a\u003E suffered a data breach that exposed 115k unique email addresses. The data also included usernames, IP addresses and passwords stored as either MD5 or phpass hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LeakedReality.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ledger","Title":"Ledger","Domain":"ledger.com","BreachDate":"2020-06-25","AddedDate":"2020-12-20T21:14:56Z","ModifiedDate":"2020-12-20T21:14:56Z","PwnCount":1075241,"Description":"In June 2020, the hardware crypto wallet manufacturer \u003Ca href=\u0022https://www.ledger.com/addressing-the-july-2020-e-commerce-and-marketing-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELedger suffered a data breach that exposed over 1 million email addresses\u003C/a\u003E. The data was initially sold before being dumped publicly in December 2020 and included names, physical addresses and phone numbers. The data was provided to HIBP by \u003Ca href=\u0022https://twitter.com/UnderTheBreach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAlon Gal, CTO of cybercrime intelligence firm Hudson Rock\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ledger.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Leet","Title":"Leet","Domain":"leet.cc","BreachDate":"2016-09-10","AddedDate":"2016-09-30T22:00:48Z","ModifiedDate":"2016-09-30T22:00:48Z","PwnCount":5081689,"Description":"In August 2016, the service for creating and running Pocket Minecraft edition servers known as \u003Ca href=\u0022http://news.softpedia.com/news/data-for-6-million-minecraft-gamers-stolen-from-leet-cc-servers-507445.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELeet was reported as having suffered a data breach that impacted 6 million subscribers\u003C/a\u003E. The incident reported by Softpedia had allegedly taken place earlier in the year, although the data set sent to HIBP was dated as recently as early September but contained only 2 million subscribers. The data included usernames, email and IP addresses and SHA512 hashes. A further 3 million accounts were obtained and added to HIBP several days after the initial data was loaded bringing the total to over 5 million.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Leet.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LegendasTV","Title":"Legendas.TV","Domain":"legendas.tv","BreachDate":"2017-10-01","AddedDate":"2024-01-04T17:10:04Z","ModifiedDate":"2024-01-04T17:10:04Z","PwnCount":3869181,"Description":"In October 2017, the now defunct Brazilian service for retrieving subtitles in Portuguese \u003Ca href=\u0022https://www.hackread.com/dark-web-hacker-selling-accounts-on-dream-market/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELegendas.TV suffered a data breach that exposed nearly 4M customer records\u003C/a\u003E. The impacted data included names, usernames, email and IP addresses and unsalted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LegendasTV.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Life360","Title":"Life360","Domain":"life360.com","BreachDate":"2024-03-01","AddedDate":"2024-07-20T21:40:31Z","ModifiedDate":"2024-07-22T20:46:04Z","PwnCount":442519,"Description":"In July 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata scraped from a misconfigured Life360 API was posted online after being obtained several months earlier\u003C/a\u003E. The records included 443k unique email addresses and in most cases, corresponding names and phone numbers (some records were null or obfuscated). Life360 promptly notified impacted users after the incident was discovered.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Life360.png","DataClasses":["Email addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lifebear","Title":"Lifebear","Domain":"lifebear.com","BreachDate":"2019-02-28","AddedDate":"2020-05-25T04:02:18Z","ModifiedDate":"2020-05-25T04:02:18Z","PwnCount":3670561,"Description":"In early 2019, the Japanese schedule app \u003Ca href=\u0022https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELifebear appeared for sale on a dark web marketplace amongst a raft of other hacked websites\u003C/a\u003E. The breach exposed almost 3.7M unique email addresses, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lifebear.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lifeboat","Title":"Lifeboat","Domain":"lbsg.net","BreachDate":"2016-01-01","AddedDate":"2016-04-25T21:51:50Z","ModifiedDate":"2016-04-25T21:51:50Z","PwnCount":7089395,"Description":"In January 2016, the Minecraft community known as Lifeboat \u003Ca href=\u0022https://motherboard.vice.com/read/another-day-another-hack-7-million-emails-and-hashed-passwords-for-minecraft\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and more than 7 million accounts leaked\u003C/a\u003E. Lifeboat knew of the incident for three months before the breach was made public but elected not to advise customers. The leaked data included usernames, email addresses and passwords stored as straight MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lifeboat.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LightsHope","Title":"Light\u0027s Hope","Domain":"lightshope.org","BreachDate":"2018-06-25","AddedDate":"2018-07-04T13:32:01Z","ModifiedDate":"2018-07-04T13:32:01Z","PwnCount":30484,"Description":"In June 2018, the World of Warcraft service \u003Ca href=\u0022https://lightshope.org/news/forum-breach-summary-of-investigation-and-final-report\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELight\u0027s Hope suffered a data breach\u003C/a\u003E which they subsequently self-submitted to HIBP. Over 30K unique users were impacted and their exposed data included email addresses, dates of birth, private messages and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LightsHope.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Liker","Title":"Liker","Domain":"liker.com","BreachDate":"2021-03-08","AddedDate":"2021-03-13T04:15:16Z","ModifiedDate":"2021-03-24T01:57:46Z","PwnCount":465141,"Description":"In March 2021, the self-proclaimed \u0026quot;kinder, smarter social network\u0026quot; \u003Ca href=\u0022https://liker.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELiker\u003C/a\u003E suffered a data breach, allegedly in retaliation for the Gab data breach and scraping of data from Parler. The site remained offline after the breach which exposed 465k email addresses in addition to names, dates of birth, education levels, private messages, security questions and answers in plain text, passwords stored as bcrypt hashes and other personal data attributes. Liker did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Liker.png","DataClasses":["Auth tokens","Dates of birth","Education levels","Email addresses","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Private messages","Security questions and answers","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LimeVPN","Title":"LimeVPN","Domain":"limevpn.com","BreachDate":"2020-10-08","AddedDate":"2023-02-06T21:42:01Z","ModifiedDate":"2023-02-06T21:42:01Z","PwnCount":23348,"Description":"In October 2020, the VPN provider \u003Ca href=\u0022https://threatpost.com/hacked-data-limevpn-dark-web/167492/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELimeVPN suffered a data breach that exposed the personal information of tens of thousands of customers\u003C/a\u003E. The data included email, IP and physical addresses, names, phone numbers, purchase histories and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LimeVPN.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinkedIn","Title":"LinkedIn","Domain":"linkedin.com","BreachDate":"2012-05-05","AddedDate":"2016-05-21T21:35:40Z","ModifiedDate":"2016-05-21T21:35:40Z","PwnCount":164611595,"Description":"In May 2016, \u003Ca href=\u0022https://www.troyhunt.com/observations-and-thoughts-on-the-linkedin-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELinkedIn had 164 million email addresses and passwords exposed\u003C/a\u003E. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinkedIn.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinkedInScrape2023","Title":"LinkedIn Scraped and Faked Data (2023)","Domain":"linkedin.com","BreachDate":"2023-11-04","AddedDate":"2023-11-07T07:12:02Z","ModifiedDate":"2024-06-04T19:46:37Z","PwnCount":19788753,"Description":"In November 2023, \u003Ca href=\u0022https://troyhunt.com/hackers-scrapers-fakers-whats-really-inside-the-latest-linkedin-dataset\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea post to a popular hacking forum alleged that millions of LinkedIn records had been scraped and leaked\u003C/a\u003E. On investigation, the data turned out to be a combination of legitimate data scraped from LinkedIn and email addresses constructed from impacted individuals\u0027 names.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinkedIn.png","DataClasses":["Email addresses","Genders","Geographic locations","Job titles","Names","Professional skills","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinkedInScrape","Title":"LinkedIn Scraped Data (2021)","Domain":"linkedin.com","BreachDate":"2021-04-08","AddedDate":"2021-10-02T21:39:21Z","ModifiedDate":"2023-11-07T06:51:33Z","PwnCount":125698496,"Description":"During the first half of 2021, \u003Ca href=\u0022https://www.businessinsider.com.au/linkedin-data-scraped-500-million-users-for-sale-online-2021-4\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELinkedIn was targeted by attackers who scraped data from hundreds of millions of public profiles and later sold them online\u003C/a\u003E. Whilst the scraping did not constitute a data breach nor did it access any personal data not intended to be publicly accessible, the data was still monetised and later broadly circulated in hacking circles. The scraped data contains approximately 400M records with 125M unique email addresses, as well as names, geographic locations, genders and job titles. LinkedIn specifically addresses the incident in their post on \u003Ca href=\u0022https://news.linkedin.com/2021/june/an-update-from-linkedin\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAn update on report of scraped data\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinkedIn.png","DataClasses":["Education levels","Email addresses","Genders","Geographic locations","Job titles","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinuxForums","Title":"Linux Forums","Domain":"linuxforums.org","BreachDate":"2018-05-01","AddedDate":"2018-06-07T12:55:25Z","ModifiedDate":"2024-09-04T23:38:20Z","PwnCount":275785,"Description":"In May 2018, \u003Ca href=\u0022https://web.archive.org/web/20180502093437/http://www.linuxforums.org/forum\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Linux Forums website\u003C/a\u003E suffered a data breach which resulted in the disclosure of 276k unique email addresses. Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes. Linux Forums did not respond to multiple attempts to contact them about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinuxForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinuxMint","Title":"Linux Mint","Domain":"linuxmint.com","BreachDate":"2016-02-21","AddedDate":"2016-02-22T01:28:08Z","ModifiedDate":"2016-02-22T01:28:08Z","PwnCount":144989,"Description":"In February 2016, the website for the Linux distro known as Linux Mint \u003Ca href=\u0022http://thehackernews.com/2016/02/linux-mint-hack.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and the ISO infected with a backdoor\u003C/a\u003E. The site also ran a phpBB forum which was subsequently put up for sale complete with almost 145k email addresses, passwords and other personal subscriber information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinuxMint.png","DataClasses":["Avatars","Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Time zones","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LittleMonsters","Title":"Little Monsters","Domain":"littlemonsters.com","BreachDate":"2017-01-01","AddedDate":"2017-03-07T20:39:08Z","ModifiedDate":"2017-03-07T20:39:08Z","PwnCount":995698,"Description":"In approximately January 2017, \u003Ca href=\u0022https://www.heise.de/security/meldung/Little-Monsters-Nutzerdaten-aus-Lady-Gagas-Social-Network-sollen-geleakt-sein-3646447.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Lady Gaga fan site known as \u0026quot;Little Monsters\u0026quot; suffered a data breach that impacted 1 million accounts\u003C/a\u003E. The data contained usernames, email addresses, dates of birth and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LittleMonsters.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LiveAuctioneers","Title":"LiveAuctioneers","Domain":"liveauctioneers.com","BreachDate":"2020-06-19","AddedDate":"2020-08-22T04:38:40Z","ModifiedDate":"2020-08-22T04:54:52Z","PwnCount":3385862,"Description":"In June 2020, the online antiques marketplace \u003Ca href=\u0022https://portswigger.net/daily-swig/liveauctioneers-data-breach-millions-of-cracked-passwords-for-sale-say-researchers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELiveAuctioneers suffered a data breach\u003C/a\u003E which was subsequently sold online then extensively redistributed in the hacking community. The data contained 3.4 million records including names, email and IP addresses, physical addresses, phones numbers and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LiveAuctioneers.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LiveJournal","Title":"LiveJournal","Domain":"livejournal.com","BreachDate":"2017-01-01","AddedDate":"2020-05-26T22:05:10Z","ModifiedDate":"2020-05-26T23:08:58Z","PwnCount":26372781,"Description":"In mid-2019, \u003Ca href=\u0022https://news.ycombinator.com/item?id=20426997\u0026fbclid=IwAR22KoBod2B44XzYbPziwh1RoT_M8ll3Uf8Ods7TpF8mPdSGo3PKYQEx9_k\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of an alleged LiveJournal data breach\u003C/a\u003E. This followed \u003Ca href=\u0022https://twitter.com/rahaeli/status/1265316773508927488\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emultiple reports of credential abuse against Dreamwidth beginning in 2018\u003C/a\u003E, a fork of LiveJournal with a significant crossover in user base. The breach allegedly dates back to 2017 and contains 26M unique usernames and email addresses (both of which have been confirmed to exist on LiveJournal) alongside plain text passwords. An archive of the data was subsequently shared on a popular hacking forum in May 2020 and redistributed broadly. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LiveJournal.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Livpure","Title":"Livpure","Domain":"livpure.com","BreachDate":"2020-08-29","AddedDate":"2021-05-22T01:46:59Z","ModifiedDate":"2021-05-23T00:18:00Z","PwnCount":269552,"Description":"In August 2020, the Indian retailer \u003Ca href=\u0022https://cloudsek.com/threatintelligence/over-a-million-pii-of-livpure-customers-leak-on-cybercrime-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELivpure suffered a data breach\u003C/a\u003E which exposed over 1 million customer purchases with 270 thousand unique email addresses. The data also included names, phone numbers, physical addresses and details of purchased items. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Livpure.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LizardSquad","Title":"Lizard Squad","Domain":"lizardstresser.su","BreachDate":"2015-01-16","AddedDate":"2015-01-18T01:24:24Z","ModifiedDate":"2015-01-18T01:24:24Z","PwnCount":13451,"Description":"In January 2015, the hacker collective known as \u0026quot;Lizard Squad\u0026quot; created a DDoS service by the name of \u0026quot;Lizard Stresser\u0026quot; which could be procured to mount attacks against online targets. Shortly thereafter, the service \u003Ca href=\u0022https://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/\u0022\u003Esuffered a data breach\u003C/a\u003E which resulted in the public disclosure of over 13k user accounts including passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LizardSquad.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Locally","Title":"Locally","Domain":"locally.com","BreachDate":"2022-10-01","AddedDate":"2023-07-10T11:09:43Z","ModifiedDate":"2023-07-10T11:12:48Z","PwnCount":362619,"Description":"In October 2022, \u0026quot;The Industry\u0027s Leading Online-to-Offline Shopping Solution\u0026quot; \u003Ca href=\u0022https://twitter.com/troyhunt/status/1677855117960441858\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELocally suffered a data breach\u003C/a\u003E. Whilst Locally acknowledged the breach privately, it\u0027s unknown whether impacted customers were subsequently notified of the incident which exposed over 362k names, phone numbers, email and physical addresses, purchases, credit card type and last four digits and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Locally.png","DataClasses":["Email addresses","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lolzteam","Title":"Lolzteam","Domain":"lolzteam.net","BreachDate":"2018-05-13","AddedDate":"2022-11-06T02:58:23Z","ModifiedDate":"2022-11-06T02:58:23Z","PwnCount":398011,"Description":"In May 2018, the Russian hacking forum \u003Ca href=\u0022https://medium.com/breach-report/data-hacking-news-over-405-000-hackers-from-lolzteam-net-exposed-3121555080cc\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELolzteam suffered a data breach that exposed 400k members\u003C/a\u003E. The impacted data included usernames and email addresses which were later redistributed via another hacking forum. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;ZAN @ BF\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lolzteam.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lookbook","Title":"Lookbook","Domain":"lookbook.nu","BreachDate":"2012-08-24","AddedDate":"2016-11-08T09:03:44Z","ModifiedDate":"2016-11-08T09:03:44Z","PwnCount":1074948,"Description":"In August 2012, the fashion site \u003Ca href=\u0022https://www.hackread.com/hacker-selling-million-lookbook-accounts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELookbook suffered a data breach\u003C/a\u003E. The data later appeared listed for sale in June 2016 and included 1.1 million usernames, email and IP addresses, birth dates and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lookbook.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lookiero","Title":"Lookiero","Domain":"lookiero.com","BreachDate":"2024-03-27","AddedDate":"2024-08-30T05:23:12Z","ModifiedDate":"2024-08-30T05:23:12Z","PwnCount":4981760,"Description":"In August 2024, \u003Ca href=\u0022https://x.com/DailyDarkWeb/status/1825895814385856678\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach from the online styling service Lookiero was posted to a popular hacking forum\u003C/a\u003E. Dating back to March 2024, the data included 5M unique email addresses, with many of the records also including name, phone number and physical address. When contacted about the incident, Lookiero advised that they would \u0026quot;look into it and get back to you if necessary\u0026quot;. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lookiero.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LOTR","Title":"Lord of the Rings Online","Domain":"lotro.com","BreachDate":"2013-08-01","AddedDate":"2016-03-12T12:46:03Z","ModifiedDate":"2016-03-12T12:46:03Z","PwnCount":1141278,"Description":"In August 2013, the interactive video game \u003Ca href=\u0022https://www.lotro.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELord of the Rings Online\u003C/a\u003E suffered a data breach that exposed over 1.1M players\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LOTR.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LoungeBoard","Title":"Lounge Board","Domain":"loungeboard.net","BreachDate":"2013-08-01","AddedDate":"2014-07-06T10:22:01Z","ModifiedDate":"2014-07-06T10:22:01Z","PwnCount":45018,"Description":"At some point in 2013, 45k accounts were \u003Ca href=\u0022http://leak.sx/thread-186921\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreached from the Lounge Board \u0022General Discussion Forum\u0022 and then dumped publicly\u003C/a\u003E. Lounge Board was a MyBB forum launched in 2012 and discontinued in mid 2013 (the last activity in the logs was from August 2013).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LoungeBoard.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LuLu","Title":"LuLu","Domain":"luluhypermarket.com","BreachDate":"2024-07-06","AddedDate":"2024-08-02T02:59:07Z","ModifiedDate":"2024-08-10T07:06:17Z","PwnCount":2796835,"Description":"In July 2024, \u003Ca href=\u0022https://www.csoonline.com/article/2516119/hackers-steal-data-of-200k-lulu-customers-in-an-alleged-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Emirati-based LuLu retail store suffered a data breach\u003C/a\u003E. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;. The following month, the threat of leaking the full database was carried out and a backup from October 2022 with a further 2.6M unique email addresses appeared. This data also included names, physical addresses, orders and PBKDF2 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LuLu.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LuminPDF","Title":"Lumin PDF","Domain":"luminpdf.com","BreachDate":"2019-04-01","AddedDate":"2019-09-18T05:00:15Z","ModifiedDate":"2019-09-18T05:00:15Z","PwnCount":15453048,"Description":"In April 2019, the PDF management service \u003Ca href=\u0022https://www.zdnet.com/article/data-of-24-3-million-lumin-pdf-users-shared-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELumin PDF suffered a data breach\u003C/a\u003E. The breach wasn\u0027t publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a MongoDB instance after which Lumin PDF was allegedly been \u0026quot;contacted multiple times, but ignored all the queries\u0026quot;. The exposed data included names, email addresses, genders, spoken language and either a bcrypt password hash or Google auth token. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LuminPDF.png","DataClasses":["Auth tokens","Email addresses","Genders","Names","Passwords","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Luxottica","Title":"Luxottica","Domain":"luxottica.com","BreachDate":"2021-03-16","AddedDate":"2023-05-19T20:24:45Z","ModifiedDate":"2023-05-19T20:24:45Z","PwnCount":77093812,"Description":"In March 2021, the world\u0027s largest eyewear company \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/luxottica-confirms-2021-data-breach-after-info-of-70m-leaks-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELuxoticca suffered a data breach via one of their partners that exposed the personal information of more than 70M people\u003C/a\u003E. The data was subsequently sold via a popular hacking forum in late 2022 and included email and physical addresses, names, genders, dates of birth and phone numbers. In a statement from Luxottica, they advised they were aware of the incident and are currently \u0026quot;considering other notification obligations\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Luxottica.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LyricsMania","Title":"Lyrics Mania","Domain":"lyricsmania.com","BreachDate":"2017-12-21","AddedDate":"2018-01-15T06:32:46Z","ModifiedDate":"2018-01-15T06:32:46Z","PwnCount":109202,"Description":"In December 2017, the song lyrics website known as \u003Ca href=\u0022https://www.lyricsmania.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELyrics Mania\u003C/a\u003E suffered a data breach. The data in the breach included 109k usernames, email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/streamlining-data-breach-disclosure-a-step-by-step-process\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENumerous attempts were made to contact Lyrics Mania about the incident\u003C/a\u003E, however no responses were received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LyricsMania.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MacForums","Title":"Mac Forums","Domain":"mac-forums.com","BreachDate":"2016-07-03","AddedDate":"2018-10-29T23:47:44Z","ModifiedDate":"2018-10-29T23:50:37Z","PwnCount":326714,"Description":"In July 2016, the self-proclaimed \u0026quot;Ultimate Source For Your Mac\u0026quot; website \u003Ca href=\u0022https://www.mac-forums.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMac Forums\u003C/a\u003E suffered a data breach. The vBulletin-based system exposed over 326k usernames, email and IP addresses, dates of birth and passwords stored as salted MD5 hashes. The data was later discovered being traded on a popular hacking forum. Mac Forums did not respond when contacted about the incident via their contact us form.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MacForums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MacGeneration","Title":"MacGeneration","Domain":"macg.co","BreachDate":"2022-01-29","AddedDate":"2022-03-03T03:07:19Z","ModifiedDate":"2022-03-03T03:24:04Z","PwnCount":101004,"Description":"In January 2022, the French Apple news website \u003Ca href=\u0022https://www.macg.co/macgeneration/2022/02/macgeneration-victime-dune-attaque-informatique-127149\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMacGeneration suffered a data breach\u003C/a\u003E. The incident exposed over 100k usernames, email addresses and passwords stored as salted SHA-512 hashes. After discovering the incident, MacGeneration self-submitted data to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MacGeneration.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mac-Torrents","Title":"Mac-Torrents","Domain":"mac-torrents.com","BreachDate":"2015-10-31","AddedDate":"2015-10-31T23:54:26Z","ModifiedDate":"2015-10-31T23:54:26Z","PwnCount":93992,"Description":"In October 2015, the torrent site \u003Ca href=\u0022http://www.mac-torrents.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMac-Torrents\u003C/a\u003E was hacked and almost 94k usernames, email addresses and passwords were leaked. The passwords were hashed with MD5 and no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mac-Torrents.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MagicDuel","Title":"MagicDuel","Domain":"magicduel.com","BreachDate":"2023-08-02","AddedDate":"2023-08-02T23:22:58Z","ModifiedDate":"2023-08-02T23:22:58Z","PwnCount":138443,"Description":"In August 2023, \u003Ca href=\u0022https://magicduel.com/page/Announcement/view/5952\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe MagicDuel Adventure website suffered a data breach that exposed 138k user records\u003C/a\u003E. The data included player names, email and IP addresses and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","IP addresses","Nicknames","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MailRu","Title":"mail.ru Dump","Domain":"mail.ru","BreachDate":"2014-09-10","AddedDate":"2014-09-12T04:50:22Z","ModifiedDate":"2018-01-09T03:38:56Z","PwnCount":16630988,"Description":"In September 2014, several large dumps of user accounts appeared on the \u003Ca href=\u0022https://forum.btcsec.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERussian Bitcoin Security Forum\u003C/a\u003E including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain. Whilst \u003Ca href=\u0022http://globalvoicesonline.org/2014/09/10/russia-email-yandex-mailru-passwords-hacking/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eunlikely to be the result of a direct attack against mail.ru\u003C/a\u003E, the credentials were confirmed by many as legitimate for other services they had subscribed to. Further data allegedly valid for mail.ru and containing email addresses and plain text passwords was added in January 2018 bringing to total to more than 16M records. The incident was also then flagged as \u0026quot;unverified\u0026quot;, a concept that was \u003Ca href=\u0022https://www.troyhunt.com/introducing-unverified-breaches-to-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eintroduced after the initial data load in 2014\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MailRu.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MajorGeeks","Title":"MajorGeeks","Domain":"majorgeeks.com","BreachDate":"2015-11-15","AddedDate":"2016-03-03T02:45:09Z","ModifiedDate":"2016-03-03T02:45:09Z","PwnCount":269548,"Description":"In November 2015, almost 270k accounts from the \u003Ca href=\u0022http://www.majorgeeks.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMajorGeeks\u003C/a\u003E support forum were breached. The accounts were being actively sold and traded online and included email addresses, salted password hashes and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MajorGeeks.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MalindoAir","Title":"MalindoAir","Domain":"malindoair.com","BreachDate":"2019-03-01","AddedDate":"2023-09-14T08:52:38Z","ModifiedDate":"2023-09-14T08:52:38Z","PwnCount":4328232,"Description":"In early 2019, the Malaysian airline \u003Ca href=\u0022https://vpnoverview.com/news/malindo-air-data-leak-reveals-info-of-60-million-passengers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMalindo Air suffered a data breach that exposed tens of millions of customer records\u003C/a\u003E. Containing 4.3M unique email addresses, the breach also exposed extensive personal information including names, dates of birth, genders, physical addresses, phone numbers and passport details. The data was later extensively shared on popular hacking forums.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MalindoAir.png","DataClasses":["Dates of birth","Email addresses","Genders","Loyalty program details","Names","Nationalities","Passport numbers","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MallCZ","Title":"MALL.cz","Domain":"mall.cz","BreachDate":"2017-07-27","AddedDate":"2017-09-04T12:46:39Z","ModifiedDate":"2017-09-04T12:46:39Z","PwnCount":735405,"Description":"In July 2017, the Czech Republic e-commerce site \u003Ca href=\u0022https://blog.mall.cz/o-nas/q-a-vse-co-jste-chteli-vedet-o-bezpecnosti-na-mall-cz-451.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMALL.cz suffered a data breach\u003C/a\u003E after which 735k unique accounts including email addresses, names, phone numbers and passwords were later posted online. Whilst passwords were stored as hashes, \u003Ca href=\u0022https://pulse.michalspacek.cz/passwords/storages/site/www.mall.cz\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea number of different algorithms of varying strength were used over time\u003C/a\u003E. All passwords included in the publicly distributed data were in plain text and were likely just those that had been successfully cracked (members with strong passwords don\u0027t appear to be included). According to MALL.cz, the breach only impacted accounts created before 2015.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MallCZ.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Malwarebytes","Title":"Malwarebytes","Domain":"malwarebytes.org","BreachDate":"2014-11-15","AddedDate":"2016-03-09T11:15:43Z","ModifiedDate":"2016-03-09T11:15:43Z","PwnCount":111623,"Description":"In November 2014, the \u003Ca href=\u0022http://www.scmagazine.com/malwarebytes-forum-hacked/article/385187/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMalwarebytes forum was hacked\u003C/a\u003E and 111k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Malwarebytes.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MangaTraders","Title":"Manga Traders","Domain":"mangatraders.com","BreachDate":"2014-06-09","AddedDate":"2014-06-10T03:49:45Z","ModifiedDate":"2019-05-13T12:24:00Z","PwnCount":855249,"Description":"In June 2014, the Manga trading website \u003Ca href=\u0022http://www.mangatraders.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMangatraders.com\u003C/a\u003E had the usernames and passwords of over 900k users \u003Ca href=\u0022http://boards.4chan.org/a/thread/108603065/mangatraders-has-been-hacked-emails-and-passwords\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eleaked on the internet\u003C/a\u003E (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them vulnerable to being easily cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MangaTraders.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MangaDex","Title":"MangaDex","Domain":"mangadex.org","BreachDate":"2021-03-22","AddedDate":"2021-04-25T21:38:51Z","ModifiedDate":"2021-04-25T21:41:24Z","PwnCount":2987329,"Description":"In March 2021, the manga fan site \u003Ca href=\u0022https://portswigger.net/daily-swig/mangadex-website-taken-offline-following-cyber-attack-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMangaDex suffered a data breach\u003C/a\u003E that resulted in the exposure of almost 3 million subscribers. The data included email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was subsequently circulated within hacking groups.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MangaDex.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MangaFox","Title":"MangaFox.me","Domain":"mangafox.me","BreachDate":"2016-06-01","AddedDate":"2018-03-17T01:43:24Z","ModifiedDate":"2018-03-17T01:43:24Z","PwnCount":1311610,"Description":"In approximately July 2016, the manga website known as \u003Ca href=\u0022http://mangafox.me\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emangafox.me\u003C/a\u003E suffered a data breach. The vBulletin based forum exposed 1.3 million accounts including usernames, email and IP addresses, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MangaFox.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mangatoon","Title":"Mangatoon","Domain":"mangatoon.mobi","BreachDate":"2022-05-13","AddedDate":"2022-07-06T21:04:25Z","ModifiedDate":"2022-07-06T21:04:25Z","PwnCount":23040238,"Description":"In May 2022, the Hong Kong based Manga service \u003Ca href=\u0022https://mangatoon.mobi/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMangatoon\u003C/a\u003E suffered a data breach that exposed 23M subscriber records. The breach exposed names, email addresses, genders, social media account identities, auth tokens from social logins and passwords stored as salted MD5 hashes. Mangatoon did not respond to multiple attempts to make contact regarding the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mangatoon.png","DataClasses":["Auth tokens","Avatars","Email addresses","Genders","Names","Passwords","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ManipulatedCaiman","Title":"Manipulated Caiman","Domain":"","BreachDate":"2023-07-16","AddedDate":"2023-08-15T07:06:49Z","ModifiedDate":"2023-08-15T07:06:49Z","PwnCount":39901389,"Description":"In July 2023, \u003Ca href=\u0022https://perception-point.io/blog/manipulated-caiman-the-sophisticated-snare-of-mexicos-banking-predators-technical-edition/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPerception Point reported on a phishing operation dubbed \u0026quot;Manipulated Caiman\u0026quot;\u003C/a\u003E. Targeting primarily the citizens of Mexico, the campaign attempted to gain access to victims\u0027 bank accounts via spear phishing attacks using malicious attachments. Researchers obtained almost 40M email addresses targeted in the campaign and provided the data to HIBP to alert potential victims.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mappery","Title":"Mappery","Domain":"mappery.com","BreachDate":"2018-12-11","AddedDate":"2018-12-18T16:19:50Z","ModifiedDate":"2018-12-18T16:19:50Z","PwnCount":205242,"Description":"In December 2018, the mapping website \u003Ca href=\u0022http://www.mappery.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMappery\u003C/a\u003E suffered a data breach that exposed over 205k unique email addresses. The incident also exposed usernames, the geographic location of the user and passwords stored as unsalted SHA-1 hashes. No response was received from Mappery when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mappery.png","DataClasses":["Email addresses","Geographic locations","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MarketMoveis","Title":"Market Moveis","Domain":"marketmoveis.pt","BreachDate":"2023-08-30","AddedDate":"2024-09-01T07:22:42Z","ModifiedDate":"2024-09-01T07:35:32Z","PwnCount":28220,"Description":"In August 2023, the Portuguese home decor company \u003Ca href=\u0022https://portaldaqueixa.com/brands/market-moveis/complaints/market-moveis-encomenda-atrasada-nao-respondem-emails-nem-chamadas-e-email-fraudulento-98633223\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMarket Moveis suffered a data breach\u003C/a\u003E that impacted 28k records. The exposed records were limited to names and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MarketMoveis.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mashable","Title":"Mashable","Domain":"mashable.com","BreachDate":"2020-06-01","AddedDate":"2020-11-10T04:33:56Z","ModifiedDate":"2020-11-10T04:56:58Z","PwnCount":1414677,"Description":"In approximately mid-2020, \u003Ca href=\u0022https://portswigger.net/daily-swig/data-breach-at-mashable-leaks-users-nbsp-personal-information-online\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMashable suffered a data breach\u003C/a\u003E that subsequently turned up publicly in November 2020. The data included 1.4 million unique email addresses along with names, genders, expired auth tokens, physical locations, links to social media profiles and days and months of birth. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mashable.png","DataClasses":["Auth tokens","Email addresses","Genders","Geographic locations","IP addresses","Names","Partial dates of birth","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MasterDeeds","Title":"Master Deeds","Domain":"","BreachDate":"2017-03-14","AddedDate":"2017-10-18T11:01:46Z","ModifiedDate":"2017-10-18T11:03:37Z","PwnCount":2257930,"Description":"In March 2017, a 27GB database backup file named \u0022Master Deeds\u0022 was sent to HIBP by a supporter of the project. Upon detailed analysis later that year, the file was found to contain the personal data of tens of millions of living and deceased South African residents. The data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government issued personal identification numbers and 2.2 million email addresses. At the time of publishing, \u003Ca href=\u0022https://www.iafrikan.com/2017/10/18/dracore-data-sciences/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eit\u0027s alleged the data was sourced from Dracore Data Sciences\u003C/a\u003E (Dracore is yet to publicly confirm or deny the data was sourced from their systems). On 18 October 2017, the file was found to have been published to a publicly accessible web server where it was located at the root of an IP address with directory listing enabled. The file was dated 8 April 2015.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MasterDeeds.png","DataClasses":["Dates of birth","Deceased statuses","Email addresses","Employers","Ethnicities","Genders","Government issued IDs","Home ownership statuses","Job titles","Names","Nationalities","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MastercardPricelessSpecials","Title":"Mastercard Priceless Specials","Domain":"specials.mastercard.de","BreachDate":"2019-08-20","AddedDate":"2019-09-01T20:37:49Z","ModifiedDate":"2019-09-01T20:37:49Z","PwnCount":89388,"Description":"In August 2019, \u003Ca href=\u0022https://www.spiegel.de/netzwelt/web/mastercard-datenleck-bei-bonusprogramm-a-1282697.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe German Mastercard bonus program \u0026quot;Priceless Specials\u0026quot; suffered a data breach\u003C/a\u003E. Personal data on almost 90k program members was subsequently extensively circulated online and included names, email and IP addresses, phone numbers and partial credit card data. Following the incident, the program was subsequently suspended.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mastercard.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mate1","Title":"Mate1.com","Domain":"mate1.com","BreachDate":"2016-02-29","AddedDate":"2016-04-14T23:37:15Z","ModifiedDate":"2016-04-14T23:37:15Z","PwnCount":27393015,"Description":"In February 2016, the dating site \u003Ca href=\u0022http://motherboard.vice.com/read/hacker-claims-to-have-sold-27m-dating-site-passwords-mate1-com-hell-forum\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emate1.com suffered a huge data breach\u003C/a\u003E resulting in the disclosure of over 27 million subscribers\u0027 information. The data included deeply personal information about their private lives including drug and alcohol habits, incomes levels and sexual fetishes as well as passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mate1.png","DataClasses":["Astrological signs","Dates of birth","Drinking habits","Drug habits","Education levels","Email addresses","Ethnicities","Fitness levels","Genders","Geographic locations","Income levels","Job titles","Names","Parenting plans","Passwords","Personal descriptions","Physical attributes","Political views","Relationship statuses","Religions","Sexual fetishes","Travel habits","Usernames","Website activity","Work habits"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mathway","Title":"Mathway","Domain":"mathway.com","BreachDate":"2020-01-13","AddedDate":"2020-06-05T23:59:45Z","ModifiedDate":"2020-06-05T23:59:45Z","PwnCount":25692862,"Description":"In January 2020, the math solving website \u003Ca href=\u0022https://www.zdnet.com/article/25-million-user-records-leak-online-from-popular-math-app-mathway/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMathway suffered a data breach that exposed over 25M records\u003C/a\u003E. The data was subsequently sold on a dark web marketplace and included names, Google and Facebook IDs, email addresses and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mathway.png","DataClasses":["Device information","Email addresses","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MCBans","Title":"MCBans","Domain":"mcbans.com","BreachDate":"2016-10-27","AddedDate":"2017-07-23T05:34:55Z","ModifiedDate":"2017-07-23T05:34:55Z","PwnCount":119948,"Description":"In October 2016, the Minecraft banning service known as \u003Ca href=\u0022https://www.mcbans.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMCBans\u003C/a\u003E suffered a data breach resulting in the exposure of 120k unique user records. The data contained email and IP addresses, usernames and password hashes of unknown format. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MCBans.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MDPI","Title":"MDPI","Domain":"mdpi.com","BreachDate":"2016-08-30","AddedDate":"2018-03-25T22:50:36Z","ModifiedDate":"2018-03-25T22:50:36Z","PwnCount":845012,"Description":"In August 2016, the Swiss scholarly open access publisher known as \u003Ca href=\u0022http://mdpi.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMDPI\u003C/a\u003E had 17.5GB of data obtained from an unprotected Mongo DB instance. The data contained email exchanges between MDPI and their authors and reviewers which included 845k unique email addresses. MDPI have confirmed that the system has since been protected and that no data of a sensitive nature was impacted. As such, they concluded that notification to their subscribers was not necessary due to the fact that all their authors and reviewers are available online on their website.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MDPI.png","DataClasses":["Email addresses","Email messages","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MechoDownload","Title":"Mecho Download","Domain":"mechodownload.com","BreachDate":"2013-10-31","AddedDate":"2022-08-02T04:04:59Z","ModifiedDate":"2022-08-02T04:10:06Z","PwnCount":437928,"Description":"In October 2013, the (now defunct) downloads website \u0026quot;Mecho Download\u0026quot; suffered a data breach that exposed 438k records. Data from the vBulletin based website included email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MechoDownload.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MediaWorks","Title":"MediaWorks","Domain":"mediaworks.co.nz","BreachDate":"2023-03-15","AddedDate":"2024-03-22T06:43:09Z","ModifiedDate":"2024-03-22T06:43:09Z","PwnCount":162710,"Description":"In March 2024, \u003Ca href=\u0022https://www.rnz.co.nz/news/national/512042/mediaworks-data-breach-hackers-email-victims-demanding-820\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emillions of rows of data from the New Zealand media company MediaWorks was publicly posted to a popular hacking forum\u003C/a\u003E. The incident exposed 163k unique email addresses provided by visitors who filled out online competitions and included names, physical addresses, phone numbers, dates of birth, genders and the responses to questions in the competition. Some victims of the breach subsequently received ransom demands requesting payment to have their data deleted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MediaWorks.png","DataClasses":["Dates of birth","Email addresses","Genders","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MeetMindful","Title":"MeetMindful","Domain":"meetmindful.com","BreachDate":"2020-01-26","AddedDate":"2021-01-31T02:59:06Z","ModifiedDate":"2021-01-31T02:59:06Z","PwnCount":1422717,"Description":"In early 2020, the online dating service \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMeetMindful suffered a data breach\u003C/a\u003E that exposed 1.4 million unique customer email addresses. Included in the data was an extensive array of personal information used to find romantic matches including physical attributes, use of alcohol, drugs and cigarettes, marital statuses, birthdates, genders and the gender being sought. Additional personal information such as names, geographical locations and IP addresses were also exposed, along with passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MeetMindful.png","DataClasses":["Dates of birth","Drinking habits","Drug habits","Email addresses","Genders","Geographic locations","IP addresses","Marital statuses","Names","Passwords","Physical attributes","Religions","Sexual orientations","Smoking habits","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MemeChat","Title":"MemeChat","Domain":"memechat.app","BreachDate":"2022-06-01","AddedDate":"2023-10-29T05:02:56Z","ModifiedDate":"2023-10-29T05:02:56Z","PwnCount":4348570,"Description":"In mid-2022, \u0026quot;the ultimate hub of memes\u0026quot; \u003Ca href=\u0022https://twitter.com/search?q=memechat%20breach\u0026src=typed_query\u0026f=media\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMemeChat suffered a data breach that exposed 7.4M records\u003C/a\u003E. Alleged to be due to a misconfigured Elasticsearch instance, the data contained 4.3M unique email addresses alongside usernames.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MemeChat.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MEO","Title":"MEO","Domain":"meoair.com","BreachDate":"2020-12-24","AddedDate":"2023-04-24T02:39:49Z","ModifiedDate":"2023-04-24T02:39:49Z","PwnCount":8227,"Description":"In early 2023, a corpus of data sourced from the New Zealand based face mask company \u003Ca href=\u0022https://www.meoair.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMEO\u003C/a\u003E was discovered. Dating back to December 2020, the data contained over 8k customer records including names, addresses, phone numbers and passwords stored as MD5 Wordpress hashes. MEO did not respond to multiple attempts to report the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MEO.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MGM","Title":"MGM Resorts","Domain":"mgmresorts.com","BreachDate":"2019-07-25","AddedDate":"2020-02-20T00:52:55Z","ModifiedDate":"2020-02-20T01:00:57Z","PwnCount":3081321,"Description":"In July 2019, \u003Ca href=\u0022https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMGM Resorts discovered a data breach of one of their cloud services\u003C/a\u003E. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed. The data was provided to HIBP by \u003Ca href=\u0022https://underthebreach.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUnder The Breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MGM.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MGM2022Update","Title":"MGM Resorts (2022 Update)","Domain":"mgmresorts.com","BreachDate":"2019-07-25","AddedDate":"2022-05-29T01:43:46Z","ModifiedDate":"2022-05-29T01:43:46Z","PwnCount":24842001,"Description":"In July 2019, \u003Ca href=\u0022https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMGM Resorts discovered a data breach of one of their cloud services\u003C/a\u003E. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. In May 2022, \u003Ca href=\u0022https://www.vpnmentor.com/blog/mgm-leaked-on-telegram/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea superset of the data totalling almost 25M unique email addresses across 142M rows was extensively shared on Telegram\u003C/a\u003E. On analysis, it\u0027s highly likely the data stems from the same incident \u003Ca href=\u0022https://www.zdnet.com/article/a-hacker-is-selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewith 142M records having been discovered for sale on a dark web marketplace in mid-2020\u003C/a\u003E. The exposed data included email and physical addresses, names, phone numbers and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MGM.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MindJolt","Title":"Mindjolt","Domain":"mindjolt.com","BreachDate":"2019-03-18","AddedDate":"2019-07-13T19:21:12Z","ModifiedDate":"2023-10-04T08:17:42Z","PwnCount":28364826,"Description":"In March 2019, the online gaming website \u003Ca href=\u0022https://www.zdnet.com/article/a-hacker-has-dumped-nearly-one-billion-user-records-over-the-past-two-months/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMindJolt suffered a data breach that exposed 28M unique email addresses\u003C/a\u003E. Also impacted were names and dates of birth, but no passwords. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mindjolt.png","DataClasses":["Dates of birth","Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MinecraftPocketEditionForum","Title":"Minecraft Pocket Edition Forum","Domain":"minecraftpeforum.net","BreachDate":"2015-05-24","AddedDate":"2015-06-30T09:19:43Z","ModifiedDate":"2015-06-30T09:19:43Z","PwnCount":16034,"Description":"In May 2015, the \u003Ca href=\u0022http://www.databreaches.net/minecraft-pocket-edition-forum-hacked-dumped/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinecraft Pocket Edition forum was hacked\u003C/a\u003E and over 16k accounts were dumped public. Allegedly hacked by \u003Ca href=\u0022https://twitter.com/rmsg0d\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E@rmsg0d\u003C/a\u003E, the forum data included numerous personal pieces of data for each user. The forum has subsequently been decommissioned.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MinecraftPocketEditionForum.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MinecraftWorldMap","Title":"Minecraft World Map","Domain":"minecraftworldmap.com","BreachDate":"2016-01-15","AddedDate":"2016-08-29T01:07:38Z","ModifiedDate":"2016-08-29T01:07:38Z","PwnCount":71081,"Description":"In approximately January 2016, the Minecraft World Map site designed for sharing maps created for the game was hacked and over 71k user accounts were exposed. The data included usernames, email and IP addresses along with salted and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MinecraftWorldMap.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Minefield","Title":"Minefield","Domain":"minefield.fr","BreachDate":"2015-06-28","AddedDate":"2016-03-09T08:18:43Z","ModifiedDate":"2016-03-09T08:18:43Z","PwnCount":188343,"Description":"In June 2015, the French Minecraft server known as \u003Ca href=\u0022https://www.minefield.fr\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinefield\u003C/a\u003E was hacked and 188k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Minefield.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Minehut","Title":"Minehut","Domain":"minehut.com","BreachDate":"2019-05-17","AddedDate":"2019-09-17T08:27:31Z","ModifiedDate":"2019-11-17T23:14:18Z","PwnCount":396533,"Description":"In May 2019, the Minecraft server website \u003Ca href=\u0022https://minehut.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinehut\u003C/a\u003E suffered a data breach. The company advised a database backup had been obtained after which they subsequently notified all impacted users. 397k email addresses from the incident were provided to HIBP. A data set with both email addresses and bcrypt password hashes was also later provided to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Minehut.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Minted","Title":"Minted","Domain":"minted.com","BreachDate":"2020-05-06","AddedDate":"2020-11-03T06:21:01Z","ModifiedDate":"2020-11-03T06:21:01Z","PwnCount":4418182,"Description":"In May 2020, the online marketplace for independent artists \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/minted-discloses-data-breach-after-5m-user-records-sold-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinted suffered a data breach\u003C/a\u003E that exposed 4.4M unique customer records subsequently sold on a dark web marketplace. Exposed data also included names, physical addresses, phone numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Minted.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Flipkart","Title":"Misattributed Flipkart Data","Domain":"","BreachDate":"2022-09-02","AddedDate":"2024-03-12T05:09:11Z","ModifiedDate":"2024-05-02T23:00:46Z","PwnCount":552094,"Description":"In September 2022, \u003Ca href=\u0022https://izoologic.com/region/central-asia/a-new-alleged-flipkart-data-breach-was-discovered-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 500k customer records alleged to have been sourced from the Indian e-commerce service Flipkart appeared on a popular hacking forum\u003C/a\u003E. Flipkart subsequently reviewed the data and concluded there was minimal overlap with their subscriber base and was not sourced from their services. The data included email addresses, latitudes and longitudes, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Geographic locations","Names","Phone numbers"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Habibs","Title":"Misattributed Habib\u0027s Data","Domain":"habibs.com.br","BreachDate":"2021-08-05","AddedDate":"2024-03-10T03:31:15Z","ModifiedDate":"2024-05-25T21:24:28Z","PwnCount":3517679,"Description":"In August 2021, an allegation was made that the Brazilian fast food company \u0026quot;Habib\u0027s\u0026quot; had suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. Upon thorough investigation, parent company Gennius concluded that the information in the breach was not related to any databases that hold their customers\u0027 personal information and had been misattributed to Habib\u0027s. The corpus of data contained 3.5M unique email addresses along with IP addresses, names, phone numbers, dates of birth and links to social media profiles.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Social media profiles"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MMGFusion","Title":"MMG Fusion","Domain":"mmgfusion.com","BreachDate":"2020-12-20","AddedDate":"2021-08-07T23:46:32Z","ModifiedDate":"2021-08-07T23:46:32Z","PwnCount":2660295,"Description":"In December 2020, the dental practice management service \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/02/19/dark-web-roundup-january-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMMG Fusion was the victim of a data breach\u003C/a\u003E which exposed 2.6M unique email addresses. The data also included patient appointments, names, phone numbers, dates of birth, genders and physical addresses. A small number of records also included passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MMGFusion.png","DataClasses":["Appointments","Dates of birth","Email addresses","Genders","Marital statuses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MobiFriends","Title":"MobiFriends","Domain":"mobifriends.com","BreachDate":"2020-01-06","AddedDate":"2021-05-23T03:16:52Z","ModifiedDate":"2021-05-23T03:16:52Z","PwnCount":3512952,"Description":"In January 2020, the Barcelona-based dating app \u003Ca href=\u0022https://www.zdnet.com/article/dating-app-mobifriends-silent-on-security-breach-impacting-3-6-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMobiFriends suffered a data breach\u003C/a\u003E that exposed 3.5 million unique email addresses. The data also included usernames, genders, dates of birth and MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MobiFriends.png","DataClasses":["Dates of birth","Email addresses","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MoDaCo","Title":"MoDaCo","Domain":"modaco.com","BreachDate":"2016-01-01","AddedDate":"2016-09-20T07:32:50Z","ModifiedDate":"2016-09-20T07:32:50Z","PwnCount":879703,"Description":"In approximately January 2016, the UK based Android community known as \u003Ca href=\u0022http://www.modaco.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMoDaCo\u003C/a\u003E suffered a data breach which exposed 880k subscriber identities. The data included email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MoDaCo.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ModernBusinessSolutions","Title":"Modern Business Solutions","Domain":"modbsolutions.com","BreachDate":"2016-10-08","AddedDate":"2016-10-12T09:09:11Z","ModifiedDate":"2016-10-12T09:09:11Z","PwnCount":58843488,"Description":"In October 2016, a large Mongo DB file containing tens of millions of accounts \u003Ca href=\u0022https://twitter.com/0x2Taylor/status/784544208879292417\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas shared publicly on Twitter\u003C/a\u003E (the file has since been removed). The database contained over 58M unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of birth and phone numbers. The data was subsequently \u003Ca href=\u0022http://news.softpedia.com/news/hacker-steals-58-million-user-records-from-data-storage-provider-509190.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattributed to \u0026quot;Modern Business Solutions\u0026quot;\u003C/a\u003E, a company that provides data storage and database hosting solutions. They\u0027ve yet to acknowledge the incident or explain how they came to be in possession of the data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ModernBusinessSolutions.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MoneyBookers","Title":"Money Bookers","Domain":"moneybookers.com","BreachDate":"2009-01-01","AddedDate":"2015-11-30T09:21:55Z","ModifiedDate":"2015-11-30T09:21:55Z","PwnCount":4483605,"Description":"Sometime in 2009, the e-wallet service known as Money Bookers \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2015/11/30/paysafe-optimal-neteller-moneybookers-gambling-cyberattacks-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach which exposed almost 4.5M customers\u003C/a\u003E. Now called Skrill, the breach was not discovered until October 2015 and included names, email addresses, home addresses and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MoneyBookers.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Moneycontrol","Title":"Moneycontrol","Domain":"moneycontrol.com","BreachDate":"2017-09-07","AddedDate":"2021-05-22T22:37:30Z","ModifiedDate":"2021-05-22T22:37:30Z","PwnCount":762874,"Description":"In April 2021, \u003Ca href=\u0022https://www.opindia.com/2021/04/personal-details-of-over-seven-lakh-moneycontrol-users-up-for-sale/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackers posted data for sale originating from the online Indian financial platform, Moneycontrol\u003C/a\u003E. The data included 763 thousand unique email addresses (allegedly a subset of a larger 40 million account breach), alongside geographic locations, phone numbers, genders, dates of birth and plain text passwords. The date of the original breach is unclear, although the breached data indicates the file was created in September 2017 and Moneycontrol has stated that the breach is \u0026quot;an old data set\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Moneycontrol.png","DataClasses":["Email addresses","Genders","Geographic locations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MoreleNet","Title":"Morele.net","Domain":"morele.net","BreachDate":"2018-10-10","AddedDate":"2019-04-20T22:57:28Z","ModifiedDate":"2019-04-20T22:57:28Z","PwnCount":2467304,"Description":"In October 2018, the Polish e-commerce website \u003Ca href=\u0022https://niebezpiecznik.pl/post/morele-potwierdza-ze-wykradziono-dane-klientow/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMorele.net suffered a data breach\u003C/a\u003E. The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MoreleNet.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MortalOnline","Title":"Mortal Online","Domain":"mortalonline.com","BreachDate":"2018-06-17","AddedDate":"2018-08-31T05:38:46Z","ModifiedDate":"2018-09-24T21:05:18Z","PwnCount":606637,"Description":"In June 2018, the massively multiplayer online role-playing game (MMORPG) \u003Ca href=\u0022https://account.mortalonline.com/breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMortal Online suffered a data breach\u003C/a\u003E. A file containing 570k email addresses and cracked passwords was subsequently distributed online. A larger more complete file containing 607k email addresses with original unsalted MD5 password hashes along with names, usernames and physical addresses was later provided and the original breach in HIBP was updated accordingly. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MortalOnline.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MovieForums","Title":"Movie Forums","Domain":"movieforums.com","BreachDate":"2022-11-24","AddedDate":"2023-12-08T02:45:49Z","ModifiedDate":"2023-12-08T02:45:49Z","PwnCount":39914,"Description":"In December 2022, \u003Ca href=\u0022https://www.movieforums.com/community/showthread.php?t=67897\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Movie Forums website suffered a data breach\u003C/a\u003E that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MovieForums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MovieBoxPro","Title":"MovieBoxPro","Domain":"movieboxpro.app","BreachDate":"2024-04-15","AddedDate":"2024-04-30T01:54:06Z","ModifiedDate":"2024-04-30T01:54:06Z","PwnCount":6009014,"Description":"In April 2024, over 6M records from the streaming service MovieBoxPro were scraped from a vulnerable API. Of questionable legality, the service \u003Ca href=\u0022https://twitter.com/troyhunt/status/1784701384266543128\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eprovided no contact information to disclose the incident\u003C/a\u003E, although reportedly the vulnerability was rectified after being mass enumerated.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MovieBoxPro.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MPGH","Title":"MPGH","Domain":"mpgh.net","BreachDate":"2015-10-22","AddedDate":"2015-10-26T03:20:20Z","ModifiedDate":"2015-10-26T03:20:20Z","PwnCount":3122898,"Description":"In October 2015, the multiplayer game hacking website \u003Ca href=\u0022http://www.mpgh.net\u0022\u003EMPGH was hacked\u003C/a\u003E and 3.1 million user accounts disclosed. The vBulletin forum breach contained usernames, email addresses, IP addresses and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MPGH.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MrGreenGaming","Title":"Mr. Green Gaming","Domain":"mrgreengaming.com","BreachDate":"2024-03-01","AddedDate":"2024-03-03T06:28:42Z","ModifiedDate":"2024-03-03T06:41:04Z","PwnCount":27123,"Description":"In March 2024, the online games community Mr. Green Gaming suffered a data breach that exposed 27k user records. Acknowledged on their Discord server, the incident exposed email and IP addresses, usernames, geographic locations and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MrGreenGaming.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MrExcel","Title":"MrExcel","Domain":"mrexcel.com","BreachDate":"2016-12-05","AddedDate":"2017-01-22T07:39:17Z","ModifiedDate":"2017-01-22T07:39:17Z","PwnCount":366140,"Description":"In December 2016, the forum for the Microsoft Excel tips and solutions site \u003Ca href=\u0022http://www.mrexcel.com/details-of-data-breach-at-mrexcel-com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMr Excel suffered a data breach\u003C/a\u003E. The hack of the vBulletin forum led to the exposure of over 366k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5. The owner of the MrExcel forum subsequently self-submitted the data to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MrExcel.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Social connections","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"mSpy","Title":"mSpy","Domain":"mspy.com","BreachDate":"2015-05-14","AddedDate":"2015-05-28T18:09:16Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":699793,"Description":"In May 2015, the \u0026quot;monitoring\u0026quot; software known as \u003Ca href=\u0022http://www.mspy.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EmSpy\u003C/a\u003E suffered a \u003Ca href=\u0022http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/#more-30913\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emajor data breach\u003C/a\u003E. The software (allegedly often used to spy on unsuspecting victims), stored extensive personal information within their online service which after being breached, was made freely available on the internet.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/mSpy.png","DataClasses":["Device usage tracking data"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"mSpy2024","Title":"mSpy (2024)","Domain":"mspy.com","BreachDate":"2024-06-09","AddedDate":"2024-07-11T19:29:21Z","ModifiedDate":"2024-07-12T23:43:02Z","PwnCount":2394179,"Description":"In June 2024, \u003Ca href=\u0022https://techcrunch.com/2024/07/11/mspy-spyware-millions-customers-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea huge trove of data from spyware maker mSpy was obtained by hacktivists and published online\u003C/a\u003E. Comprising of 142GB of user data and support tickets along with 176GB of more than half a million attachments, the data contained 2.4M unique email addresses, IP addresses names and photos. The data was predominantly support tickets seeking help to install the spyware on target devices, whilst the attachments contained various data including screen grans of financial transactions, photos of credit cards and nude selfies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/mSpy.png","DataClasses":["Email addresses","IP addresses","Names","Photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Muah","Title":"Muah.AI","Domain":"muah.ai","BreachDate":"2024-09-17","AddedDate":"2024-10-08T22:05:01Z","ModifiedDate":"2024-10-08T22:05:01Z","PwnCount":1910261,"Description":"In September 2024, \u003Ca href=\u0022https://www.404media.co/hacked-ai-girlfriend-data-shows-prompts-describing-child-sexual-abuse-2/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe \u0026quot;AI girlfriend\u0026quot; website Muah.AI suffered a data breach\u003C/a\u003E. The breach exposed 1.9M email addresses alongside prompts to generate AI-based images. Many of the prompts were highly sexual in nature, with many also describing child exploitation scenarios.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MuahAI.png","DataClasses":["Email addresses","Sexual fetishes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MultiplayerIt","Title":"Multiplayer.it","Domain":"multiplayer.it","BreachDate":"2018-09-01","AddedDate":"2024-08-01T08:55:16Z","ModifiedDate":"2024-08-01T19:28:20Z","PwnCount":503957,"Description":"In April 2024, \u003Ca href=\u0022https://twitter.com/DarkWebInformer/status/1779593190141554871\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover half a million records taken from the Italian gaming website Multiplayer.it were posted to a popular hacking forum\u003C/a\u003E. The impacted data included email addresses, usernames and salted MD5 password hashes. Multiplayer.it subsequently confirmed the breach dated back 6 years to September 2018 and was merely re-posted in 2024.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MultiplayerIt.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MuslimDirectory","Title":"Muslim Directory","Domain":"muslimdirectory.co.uk","BreachDate":"2014-02-17","AddedDate":"2014-02-23T03:09:38Z","ModifiedDate":"2014-02-23T03:09:38Z","PwnCount":37784,"Description":"In February 2014, the UK guide to services and business known as the Muslim Directory was \u003Ca href=\u0022http://www.cyberwarnews.info/2014/02/17/muslim-directory-hacked-38903-user-credentials-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked by the hacker known as @th3inf1d3l\u003C/a\u003E. The data was consequently dumped publicly and included the web accounts of tens of thousands of users which contained data including their names, home address, age group, email, website activity and password in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MuslimDirectory.png","DataClasses":["Age groups","Email addresses","Employers","Names","Passwords","Phone numbers","Physical addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MuslimMatch","Title":"Muslim Match","Domain":"muslimmatch.com","BreachDate":"2016-06-24","AddedDate":"2016-06-29T19:08:15Z","ModifiedDate":"2020-08-07T23:29:01Z","PwnCount":149830,"Description":"In June 2016, \u003Ca href=\u0022https://motherboard.vice.com/read/hacked-private-messages-from-dating-site-muslim-match\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Muslim Match dating website had 150k email addresses exposed\u003C/a\u003E. The data included private chats and messages between relationship seekers and numerous other personal attributes including passwords hashed with MD5.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MuslimMatch.png","DataClasses":["Chat logs","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","User statuses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyFHA","Title":"MyFHA","Domain":"myfha.net","BreachDate":"2015-02-18","AddedDate":"2018-08-09T20:26:35Z","ModifiedDate":"2018-08-09T20:26:35Z","PwnCount":972629,"Description":"In approximately February 2015, the home financing website \u003Ca href=\u0022https://web.archive.org/web/20180324231131/http://myfha.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyFHA\u003C/a\u003E suffered a data breach which disclosed the personal information of nearly 1 million people. The data included extensive personal information relating to home financing including personal contact info, credit statuses, household incomes, loan amounts and notes on personal circumstances, often referring to legal issues, divorces and health conditions. Multiple parties contacted HIBP with the data after which MyFHA was alerted in mid-July and acknowledged the legitimacy of the breach then took the site offline.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyFHA.png","DataClasses":["Credit status information","Email addresses","Income levels","IP addresses","Loan information","Names","Passwords","Personal descriptions","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyFitnessPal","Title":"MyFitnessPal","Domain":"myfitnesspal.com","BreachDate":"2018-02-01","AddedDate":"2019-02-21T19:28:46Z","ModifiedDate":"2019-02-21T20:00:56Z","PwnCount":143606147,"Description":"In February 2018, the diet and exercise service \u003Ca href=\u0022https://content.myfitnesspal.com/security-information/FAQ.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyFitnessPal suffered a data breach\u003C/a\u003E. The incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords stored as SHA-1 and bcrypt hashes (the former for earlier accounts, the latter for newer accounts). In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyFitnessPal.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyHeritage","Title":"MyHeritage","Domain":"myheritage.com","BreachDate":"2017-10-26","AddedDate":"2019-02-20T21:04:04Z","ModifiedDate":"2019-02-20T21:04:04Z","PwnCount":91991358,"Description":"In October 2017, the genealogy website \u003Ca href=\u0022https://blog.myheritage.com/2018/06/myheritage-statement-about-a-cybersecurity-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyHeritage suffered a data breach\u003C/a\u003E. The incident was reported 7 months later after a security researcher discovered the data and contacted MyHeritage. In total, more than 92M customer records were exposed and included email addresses and salted SHA-1 password hashes. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyHeritage.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyPertamina","Title":"MyPertamina","Domain":"mypertamina.id","BreachDate":"2022-11-01","AddedDate":"2024-01-27T05:19:27Z","ModifiedDate":"2024-01-27T05:19:27Z","PwnCount":5970416,"Description":"In November 2022, the Indonesian oil and gas company \u003Ca href=\u0022https://voi.id/en/technology/226367\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPertamina suffered a data breach of their MyPertamina service\u003C/a\u003E. The incident exposed 44M records with 6M unique email addresses along with names, dates of birth, genders, physical addresses and purchases.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyPertamina.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"myRepoSpace","Title":"myRepoSpace","Domain":"myrepospace.com","BreachDate":"2015-07-06","AddedDate":"2015-07-08T08:44:51Z","ModifiedDate":"2015-07-08T08:44:51Z","PwnCount":252751,"Description":"In July 2015, the Cydia repository known as \u003Ca href=\u0022https://myrepospace.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EmyRepoSpace\u003C/a\u003E was hacked and \u003Ca href=\u0022https://www.reddit.com/r/jailbreak/comments/3c9qr1/discussion_myrepospace_user_data_leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Euser data leaked publicly\u003C/a\u003E. Cydia is designed to facilitate the installation of apps on jailbroken iOS devices. The repository service was allegedly hacked by \u003Ca href=\u0022https://twitter.com/its_not_herpes\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E@its_not_herpes\u003C/a\u003E and \u003Ca href=\u0022https://twitter.com/0x8badfl00d\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E0x8badfl00d\u003C/a\u003E in retaliation for the service refusing to remove pirated tweaks.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/myRepoSpace.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MySpace","Title":"MySpace","Domain":"myspace.com","BreachDate":"2008-07-01","AddedDate":"2016-05-31T00:12:29Z","ModifiedDate":"2016-05-31T00:12:29Z","PwnCount":359420698,"Description":"In approximately 2008, \u003Ca href=\u0022http://motherboard.vice.com/read/427-million-myspace-passwords-emails-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMySpace suffered a data breach that exposed almost 360 million accounts\u003C/a\u003E. In May 2016 the data was offered up for sale on the \u0026quot;Real Deal\u0026quot; dark market website and included email addresses, usernames and SHA1 hashes of the first 10 characters of the password converted to lowercase and stored without a salt. The exact breach date is unknown, but \u003Ca href=\u0022https://www.troyhunt.com/dating-the-ginormous-myspace-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eanalysis of the data suggests it was 8 years before being made public\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MySpace.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyVidster","Title":"MyVidster","Domain":"myvidster.com","BreachDate":"2015-08-15","AddedDate":"2015-10-10T07:06:17Z","ModifiedDate":"2015-10-10T07:06:17Z","PwnCount":19863,"Description":"In August 2015, the social video sharing and bookmarking site \u003Ca href=\u0022https://www.reddit.com/r/pwned/comments/3h4tud/myvidstercom_hacked_1_million_member_database/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyVidster was hacked\u003C/a\u003E and nearly 20,000 accounts were dumped online. The dump included usernames, email addresses and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyVidster.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NamelessMalware","Title":"Nameless Malware","Domain":"","BreachDate":"2020-01-01","AddedDate":"2021-06-09T10:28:14Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":1121484,"Description":"In January 2021, \u003Ca href=\u0022http://troyhunt.com/nameless-malware-discovered-by-nordlocker-is-now-in-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENordLocker provided HIBP 1.1 million email addresses collected by nameless malware\u003C/a\u003E. The malware campaign ran between 2018 and 2020 and infected 3.25 million computers, stealing files, credentials and taking screenshots and photos using the computer\u0027s webcam. \u003Ca href=\u0022https://nordlocker.com/malware-analysis/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more in NordLocker\u0027s writeup about the Nameless malware that stole 1.2 TB of private data.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":false},{"Name":"NapsGear","Title":"NapsGear","Domain":"napsgear.org","BreachDate":"2015-10-21","AddedDate":"2018-09-10T11:07:00Z","ModifiedDate":"2018-09-10T11:07:00Z","PwnCount":287071,"Description":"In October 2015, the anabolic steroids retailer \u003Ca href=\u0022https://thinksteroids.com/community/threads/warning-naps-customer-database-compromised.134375549/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENapsGear suffered a data breach\u003C/a\u003E. An extensive amount of personal information on 287k customers was exposed including email addresses, names, addresses, phone numbers, purchase histories and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NapsGear.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NationalPublicData","Title":"National Public Data","Domain":"","BreachDate":"2024-04-09","AddedDate":"2024-08-13T18:09:46Z","ModifiedDate":"2024-08-13T18:09:46Z","PwnCount":133957569,"Description":"In April 2024, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-3-billion-people-national-public-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large trove of data made headlines as having exposed \u0026quot;3 billion people\u0026quot; due to a breach of the National Public Data background check service\u003C/a\u003E. The initial corpus of data released in the breach contained billions of rows of personal information, including US social security numbers. Further partial data sets were later released including extensive personal information and 134M unique email addresses, although the origin and accuracy of the data remains in question. This breach has been flagged as \u0026quot;unverified\u0026quot; and a full description of the incident is in the link above.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Genders","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NaughtyAmerica","Title":"Naughty America","Domain":"naughtyamerica.com","BreachDate":"2016-03-14","AddedDate":"2016-04-24T06:14:42Z","ModifiedDate":"2016-04-24T06:14:42Z","PwnCount":1398630,"Description":"In March 2016, the adult website \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2016/04/14/naughty-america-fappening-hacked-porn-sites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENaughty America was hacked and the data consequently sold online\u003C/a\u003E. The breach included data from numerous systems with various personal identity attributes, the largest of which had passwords stored as easily crackable MD5 hashes. There were 1.4 million unique email addresses in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NaughtyAmerica.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NazApi","Title":"Naz.API","Domain":"","BreachDate":"2023-09-20","AddedDate":"2024-01-17T13:24:27Z","ModifiedDate":"2024-01-17T13:24:27Z","PwnCount":70840771,"Description":"In September 2023, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 100GB of stealer logs and credential stuffing lists titled \u0026quot;Naz.API\u0026quot; was posted to a popular hacking forum\u003C/a\u003E. The incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairs obtained from unnamed sources. In total, the corpus of data included 71M unique email addresses and 100M unique passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NeimanMarcus","Title":"Neiman Marcus","Domain":"neimanmarcus.com","BreachDate":"2024-04-14","AddedDate":"2024-07-09T19:27:32Z","ModifiedDate":"2024-07-09T19:27:32Z","PwnCount":31152842,"Description":"In May 2024, the American luxury retailer Neiman Marcus suffered a data breach \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewhich was later posted to a popular hacking forum\u003C/a\u003E. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NeimanMarcus.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NemoWeb","Title":"NemoWeb","Domain":"nemoweb.net","BreachDate":"2016-09-04","AddedDate":"2018-09-19T03:53:20Z","ModifiedDate":"2018-09-24T05:09:56Z","PwnCount":3472916,"Description":"In September 2016, almost 21GB of data from the French website used for \u0026quot;standardised and decentralized means of exchange for publishing newsgroup articles\u0026quot; \u003Ca href=\u0022http://www.nemoweb.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENemoWeb\u003C/a\u003E was leaked from what appears to have been an unprotected Mongo DB. The data consisted of a large volume of emails sent to the service and included almost 3.5M unique addresses, albeit many of them auto-generated. Multiple attempts were made to contact the operators of NemoWeb but no response was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NemoWeb.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Neopets","Title":"Neopets","Domain":"neopets.com","BreachDate":"2013-05-05","AddedDate":"2016-07-07T23:00:10Z","ModifiedDate":"2016-07-07T23:00:10Z","PwnCount":26892897,"Description":"In May 2016, \u003Ca href=\u0022http://motherboard.vice.com/read/neopets-hack-another-day-another-hack-tens-of-millions-of-neopets-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea set of breached data originating from the virtual pet website \u0026quot;Neopets\u0026quot; was found being traded online\u003C/a\u003E. Allegedly hacked \u0026quot;several years earlier\u0026quot;, the data contains sensitive personal information including birthdates, genders and names as well as almost 27 million unique email addresses. Passwords were stored in plain text and IP addresses were also present in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Neopets.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NetEase","Title":"NetEase","Domain":"163.com","BreachDate":"2015-10-19","AddedDate":"2016-10-09T06:13:31Z","ModifiedDate":"2016-10-09T06:13:31Z","PwnCount":234842089,"Description":"In October 2015, the Chinese site known as \u003Ca href=\u0022http://www.163.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetEase\u003C/a\u003E (located at \u003Ca href=\u0022http://www.163.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E163.com\u003C/a\u003E) was \u003Ca href=\u0022http://news.mydrivers.com/1/452/452173.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereported as having suffered a data breach that impacted hundreds of millions of subscribers\u003C/a\u003E. Whilst there is evidence that the data itself is legitimate (multiple HIBP subscribers confirmed a password they use is in the data), due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NetEase.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Neteller","Title":"Neteller","Domain":"neteller.com","BreachDate":"2010-05-17","AddedDate":"2015-11-30T10:26:47Z","ModifiedDate":"2015-11-30T10:26:47Z","PwnCount":3619948,"Description":"In May 2010, the e-wallet service known as Neteller \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2015/11/30/paysafe-optimal-neteller-moneybookers-gambling-cyberattacks-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach which exposed over 3.6M customers\u003C/a\u003E. The breach was not discovered until October 2015 and included names, email addresses, home addresses and account balances.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Neteller.png","DataClasses":["Account balances","Dates of birth","Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses","Security questions and answers","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NetGalley","Title":"NetGalley","Domain":"netgalley.com","BreachDate":"2020-12-21","AddedDate":"2021-02-23T01:38:21Z","ModifiedDate":"2021-11-25T22:08:12Z","PwnCount":1436435,"Description":"In December 2020, the book promotion site \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/netgalley-discloses-data-breach-after-website-was-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetGalley suffered a data breach\u003C/a\u003E. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to pom@pompur.in.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NetGalley.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Netlog","Title":"Netlog","Domain":"netlog.com","BreachDate":"2012-11-01","AddedDate":"2019-07-15T10:25:07Z","ModifiedDate":"2019-07-15T10:25:07Z","PwnCount":49038354,"Description":"In July 2018, the Belgian social networking site \u003Ca href=\u0022https://oag.ca.gov/system/files/Communication%20to%20Users%20-%20FINAL_0.pdf\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetlog identified a data breach of their systems dating back to November 2012 (PDF)\u003C/a\u003E. Although the service was discontinued in 2015, the data breach still impacted 49 million subscribers for whom email addresses and plain text passwords were exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Netlog.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NetProspex","Title":"NetProspex","Domain":"netprospex.com","BreachDate":"2016-09-01","AddedDate":"2017-03-15T01:57:04Z","ModifiedDate":"2017-03-15T01:57:04Z","PwnCount":33698126,"Description":"In 2016, a list of over 33 million individuals in corporate America sourced from Dun \u0026 Bradstreet\u0027s NetProspex service \u003Ca href=\u0022https://www.troyhunt.com/weve-lost-control-of-our-personal-data-including-33m-netprospex-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas leaked online\u003C/a\u003E. D\u0026B believe the targeted marketing data was lost by a customer who purchased it from them. It contained extensive personal and corporate information including names, email addresses, job titles and general information about the employer.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NetProspex.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Netshoes","Title":"Netshoes","Domain":"netshoes.com.br","BreachDate":"2017-12-07","AddedDate":"2017-12-10T04:01:03Z","ModifiedDate":"2017-12-10T04:01:03Z","PwnCount":499836,"Description":"In December 2017, the online Brazilian retailer known as \u003Ca href=\u0022https://www.databreaches.net/netshoes-customer-data-possibly-hacked-500k-customers-order-info-dumped/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetshoes had half a million records allegedly hacked from their system posted publicly\u003C/a\u003E. The company was contacted by local Brazilian media outlet Tecmundo and subsequently advised that \u003Ca href=\u0022https://www.tecmundo.com.br/seguranca/125038-netshoes-invadida-meio-milhao-dados-clientes-vazam-internet.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eno indications have been identified of an invasion of the company\u0027s systems\u003C/a\u003E. However, Netshoes\u0027 own systems successfully confirm the presence of matching identifiers and email addresses from the data set, indicating a high likelihood that the data originated from them.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Netshoes.png","DataClasses":["Dates of birth","Email addresses","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NextGenUpdate","Title":"NextGenUpdate","Domain":"nextgenupdate.com","BreachDate":"2014-04-22","AddedDate":"2015-06-05T04:12:29Z","ModifiedDate":"2015-06-05T04:12:29Z","PwnCount":1194597,"Description":"Early in 2014, the video game website \u003Ca href=\u0022http://www.nextgenupdate.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENextGenUpdate\u003C/a\u003E reportedly \u003Ca href=\u0022https://leakforums.org/thread-265363\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach\u003C/a\u003E that disclosed almost 1.2 million accounts. Amongst the data breach was usernames, email addresses, IP addresses and salted and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NextGenUpdate.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NexusMods","Title":"Nexus Mods","Domain":"nexusmods.com","BreachDate":"2013-07-22","AddedDate":"2016-01-17T17:18:47Z","ModifiedDate":"2016-01-17T17:18:47Z","PwnCount":5915013,"Description":"In December 2015, the game modding site Nexus Mods \u003Ca href=\u0022http://www.nexusmods.com/games/news/12670/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereleased a statement notifying users that they had been hacked\u003C/a\u003E. They subsequently dated the hack as having occurred in July 2013 although there is evidence to suggest the data was being traded months in advance of that. The breach contained usernames, email addresses and passwords stored as a salted hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NexusMods.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nihonomaru","Title":"Nihonomaru","Domain":"nihonomaru.net","BreachDate":"2015-12-01","AddedDate":"2016-08-30T09:54:55Z","ModifiedDate":"2016-08-30T09:54:55Z","PwnCount":1697282,"Description":"In late 2015, the anime community known as Nihonomaru had their vBulletin forum hacked and 1.7 million accounts exposed. The compromised data included email and IP addresses, usernames and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nihonomaru.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nitro","Title":"Nitro","Domain":"gonitro.com","BreachDate":"2020-09-28","AddedDate":"2021-01-19T10:45:32Z","ModifiedDate":"2021-01-19T10:45:32Z","PwnCount":77159696,"Description":"In September 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/massive-nitro-data-breach-impacts-microsoft-google-apple-more/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses\u003C/a\u003E. The breach also exposed names, bcrypt password hashes and the titles of converted documents. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nitro.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nival","Title":"Nival","Domain":"nival.com","BreachDate":"2016-02-29","AddedDate":"2016-03-03T00:32:49Z","ModifiedDate":"2016-03-03T00:32:49Z","PwnCount":1535473,"Description":"In February 2016, the Russian gaming company \u003Ca href=\u0022http://nival.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENival\u003C/a\u003E was the target of an attack which was consequently \u003Ca href=\u0022https://www.reddit.com/r/pwned/comments/47u1bf/operation_wrath_of_anakin_evolved\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edetailed on Reddit\u003C/a\u003E. Allegedly protesting \u0026quot;the foreign policy of Russia in regards to Ukraine\u0026quot;, Nival was one of several Russian sites in the breach and impacted over 1.5M accounts including sensitive personal information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nival.png","DataClasses":["Avatars","Dates of birth","Email addresses","Genders","Names","Spoken languages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NonNudeGirls","Title":"Non Nude Girls","Domain":"nonnudegirls.org","BreachDate":"2013-05-21","AddedDate":"2017-01-25T06:38:36Z","ModifiedDate":"2017-01-25T06:38:36Z","PwnCount":75383,"Description":"In May 2013, the non-consensual voyeurism site \u003Ca href=\u0022http://www.ibtimes.co.uk/upskirt-porn-website-hit-massive-data-leak-exposing-nearly-180000-voyeurs-1602756\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;Non Nude Girls\u0026quot; suffered a data breach\u003C/a\u003E. The hack of the vBulletin forum led to the exposure of over 75k accounts along with email and IP addresses, names and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NonNudeGirls.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NotAcxiom","Title":"Not Acxiom","Domain":"","BreachDate":"2020-06-21","AddedDate":"2022-11-22T19:17:40Z","ModifiedDate":"2022-11-22T19:17:40Z","PwnCount":51730831,"Description":"In 2020, \u003Ca href=\u0022https://www.troyhunt.com/data-breach-misattribution-acxiom-live-ramp/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea corpus of data containing almost a quarter of a billion records spanning over 400 different fields was misattributed to database marketing company Acxiom\u003C/a\u003E and subsequently circulated within the hacking community. On review, Acxiom concluded that \u0026quot;the claims are indeed false and that the data, which has been readily available across multiple environments, does not come from Acxiom and is in no way the subject of an Acxiom breach\u0026quot;. The data contained almost 52M unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NotSOCRadar","Title":"Not SOCRadar","Domain":"","BreachDate":"2024-08-03","AddedDate":"2024-08-09T09:28:24Z","ModifiedDate":"2024-08-09T09:28:24Z","PwnCount":282478425,"Description":"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however \u003Ca href=\u0022https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean investigation on their behalf concluded that \u0026quot;the actor merely utilised functionalities inherent in the platform\u0027s standard offerings, designed to gather information from publicly available sources\u0026quot;\u003C/a\u003E. There is no suggestion the incident compromised SOCRadar\u0027s security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NulledCH","Title":"Nulled.ch","Domain":"nulled.ch","BreachDate":"2020-05-20","AddedDate":"2020-05-24T07:05:43Z","ModifiedDate":"2020-05-24T07:05:43Z","PwnCount":43491,"Description":"In May 2020, the hacking forum \u003Ca href=\u0022https://www.nulled.ch/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENulled.ch\u003C/a\u003E was breached and the data published to a rival hacking forum. Over 43k records were compromised and included IP and email addresses, usernames and passwords stored as salted MD5 hashes alongside the private message history of the website\u0027s admin. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;Split10\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NulledCH.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nulled","Title":"Nulled.cr","Domain":"nulled.cr","BreachDate":"2016-05-06","AddedDate":"2016-05-09T11:28:01Z","ModifiedDate":"2020-05-24T07:00:23Z","PwnCount":599080,"Description":"In May 2016, the cracking community forum known as \u003Ca href=\u0022http://nulled.cr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENulled.cr\u003C/a\u003E was hacked and 599k user accounts were leaked publicly. The compromised data included email and IP addresses, weak salted MD5 password hashes and hundreds of thousands of private messages between members.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nulled.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NurseryCam","Title":"NurseryCam","Domain":"nurserycam.co.uk","BreachDate":"2021-02-12","AddedDate":"2021-02-23T07:58:02Z","ModifiedDate":"2021-02-23T07:58:02Z","PwnCount":10585,"Description":"In February 2021, \u003Ca href=\u0022https://www.theregister.com/2021/02/18/nurserycam_security_problems_footfallcam_ltd/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea series of egregiously bad security flaws were identified in the NurseryCam system\u003C/a\u003E designed for parents to remotely monitor their children whilst attending nursery. The flaws led to the exposure of over 10k parent records before the service was shut down. The email addresses alone were provided to Have I Been Pwned to ensure parents were properly notified of the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NurseryCam.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NVIDIA","Title":"NVIDIA","Domain":"nvidia.com","BreachDate":"2022-02-23","AddedDate":"2022-03-02T23:50:10Z","ModifiedDate":"2022-03-02T23:51:53Z","PwnCount":71335,"Description":"In February 2022, microchip company \u003Ca href=\u0022https://www.zdnet.com/article/nvidia-says-employee-credentials-proprietary-information-stolen-during-cyberattack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENVIDIA suffered a data breach that exposed employee credentials and proprietary code\u003C/a\u003E. Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NVIDIA.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers","Title":"OGUsers (2019 breach)","Domain":"ogusers.com","BreachDate":"2018-12-26","AddedDate":"2019-05-19T22:45:45Z","ModifiedDate":"2020-04-04T08:21:10Z","PwnCount":161143,"Description":"In May 2019, the account hijacking and SIM swapping forum \u003Ca href=\u0022https://krebsonsecurity.com/2019/05/account-hijacking-forum-ogusers-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOGusers suffered a data breach\u003C/a\u003E. The breach exposed a database backup from December 2018 which was published on a rival hacking forum. There were 161k unique email addresses spread across 113k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers2020","Title":"OGUsers (2020 breach)","Domain":"ogusers.com","BreachDate":"2020-04-02","AddedDate":"2020-04-04T08:27:13Z","ModifiedDate":"2020-04-04T08:27:13Z","PwnCount":263189,"Description":"In April 2020, the account hijacking and SIM swapping forum \u003Ca href=\u0022https://www.zdnet.com/article/hacking-forum-gets-hacked-for-the-second-time-in-a-year/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOGUsers suffered their second data breach in less than a year\u003C/a\u003E. As with the previous breach, the exposed data included email and IP addresses, usernames, private messages and passwords stored as salted MD5 hashes. A total of 263k email addresses across user accounts and other tables were posted to a rival hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers2021","Title":"OGUsers (2021 breach)","Domain":"ogusers.com","BreachDate":"2021-04-11","AddedDate":"2022-05-16T00:40:46Z","ModifiedDate":"2022-05-16T00:40:46Z","PwnCount":348302,"Description":"In April 2021, the account hijacking and SIM swapping forum \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/fourth-times-a-charm-ogusers-hacking-forum-hacked-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOGusers suffered a data breach\u003C/a\u003E, the fourth since December 2018. The breach was subsequently sold on a rival hacking forum and contained usernames, email and IP addresses and passwords stored as either salted MD5 or argon2 hashes. A total of 348k unique email addresses appeared in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers2022","Title":"OGUsers (2022 breach)","Domain":"ogusers.com","BreachDate":"2022-07-13","AddedDate":"2023-04-14T01:51:23Z","ModifiedDate":"2023-04-14T01:51:23Z","PwnCount":529020,"Description":"In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes. A total of 529k unique email addresses appeared in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OMGPOP","Title":"OMGPOP","Domain":"omgpop.com","BreachDate":"2013-01-01","AddedDate":"2023-11-20T21:20:28Z","ModifiedDate":"2023-11-20T21:20:28Z","PwnCount":7071293,"Description":"In approximately 2013, the maker of the Draw Something game \u003Ca href=\u0022https://www.cpomagazine.com/cyber-security/password-breach-of-game-developer-zynga-compromises-170-million-accounts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOMGPOP suffered a data breach\u003C/a\u003E. Formerly known as i\u0027minlikewithyou or iilwy and later purchased by Zynga, the breach exposed over 7M email address and plain text password pairs which were later leaked in 2019.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OMGPOP.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OnlineTrade","Title":"Online Trade (\u041E\u043D\u043B\u0430\u0439\u043D \u0422\u0440\u0435\u0439\u0434)","Domain":"onlinetrade.ru","BreachDate":"2022-09-19","AddedDate":"2024-03-07T06:51:12Z","ModifiedDate":"2024-03-07T07:01:28Z","PwnCount":3805265,"Description":"In September 2022, the Russian e-commerce website \u003Ca href=\u0022https://xakep.ru/2022/09/21/new-leaks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOnline Trade (\u041E\u043D\u043B\u0430\u0439\u043D \u0422\u0440\u0435\u0439\u0434) suffered a data breach\u003C/a\u003E that exposed 3.8M customer records. The data included email and IP addresses, names, phone numbers, dates of birth and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OnlineTrade.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OnlinerSpambot","Title":"Onliner Spambot","Domain":"","BreachDate":"2017-08-28","AddedDate":"2017-08-29T19:25:56Z","ModifiedDate":"2017-08-29T19:25:56Z","PwnCount":711477622,"Description":"In August 2017, a spambot by the name of \u003Ca href=\u0022https://benkowlab.blogspot.com.au/2017/08/from-onliner-spambot-to-millions-of.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOnliner Spambot was identified by security researcher Benkow mo\u029Eu\u018Eq\u003C/a\u003E. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled \u003Ca href=\u0022https://www.troyhunt.com/inside-the-massive-711-million-record-onliner-spambot-dump\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInside the Massive 711 Million Record Onliner Spambot Dump\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Onverse","Title":"Onverse","Domain":"onverse.com","BreachDate":"2016-01-01","AddedDate":"2016-09-06T06:28:30Z","ModifiedDate":"2016-09-06T06:28:30Z","PwnCount":800157,"Description":"In January 2016, the online virtual world known as \u003Ca href=\u0022http://www.onverse.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOnverse\u003C/a\u003E was hacked and 800k accounts were exposed. Along with email and IP addresses, the site also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Onverse.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OpenCSGO","Title":"Open CS:GO","Domain":"opencsgo.com","BreachDate":"2017-11-28","AddedDate":"2018-01-15T06:14:55Z","ModifiedDate":"2018-01-15T06:14:55Z","PwnCount":512311,"Description":"In December 2017, the website for purchasing Counter-Strike skins known as \u003Ca href=\u0022http://opencsgo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOpen CS:GO\u003C/a\u003E (Counter-Strike: Global Offensive) suffered a data breach (address since redirects to dropgun.com). The 10GB file contained an extensive amount of personal information including email and IP addresses, phone numbers, physical addresses and purchase histories. \u003Ca href=\u0022https://www.troyhunt.com/streamlining-data-breach-disclosures-a-step-by-step-process\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENumerous attempts were made to contact Open CS:GO about the incident\u003C/a\u003E, however no responses were received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OpenCSGO.png","DataClasses":["Avatars","Email addresses","IP addresses","Phone numbers","Physical addresses","Purchases","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OpenSubtitles","Title":"Open Subtitles","Domain":"opensubtitles.org","BreachDate":"2021-08-01","AddedDate":"2022-01-19T04:51:36Z","ModifiedDate":"2022-01-19T04:51:36Z","PwnCount":6783158,"Description":"In August 2021, the subtitling website \u003Ca href=\u0022https://forum.opensubtitles.org/viewtopic.php?f=1\u0026p=46835\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOpen Subtitles suffered a data breach and subsequent ransom demand\u003C/a\u003E. The breach exposed almost 7M subscribers\u0027 personal data including email and IP addresses, usernames, the country of the user and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OpenSubtitles.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OperationEndgame","Title":"Operation Endgame","Domain":"","BreachDate":"2024-05-30","AddedDate":"2024-05-30T04:19:45Z","ModifiedDate":"2024-05-31T03:22:05Z","PwnCount":16466858,"Description":"In May 2024, \u003Ca href=\u0022https://www.troyhunt.com/operation-endgame/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea coalition of international law enforcement agencies took down a series of botnets in a campaign they coined \u0026quot;Operation Endgame\u0026quot;\u003C/a\u003E. Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"OrderSnapp","Title":"OrderSnapp","Domain":"ordersnapp.com","BreachDate":"2020-06-29","AddedDate":"2021-08-08T01:53:33Z","ModifiedDate":"2021-08-08T02:11:56Z","PwnCount":1304447,"Description":"In June 2020, the restaurant solutions provider \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/01/25/shinyhunters-wave-3-one-hacker-exposes-over-125-million-credentials/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOrderSnapp suffered a data breach\u003C/a\u003E which exposed 1.3M unique email addresses. Impacted data also included names, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OrderSnapp.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OrdineAvvocatiDiRoma","Title":"Ordine Avvocati di Roma","Domain":"ordineavvocatiroma.it","BreachDate":"2019-05-07","AddedDate":"2019-05-26T23:24:11Z","ModifiedDate":"2019-05-26T23:24:11Z","PwnCount":41960,"Description":"In May 2019, \u003Ca href=\u0022https://roma.repubblica.it/cronaca/2019/05/07/news/roma_anonymus_viola_la_mail_di_30mila_avvocati_c_e_anche_quella_di_raggi-225675248/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Lawyers Order of Rome suffered a data breach by a group claiming to be Anonymous Italy\u003C/a\u003E. Data on tens of thousands of Roman lawyers was taken from the breached system and redistributed online. The data included contact information, email addresses and email messages themselves encompassing tens of thousands of unique email addresses. A total of 42k unique addresses appeared in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OrdineAvvocatiDiRoma.png","DataClasses":["Email addresses","Email messages","Geographic locations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OVH","Title":"OVH","Domain":"ovh.com","BreachDate":"2015-05-01","AddedDate":"2016-12-27T07:49:12Z","ModifiedDate":"2016-12-27T07:49:12Z","PwnCount":452899,"Description":"In mid-2015, the forum for the hosting provider known as \u003Ca href=\u0022https://www.ovh.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOVH\u003C/a\u003E suffered a data breach. The vBulletin forum contained 453k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OVH.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OwnedCore","Title":"OwnedCore","Domain":"OwnedCore.com","BreachDate":"2013-08-01","AddedDate":"2016-02-06T02:53:13Z","ModifiedDate":"2016-02-06T02:53:13Z","PwnCount":880331,"Description":"In approximately August 2013, the World of Warcraft exploits forum known as \u003Ca href=\u0022http://www.ownedcore.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOwnedCore\u003C/a\u003E was hacked and more than 880k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OwnedCore.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Oxfam","Title":"Oxfam","Domain":"oxfam.org.au","BreachDate":"2021-01-20","AddedDate":"2021-03-02T07:07:00Z","ModifiedDate":"2021-03-02T07:07:00Z","PwnCount":1834006,"Description":"In January 2021, \u003Ca href=\u0022https://www.oxfam.org.au/updates-suspected-data-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOxfam Australia was the victim of a data breach\u003C/a\u003E which exposed 1.8M unique email addresses of supporters of the charity. The data was put up for sale on a popular hacking forum and also included names, phone numbers, addresses, genders and dates of birth. A small number of people also had partial credit card data exposed (the first 6 and last 3 digits of the card, plus card type and expiry) and in some cases the bank name, account number and BSB were also exposed. The data was subsequently made freely available on the hacking forum later the following month.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Oxfam.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Genders","Names","Partial credit card data","Payment histories","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PaddyPower","Title":"Paddy Power","Domain":"paddypower.com","BreachDate":"2010-10-25","AddedDate":"2015-10-11T01:26:05Z","ModifiedDate":"2015-10-11T01:26:05Z","PwnCount":590954,"Description":"In October 2010, the Irish bookmaker \u003Ca href=\u0022http://www.telegraph.co.uk/technology/internet-security/11005558/Irish-government-disappointed-over-Paddy-Power-hack.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPaddy Power suffered a data breach\u003C/a\u003E that exposed 750,000 customer records with nearly 600,000 unique email addresses. The breach was not disclosed until July 2014 and contained extensive personal information including names, addresses, phone numbers and plain text security questions and answers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PaddyPower.png","DataClasses":["Account balances","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pampling","Title":"Pampling","Domain":"pampling.com","BreachDate":"2020-01-04","AddedDate":"2023-08-31T05:09:24Z","ModifiedDate":"2023-09-03T06:23:38Z","PwnCount":383468,"Description":"In January 2020, \u003Ca href=\u0022https://www.elespanol.com/omicrono/20200308/comprado-camiseta-pampling-cambia-contrasena-seguridad/473202676_0.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe online clothing retailer Pampling suffered a data breach\u003C/a\u003E that exposed 383k unique customer email addresses. The data was later shared on a popular hacking forum and also included names, usernames and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pampling.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pandabuy","Title":"Pandabuy","Domain":"pandabuy.com","BreachDate":"2024-03-31","AddedDate":"2024-04-01T08:34:24Z","ModifiedDate":"2024-04-01T08:34:24Z","PwnCount":1348407,"Description":"In March 2024, \u003Ca href=\u0022https://twitter.com/troyhunt/status/1774704266500043067\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum\u003C/a\u003E. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to \u0026quot;Sanggiero\u0026quot; and \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pandabuy.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ParagonCheats","Title":"Paragon Cheats","Domain":"paragoncheats.com","BreachDate":"2021-05-22","AddedDate":"2022-05-14T02:26:40Z","ModifiedDate":"2022-05-14T02:32:52Z","PwnCount":188089,"Description":"In May 2021, the Grand Theft Auto Online cheats website \u003Ca href=\u0022https://screenrant.com/gta-online-cheater-mod-shut-down/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EParagon Cheats suffered a data breach that lead to the shutdown of the service\u003C/a\u003E. The breach exposed 188k customer records including usernames, email and IP addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;VRAirhead and xFueY\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ParagonCheats.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ParkMobile","Title":"ParkMobile","Domain":"parkmobile.io","BreachDate":"2021-03-21","AddedDate":"2021-04-30T03:07:24Z","ModifiedDate":"2021-04-30T03:07:24Z","PwnCount":20949825,"Description":"In March 2021, the mobile parking app service \u003Ca href=\u0022https://krebsonsecurity.com/2021/04/parkmobile-breach-exposes-license-plate-data-mobile-numbers-of-21m-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EParkMobile suffered a data breach which exposed 21 million customers\u0027 personal data\u003C/a\u003E. The impacted data included email addresses, names, phone numbers, vehicle licence plates and passwords stored as bcrypt hashes. The following month, the data appeared on a public hacking forum where it was extensively redistributed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ParkMobile.png","DataClasses":["Email addresses","Licence plates","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Patreon","Title":"Patreon","Domain":"patreon.com","BreachDate":"2015-10-01","AddedDate":"2015-10-02T02:29:20Z","ModifiedDate":"2021-08-10T06:52:47Z","PwnCount":2330382,"Description":"In October 2015, the crowdfunding site \u003Ca href=\u0022http://www.zdnet.com/article/patreon-hacked-anonymous-patrons-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPatreon was hacked\u003C/a\u003E and over 16GB of data was released publicly. The dump included almost 14GB of database records with more than 2.3M unique email addresses, millions of personal messages and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Patreon.png","DataClasses":["Email addresses","Passwords","Payment histories","Physical addresses","Private messages","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PayAsUGym","Title":"PayAsUGym","Domain":"payasugym.com","BreachDate":"2016-12-15","AddedDate":"2016-12-17T06:45:44Z","ModifiedDate":"2016-12-17T06:45:44Z","PwnCount":400260,"Description":"In December 2016, \u003Ca href=\u0022https://twitter.com/real_1x0123/status/809443917984911364\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean attacker breached PayAsUGym\u0027s website\u003C/a\u003E exposing over 400k customers\u0027 personal data. The data was consequently leaked publicly and broadly distributed via Twitter. The leaked data contained personal information including email addresses and passwords hashed using MD5 without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PayAsUGym.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PayHere","Title":"PayHere","Domain":"payhere.lk","BreachDate":"2022-03-27","AddedDate":"2022-05-02T05:26:25Z","ModifiedDate":"2022-05-02T08:27:23Z","PwnCount":1580249,"Description":"In late March 2022, the Sri Lankan payment gateway \u003Ca href=\u0022https://www.yoshlk.me/technicity/payhere-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPayHere suffered a data breach that exposed more than 65GB of payment records\u003C/a\u003E including over 1.5M unique email addresses. The data also included IP and physical addresses, names, phone numbers, purchase histories and partially obfuscated credit card data (card type, first 6 and last 4 digits plus expiry date). A month later, PayHere published a blog on the incident titled \u003Ca href=\u0022https://blog.payhere.lk/ensuring-integrity-on-payhere-cybersecurity-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEnsuring Integrity on PayHere Cybersecurity Incident\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PayHere.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PaySystemTech","Title":"PaySystem.tech","Domain":"paysystem.tech","BreachDate":"2022-04-29","AddedDate":"2023-10-08T23:07:02Z","ModifiedDate":"2023-10-08T23:07:02Z","PwnCount":1410764,"Description":"In mid-2022, \u003Ca href=\u0022https://twitter.com/troyhunt/status/1711145477872431529\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata alleged to have been sourced from the Russian payment provider PaySystem.tech appeared in hacking circles where it was made publicly available for download\u003C/a\u003E. Consisting of 16M rows with 1.4M unique email addresses, the data also included purchases and full credit card numbers and expiry dates. The data could not be independently attributed back to PaySystem.tech and the breach has been flagged as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PaySystemTech.png","DataClasses":["Credit cards","Email addresses","Purchases"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Paytm","Title":"Paytm","Domain":"paytm.com","BreachDate":"2020-08-30","AddedDate":"2022-07-26T23:17:02Z","ModifiedDate":"2022-07-29T00:10:06Z","PwnCount":3395101,"Description":"In August 2020, the Indian payment provider \u003Ca href=\u0022https://economictimes.indiatimes.com/tech/internet/paytm-mall-suffers-massive-breach-ransom-demanded-report/articleshow/77833664.cms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPaytm was reported as having suffered a data breach and subsequent ransom demand\u003C/a\u003E, after which the data was circulated publicly. Further investigation into the data concluded that \u003Ca href=\u0022https://twitter.com/troyhunt/status/1552808334759043073 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe breach was fabricated and did not originate from Paytm\u003C/a\u003E. The impacted data covered 3.4M unique email addresses along with names, phone numbers, genders, dates of birth, income levels and previous purchases.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Paytm.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Income levels","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":true,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"pcTattletale","Title":"pcTattletale","Domain":"pctattletale.com","BreachDate":"2024-05-25","AddedDate":"2024-05-25T21:38:18Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":138751,"Description":"In May 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-defaces-spyware-apps-site-dumps-database-and-source-code/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe spyware service pcTattletale suffered a data breach that defaced the website and posted tens of gigabytes of data to the homepage\u003C/a\u003E, allegedly due to pcTattletale not responding to a previous security vulnerability report. The breach exposed data including membership records, infected PC names, captured messages and extensive logs of IP addresses and device information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/pcTattletale.png","DataClasses":["Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","SMS messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Peatix","Title":"Peatix","Domain":"peatix.com","BreachDate":"2019-01-20","AddedDate":"2020-12-06T22:53:53Z","ModifiedDate":"2020-12-06T22:53:53Z","PwnCount":4227907,"Description":"In January 2019, the event organising platform \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-the-user-data-of-event-management-app-peatix/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPeatix suffered a data breach\u003C/a\u003E. The incident exposed 4.2M email addresses, names and salted password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Peatix.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pemiblanc","Title":"Pemiblanc","Domain":"pemiblanc.com","BreachDate":"2018-04-02","AddedDate":"2018-07-09T22:16:26Z","ModifiedDate":"2018-07-09T22:16:26Z","PwnCount":110964206,"Description":"In April 2018, a credential stuffing list containing 111 million email addresses and passwords known as \u003Ca href=\u0022https://www.troyhunt.com/the-111-million-pemiblanc-credential-stuffing-list\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPemiblanc\u003C/a\u003E was discovered on a French server. The list contained email addresses and passwords collated from different data breaches and used to mount account takeover attacks against other services. \u003Ca href=\u0022https://www.troyhunt.com/the-111-million-pemiblanc-credential-stuffing-list\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about the incident.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PeoplesEnergy","Title":"People\u0027s Energy","Domain":"peoplesenergy.co.uk","BreachDate":"2020-12-16","AddedDate":"2021-02-23T03:25:44Z","ModifiedDate":"2021-11-25T22:08:12Z","PwnCount":358822,"Description":"In December 2020, the UK power company \u003Ca href=\u0022https://www.bbc.com/news/technology-55350995\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPeople\u0027s Energy suffered a data breach\u003C/a\u003E. The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers, physical addresses and dates of birth. The incident also included People\u0027s Energy staff email addresses and bcrypt password hashes (no customer passwords were exposed). The data was provided to HIBP by a source who requested it be attributed to pom@pompur.in.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PeoplesEnergy.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PetFlow","Title":"PetFlow","Domain":"petflow.com","BreachDate":"2017-12-09","AddedDate":"2020-05-26T02:48:24Z","ModifiedDate":"2020-05-26T02:48:24Z","PwnCount":990919,"Description":"In December 2017, the pet care delivery service \u003Ca href=\u0022https://techcrunch.com/2019/02/14/hacker-strikes-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPetFlow suffered a data breach which consequently appeared for sale on a dark web marketplace\u003C/a\u003E. Almost 1M accounts were impacted and exposed email addresses and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PetFlow.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CERTPolandPhish","Title":"Phished Data via CERT Poland","Domain":"","BreachDate":"2023-02-25","AddedDate":"2023-08-31T05:53:44Z","ModifiedDate":"2023-08-31T05:53:44Z","PwnCount":67943,"Description":"In August 2023, \u003Ca href=\u0022https://www.troyhunt.com/68k-polish-phishing-victims-are-now-searchable-in-have-i-been-pwned-courtesy-of-cert-poland\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECERT Poland observed a phishing campaign that collected credentials from 68k victims\u003C/a\u003E. The campaign collected email addresses and passwords via a phishing email masquerading as a purchase order confirmation. CERT Poland identified a further 202 other phishing campaigns operating on the same C2 server, which has now been dismantled.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"Phoenix","Title":"Phoenix","Domain":"phoenixim.ddns.net","BreachDate":"2021-06-05","AddedDate":"2023-10-17T02:27:58Z","ModifiedDate":"2023-10-17T02:27:58Z","PwnCount":74776,"Description":"In mid-2021, the \u0026quot;vintage messaging reborn\u0026quot; service \u003Ca href=\u0022https://prnt.sc/_t-Usfo2rHqP\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPhoenix suffered a data breach\u003C/a\u003E that exposed 75k unique email addresses. The breach also exposed IP addresses, usernames and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Phoenix.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PhoneHouse","Title":"Phone House Espa\u00F1a","Domain":"phonehouse.es","BreachDate":"2021-04-08","AddedDate":"2021-04-22T05:59:07Z","ModifiedDate":"2021-04-22T05:59:07Z","PwnCount":5223350,"Description":"In April 2021, the Spanish retailer \u003Ca href=\u0022https://thetechzone.online/cyberattack-on-phone-house-with-ransomware-and-possible-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPhone House allegedly suffered a ransomware attack that also exposed significant volumes of customer data\u003C/a\u003E. Attributed to the Babuk ransomware, a collection of data alleged to be a subset of a larger corpus was posted to a dark web site and contained 5.2M email addresses along with names, nationalities, genders, dates of birth, phone numbers and physical addresses. Phone House has been threatened with further releases if a ransom is not paid.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PhoneHouse.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Nationalities","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PHPFreaks","Title":"PHP Freaks","Domain":"phpfreaks.com","BreachDate":"2015-10-27","AddedDate":"2015-10-30T14:19:52Z","ModifiedDate":"2015-10-30T14:19:52Z","PwnCount":173891,"Description":"In October 2015, the PHP discussion board \u003Ca href=\u0022http://forums.phpfreaks.com/topic/298874-alert-the-phpfreaks-forum-members-data-appears-to-have-been-stolen\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPHP Freaks was hacked\u003C/a\u003E and 173k user accounts were publicly leaked. The breach included multiple personal data attributes as well as salted and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PHPFreaks.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PipingRock","Title":"Piping Rock","Domain":"pipingrock.com","BreachDate":"2024-04-24","AddedDate":"2024-04-26T01:13:39Z","ModifiedDate":"2024-04-26T01:13:39Z","PwnCount":2103100,"Description":"In April 2024, \u003Ca href=\u0022https://cybernews.com/news/piping-rock-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2.1M email addresses from the online health products store Piping Rock were publicly posted to a popular hacking forum\u003C/a\u003E. The data also included names, phone numbers and physical addresses. The account posting the data had previously posted multiple other data breaches which all appear to have been obtained from the Shopify service used by the respective websites.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PipingRock.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PixelFederation","Title":"Pixel Federation","Domain":"pixelfederation.com","BreachDate":"2013-12-04","AddedDate":"2013-12-06T00:00:00Z","ModifiedDate":"2013-12-06T00:00:00Z","PwnCount":38108,"Description":"In December 2013, a \u003Ca href=\u0022http://www.cyberwarnews.info/2013/12/04/pixel-federation-hacked-38000-user-credentials-leaked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreach of the web-based game community based in Slovakia\u003C/a\u003E exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PixelFederation.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pixlr","Title":"Pixlr","Domain":"pixlr.com","BreachDate":"2020-10-07","AddedDate":"2021-02-01T03:40:29Z","ModifiedDate":"2021-02-01T03:40:29Z","PwnCount":1906808,"Description":"In October 2020, the online photo editing application \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-posts-19-million-pixlr-user-records-for-free-on-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPixlr suffered a data breach\u003C/a\u003E exposing 1.9 million subscribers. Impacted data included names, email addresses, social media profiles, the country signed up from and passwords stored as SHA-512 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pixlr.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"piZap","Title":"piZap","Domain":"pizap.com","BreachDate":"2017-12-07","AddedDate":"2019-07-16T05:43:27Z","ModifiedDate":"2019-07-16T05:43:27Z","PwnCount":41817893,"Description":"In approximately December 2017, the online photo editing site \u003Ca href=\u0022https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EpiZap suffered a data breach\u003C/a\u003E. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in February 2019. A total of 42 million unique email addresses were included in the breach alongside names, genders and links to Facebook profiles when the social media platform was used to authenticate to piZap. When accounts were created directly on piZap without using Facebook for authentication, passwords stored as SHA-1 hashes were also exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/piZap.png","DataClasses":["Email addresses","Genders","Geographic locations","Names","Passwords","Social media profiles","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlanetCalypso","Title":"Planet Calypso","Domain":"planetcalypsoforum.com","BreachDate":"2019-07-01","AddedDate":"2020-01-12T09:48:57Z","ModifiedDate":"2020-01-12T09:48:57Z","PwnCount":62261,"Description":"In approximately July 2019, \u003Ca href=\u0022http://www.planetcalypsoforum.com/forums/showthread.php?311854-ET-or-Planet-Forums-ever-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forums for the Planet Calypso game suffered a data breach\u003C/a\u003E. The breach of the vBulletin based forum exposed email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlanetCalypso.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlanetIce","Title":"Planet Ice","Domain":"planet-ice.co.uk","BreachDate":"2023-01-14","AddedDate":"2023-01-31T02:00:53Z","ModifiedDate":"2023-01-31T02:00:53Z","PwnCount":240488,"Description":"In January 2023, the UK-based ice skating rink booking service \u003Ca href=\u0022https://www.bristolpost.co.uk/news/bristol-news/bristol-planet-ice-cyber-attack-8076491\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPlanet Ice suffered a data breach\u003C/a\u003E. The incident exposed the personal data of 240k people including email and physical addresses, phone numbers, genders, dates of birth and passwords stored as MD5 hashes. The data also included the names, genders and dates of birth of children having parties.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlanetIce.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Playbook","Title":"Playbook","Domain":"playbook.vc","BreachDate":"2020-10-19","AddedDate":"2021-10-11T23:39:05Z","ModifiedDate":"2021-10-11T23:39:05Z","PwnCount":50538,"Description":"In September 2021, \u003Ca href=\u0022https://www.bankinfosecurity.com/articles.php?art_id=17696\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea publicly accessible PostgresSQL database belonging to the Playbook service was identified\u003C/a\u003E. Run by VC firm Plug and Play Ventures, the database had been exposed since October 2020 and contained more than 50 thousand unique email addresses along with names, phone numbers, job titles and passwords stored as PBKDF2 hashes. It took more than 2 weeks after being notified of the exposed data to properly secure it. It\u0027s unknown whether Plug and Play Ventures notified impacted individuals as they ceased responding to queries from the press.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Playbook.png","DataClasses":["Email addresses","Job titles","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlayCyberGames","Title":"PlayCyberGames","Domain":"playcybergames.com","BreachDate":"2023-08-09","AddedDate":"2023-08-31T02:22:55Z","ModifiedDate":"2023-08-31T02:22:55Z","PwnCount":3681753,"Description":"In August 2023, PlayCyberGames which \u0026quot;allows users to play any games with LAN function or games using IP address\u0026quot; suffered a data breach which exposed 3.7M customer records. The data included email addresses, usernames and MD5 password hashes with a constant value in the \u0026quot;salt\u0026quot; field. PlayCyberGames did not respond to multiple attempts to disclose the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlayCyberGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Plex","Title":"Plex","Domain":"plex.tv","BreachDate":"2015-07-02","AddedDate":"2016-02-08T01:35:48Z","ModifiedDate":"2016-02-08T01:35:48Z","PwnCount":327314,"Description":"In July 2015, the discussion forum for Plex media centre \u003Ca href=\u0022https://blog.plex.tv/2015/07/02/security-notice-forum-user-password-resets\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and over 327k accounts exposed\u003C/a\u003E. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Plex.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlutoTV","Title":"Pluto TV","Domain":"pluto.tv","BreachDate":"2018-10-12","AddedDate":"2020-12-05T22:27:36Z","ModifiedDate":"2020-12-05T22:36:02Z","PwnCount":3225080,"Description":"In October 2018, the internet television service \u003Ca href=\u0022https://www.vice.com/en/article/88a8ma/pluto-tv-hacked-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPluto TV suffered a data breach\u003C/a\u003E which was then shared extensively in hacking communities. Pluto TV \u0026quot;decided not to proactively inform users of the breach\u0026quot; which contained 3.2M unique email and IP addresses, names, usernames, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlutoTV.png","DataClasses":["Dates of birth","Device information","Email addresses","Genders","IP addresses","Names","Passwords","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pokebip","Title":"Pok\u00E9bip","Domain":"pokebip.com","BreachDate":"2015-07-28","AddedDate":"2016-09-09T04:43:00Z","ModifiedDate":"2016-09-09T04:43:00Z","PwnCount":657001,"Description":"In July 2015, the French Pok\u00E9mon site \u003Ca href=\u0022https://www.pokebip.com/news3382__message_de_securite_de_l_equipe_pokebip_.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9bip suffered a data breach\u003C/a\u003E which exposed 657k subscriber identities. The data included email and IP addresses, usernames and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pokebip.png","DataClasses":["Email addresses","IP addresses","Passwords","Time zones","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PokemonCreed","Title":"Pok\u00E9mon Creed","Domain":"pokemoncreed.net","BreachDate":"2014-08-08","AddedDate":"2014-08-10T00:03:59Z","ModifiedDate":"2014-08-10T00:03:59Z","PwnCount":116465,"Description":"In August 2014, the Pok\u00E9mon RPG website \u003Ca href=\u0022http://pokemoncreed.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9mon Creed\u003C/a\u003E was hacked after a dispute with rival site, \u003Ca href=\u0022http://pkmndusk.in\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9mon Dusk\u003C/a\u003E. In a \u003Ca href=\u0022https://www.facebook.com/ramandeep.s.dehal/posts/749666358442465\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epost on Facebook\u003C/a\u003E, \u0026quot;Cruz Dusk\u0026quot; announced the hack then pasted the dumped MySQL database on \u003Ca href=\u0022http://pkmndusk.in\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epkmndusk.in\u003C/a\u003E. The breached data included over 116k usernames, email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PokemonCreed.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PokemonNegro","Title":"Pok\u00E9mon Negro","Domain":"pokemonnegro.com","BreachDate":"2016-10-01","AddedDate":"2017-01-03T20:45:24Z","ModifiedDate":"2017-01-03T20:45:24Z","PwnCount":830155,"Description":"In approximately October 2016, the Spanish Pok\u00E9mon site \u003Ca href=\u0022http://pokemonnegro.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9mon Negro\u003C/a\u003E suffered a data breach. The attack resulted in the disclosure of 830k accounts including email and IP addresses along with plain text passwords. Pok\u00E9mon Negro did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PokemonNegro.png","DataClasses":["Email addresses","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PoliceOne","Title":"PoliceOne","Domain":"policeone.com","BreachDate":"2014-07-01","AddedDate":"2017-11-15T07:57:11Z","ModifiedDate":"2017-11-15T07:57:11Z","PwnCount":709926,"Description":"In February 2017, the law enforcement website \u003Ca href=\u0022http://www.zdnet.com/article/police-forum-hacked-thousands-of-records-for-sale-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPoliceOne confirmed they\u0027d suffered a data breach\u003C/a\u003E. The breach contained over 700k accounts which appeared for sale by a data broker and included email and IP addresses, usernames and salted MD5 password hashes. The file the data was contained in indicated the original breach dated back to July 2014.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PoliceOne.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PolishCredentials","Title":"Polish Credentials","Domain":"","BreachDate":"2023-05-29","AddedDate":"2023-05-30T23:13:32Z","ModifiedDate":"2023-05-30T23:13:32Z","PwnCount":1204870,"Description":"In May 2023, \u003Ca href=\u0022https://zaufanatrzeciastrona.pl/post/kilka-milionow-loginow-i-hasel-z-polski-wycieklo-do-sieci/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum\u003C/a\u003E. Likely obtained by malware running on victims\u0027 machines, each record included an email address and plain text password alongside the website the credentials were used on. The data included 1.2M unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PolishCredentials.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Poshmark","Title":"Poshmark","Domain":"poshmark.com","BreachDate":"2018-05-16","AddedDate":"2019-09-02T03:36:05Z","ModifiedDate":"2019-09-02T03:44:37Z","PwnCount":36395491,"Description":"In mid-2018, social commerce marketplace \u003Ca href=\u0022https://techcrunch.com/2019/08/01/poshmark-confirms-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPoshmark suffered a data breach\u003C/a\u003E that exposed 36M user accounts. The compromised data included email addresses, names, usernames, genders, locations and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Poshmark.png","DataClasses":["Email addresses","Genders","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Powerbot","Title":"Powerbot","Domain":"powerbot.org","BreachDate":"2014-09-01","AddedDate":"2017-07-01T16:12:37Z","ModifiedDate":"2017-07-01T16:12:37Z","PwnCount":503501,"Description":"In approximately September 2014, the RuneScape bot website \u003Ca href=\u0022https://www.powerbot.org\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPowerbot\u003C/a\u003E suffered a data breach resulting in the exposure of over half a million unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Powerbot.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PPCGeeks","Title":"PPCGeeks","Domain":"ppcgeeks.com","BreachDate":"2016-08-19","AddedDate":"2022-07-18T22:20:50Z","ModifiedDate":"2022-07-18T22:20:50Z","PwnCount":492518,"Description":"In August 2016, the pocket PC fan site forum \u003Ca href=\u0022https://web.archive.org/web/20210227221024/https://forum.ppcgeeks.com/site-news-announcements/153465-urgent-ppcgeeks-hacked-database-dumped.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPPCGeeks suffered a data breach that exposed over 490k records\u003C/a\u003E. The breach of the vBulletin forum exposed email and IP addresses, usernames, dates of birth and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;fall1984@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PPCGeeks.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PreenMe","Title":"Preen.Me","Domain":"preen.me","BreachDate":"2020-05-25","AddedDate":"2022-05-26T00:58:43Z","ModifiedDate":"2022-05-26T00:58:43Z","PwnCount":236105,"Description":"In May 2020, social media marketing company \u003Ca href=\u0022https://www.riskbasedsecurity.com/2020/06/24/personal-data-of-350000-social-media-influencers-and-users-compromised-following-preen-me-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPreen.Me was the target of a ransom attack that resulted in hundreds of thousands of records being publicly posted\u003C/a\u003E. Over 236k unique email addresses were exposed in the attack alongside names, usernames and links to social media profiles.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PreenMe.png","DataClasses":["Email addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ProctorU","Title":"ProctorU","Domain":"proctoru.com","BreachDate":"2020-06-26","AddedDate":"2020-08-06T09:37:17Z","ModifiedDate":"2020-08-06T09:37:17Z","PwnCount":444453,"Description":"In June 2020, the online exam service \u003Ca href=\u0022https://www.smh.com.au/national/hackers-hit-university-online-exam-tool-20200806-p55j6h.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EProctorU suffered a data breach\u003C/a\u003E which was subsequently shared extensively across online hacking communities. The breach contained 444k user records including names, email and physical addresses, phones numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ProctorU.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ProgrammingForums","Title":"Programming Forums","Domain":"programmingforums.org","BreachDate":"2015-12-01","AddedDate":"2017-07-01T16:42:46Z","ModifiedDate":"2017-07-01T16:42:46Z","PwnCount":707432,"Description":"In approximately late 2015, the programming forum at \u003Ca href=\u0022http://www.programmingforums.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eprogrammingforums.org\u003C/a\u003E suffered a data breach resulting in the exposure of 707k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ProgrammingForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Promo","Title":"Promo","Domain":"promo.com","BreachDate":"2020-06-22","AddedDate":"2020-07-26T02:44:11Z","ModifiedDate":"2020-07-26T02:44:11Z","PwnCount":14610585,"Description":"In July 2020, the self-proclaimed \u0026quot;World\u0027s #1 Marketing Video Maker\u0026quot; \u003Ca href=\u0022https://support.promo.com/en/articles/4276475-promo-data-breach-faq\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPromo suffered a data breach\u003C/a\u003E which was then shared extensively on a hacking forum. The incident exposed 22 million records containing almost 15 million unique email addresses alongside IP addresses, genders, names and salted SHA-256 password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Promo.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Promofarma","Title":"Promofarma","Domain":"promofarma.com","BreachDate":"2019-08-03","AddedDate":"2020-11-01T07:11:46Z","ModifiedDate":"2020-11-03T10:19:52Z","PwnCount":1277761,"Description":"In August 2019, \u003Ca href=\u0022https://www.zdnet.com/article/data-of-21-million-mixcloud-users-put-up-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach from the Spanish online pharmacy Promofarma appeared for sale on a dark web marketplace\u003C/a\u003E. The breach exposed over 2.7M records and contained almost 1.3M unique customer email addresses. The data also included customer names and was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Promofarma.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PropTiger","Title":"PropTiger","Domain":"proptiger.com","BreachDate":"2018-01-30","AddedDate":"2020-03-24T07:21:44Z","ModifiedDate":"2020-03-24T07:30:36Z","PwnCount":2156921,"Description":"In January 2018, the Indian property website \u003Ca href=\u0022https://www.proptiger.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPropTiger\u003C/a\u003E suffered a data breach which resulted in a 3.46GB database file being exposed and subsequently shared extensively on a popular hacking forum 2 years later. The exposed data contained both user records and login histories with over 2M unique customer email addresses. Exposed data also included additional personal attributes such as names, dates of birth, genders, IP addresses and passwords stored as MD5 hashes. PropTiger advised they believe the usability of the data is \u0026quot;limited\u0026quot; due to how certain data attributes were generated and stored. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PropTiger.png","DataClasses":["Dates of birth","Device information","Email addresses","Genders","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Protemps","Title":"Protemps","Domain":"protemps.com.sg","BreachDate":"2021-10-04","AddedDate":"2021-12-20T02:36:08Z","ModifiedDate":"2021-12-20T02:57:50Z","PwnCount":49591,"Description":"In October 2021, the Singaporean recruitment website \u003Ca href=\u0022https://www.straitstimes.com/singapore/courts-crime/spore-employment-agency-hacked-ic-scans-and-salaries-of-40000-job-seekers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EProtemps suffered a data breach\u003C/a\u003E that exposed almost 50,000 unique email addresses. The impacted data includes names, email and physical addresses, phone numbers, passport numbers and passwords stored as unsalted MD5 hashes, among troves of other jobseeker data. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Protemps.png","DataClasses":["Email addresses","Genders","Job applications","Marital statuses","Names","Nationalities","Passport numbers","Passwords","Phone numbers","Physical addresses","Religions","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PS3Hax","Title":"PS3Hax","Domain":"ps3hax.net","BreachDate":"2015-07-01","AddedDate":"2016-02-07T04:44:49Z","ModifiedDate":"2016-02-07T04:44:49Z","PwnCount":447410,"Description":"In approximately July 2015, the Sony Playstation hacks and mods forum known as \u003Ca href=\u0022http://www.ps3hax.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPS3Hax\u003C/a\u003E was hacked and more than 447k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PS3Hax.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PSPISO","Title":"PSP ISO","Domain":"pspiso.com","BreachDate":"2015-09-25","AddedDate":"2017-01-29T07:28:23Z","ModifiedDate":"2017-01-29T07:28:23Z","PwnCount":1274070,"Description":"In approximately September 2015, the PlayStation PSP forum known as \u003Ca href=\u0022http://www.pspiso.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPSP ISO\u003C/a\u003E was hacked and almost 1.3 million accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PSPISO.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PSX-Scene","Title":"PSX-Scene","Domain":"psx-scene.com","BreachDate":"2015-02-01","AddedDate":"2016-02-07T03:46:46Z","ModifiedDate":"2016-02-07T03:46:46Z","PwnCount":341118,"Description":"In approximately February 2015, the Sony Playstation forum known as \u003Ca href=\u0022http://psx-scene.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPSX-Scene\u003C/a\u003E was hacked and more than 340k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PSX-Scene.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BVD","Title":"Public Business Data","Domain":"bvdinfo.com","BreachDate":"2021-08-19","AddedDate":"2023-10-09T07:05:10Z","ModifiedDate":"2023-12-06T22:45:20Z","PwnCount":27917714,"Description":"In approximately August 2021, \u003Ca href=\u0022https://kaduu.io/blog/2022/02/04/us-strategic-company-bureau-van-dijk-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehundreds of gigabytes of business data collated from public sources was obtained and later published to a popular hacking forum\u003C/a\u003E. Sourced from a customer of Bureau van Dijk\u0027s (BvD) \u0026quot;Orbis\u0026quot; product, the corpus of data released contained hundreds of millions of lines about corporations and individuals, including personal information such as names and dates of birth. The data also included 28M unique email addresses along with physical addresses (presumedly corporate locations), phone numbers and job titles. There was no unauthorised access to BvD\u0027s systems, nor did the incident expose any of their or parent company\u0027s Moody\u0027s clients.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Qakbot","Title":"Qakbot","Domain":"","BreachDate":"2023-08-29","AddedDate":"2023-08-29T19:40:03Z","ModifiedDate":"2023-08-29T19:40:03Z","PwnCount":6431319,"Description":"In August 2023, \u003Ca href=\u0022https://www.troyhunt.com/data-from-the-qakbot-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure\u003C/a\u003E. After the takedown, 6.43M email addresses were provided to HIBP to help notify victims of the malware.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":true},{"Name":"QatarNationalBank","Title":"Qatar National Bank","Domain":"qnb.com","BreachDate":"2015-07-01","AddedDate":"2016-05-01T01:06:35Z","ModifiedDate":"2016-05-01T01:06:35Z","PwnCount":88678,"Description":"In July 2015, the Qatar National Bank \u003Ca href=\u0022http://www.theregister.co.uk/2016/04/25/breaking_qatar_bank_hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach\u003C/a\u003E which exposed 15k documents totalling 1.4GB and detailing more than 100k accounts with passwords and PINs. The incident was made public some 9 months later in April 2016 when the documents appeared publicly on a file sharing site. Analysis of the breached data suggests \u003Ca href=\u0022http://blog.trendmicro.co.uk/qatar-bank-breach-lifts-the-veil-on-targeted-attack-strategies/#more-520\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe attack began by exploiting a SQL injection flaw\u003C/a\u003E in the bank\u0027s website.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QatarNationalBank.png","DataClasses":["Bank account numbers","Customer feedback","Dates of birth","Financial transactions","Genders","Geographic locations","Government issued IDs","IP addresses","Marital statuses","Names","Passwords","Phone numbers","Physical addresses","PINs","Security questions and answers","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QIP","Title":"QIP","Domain":"qip.ru","BreachDate":"2011-06-01","AddedDate":"2017-01-08T22:23:19Z","ModifiedDate":"2017-01-08T22:23:19Z","PwnCount":26183992,"Description":"In mid-2011, the Russian instant messaging service known as \u003Ca href=\u0022http://securityaffairs.co/wordpress/51118/data-breach/qip-data-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EQIP (Quiet Internet Pager) suffered a data breach\u003C/a\u003E. The attack resulted in the disclosure of over 26 million unique accounts including email addresses and passwords with the data eventually appearing in public years later.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QIP.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QuantumBooter","Title":"Quantum Booter","Domain":"quantumbooter.net","BreachDate":"2014-03-18","AddedDate":"2015-04-04T06:40:05Z","ModifiedDate":"2015-04-04T06:40:05Z","PwnCount":48592,"Description":"In March 2014, the \u003Ca href=\u0022http://www.webopedia.com/TERM/B/booter_services.html\u0022\u003Ebooter service\u003C/a\u003E Quantum Booter (also referred to as Quantum Stresser) suffered a breach which lead to the disclosure of their internal database. The leaked data included private discussions relating to malicious activity Quantum Booter users were performing against online adversaries, including the IP addresses of those using the service to mount DDoS attacks.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QuantumBooter.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QuestionPro","Title":"QuestionPro","Domain":"questionpro.com","BreachDate":"2022-05-21","AddedDate":"2022-08-05T00:05:34Z","ModifiedDate":"2022-08-05T23:24:27Z","PwnCount":22229637,"Description":"In May 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hackers-try-to-extort-survey-firm-questionpro-after-alleged-data-theft/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach\u003C/a\u003E. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IP addresses, browser user agents and results relating to surveys. QuestionPro would not confirm whether a breach had occurred (although they did confirm they were the target of an extortion attempt), so the data was initially flagged as \u0026quot;unverified\u0026quot;. \u003Ca href=\u0022https://twitter.com/troyhunt/status/1555696116351377410\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESubsequent verification by impacted HIBP subscribers\u003C/a\u003E later led to the removal of the unverified flag.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QuestionPro.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Survey results"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Quidd","Title":"Quidd","Domain":"quidd.co","BreachDate":"2019-07-01","AddedDate":"2020-06-24T11:05:34Z","ModifiedDate":"2020-06-24T11:05:34Z","PwnCount":3805863,"Description":"In 2019, online marketplace for trading stickers, cards, toys, and other collectibles \u003Ca href=\u0022https://www.zdnet.com/article/account-details-for-4-million-quidd-users-shared-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EQuidd suffered a data breach\u003C/a\u003E. The breach exposed almost 4 million users\u0027 email addresses, usernames and passwords stored as bcrypt hashes. The data was subsequently sold then redistributed extensively via hacking forums.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Quidd.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QuinStreet","Title":"QuinStreet","Domain":"quinstreet.com","BreachDate":"2015-12-14","AddedDate":"2016-12-17T07:44:31Z","ModifiedDate":"2016-12-17T07:44:31Z","PwnCount":4907802,"Description":"In approximately late 2015, the maker of \u0026quot;performance marketing products\u0026quot; \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EQuinStreet\u003C/a\u003E had a number of their online assets compromised. The attack impacted 28 separate sites, predominantly technology forums such as \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eflashkit.com\u003C/a\u003E, \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ecodeguru.com\u003C/a\u003E and \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewebdeveloper.com\u003C/a\u003E (\u003Ca href=\u0022http://pastebin.com/raw/6p50GgCV\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eview a full list of sites\u003C/a\u003E). QuinStreet advised that impacted users have been notified and passwords reset. The data contained details on over 4.9 million people and included email addresses, dates of birth and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QuinStreet.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"R2-2017","Title":"R2 (2017 forum breach)","Domain":"r2games.com","BreachDate":"2017-01-01","AddedDate":"2017-04-25T11:04:29Z","ModifiedDate":"2017-04-25T11:04:29Z","PwnCount":1023466,"Description":"In early 2017, the forum for the gaming website \u003Ca href=\u0022http://www.csoonline.com/article/3192246/security/r2games-compromised-again-over-one-million-accounts-exposed.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ER2 Games was hacked\u003C/a\u003E. R2 had previously appeared on HIBP in 2015 after a prior incident. This one exposed over 1 million unique user accounts and corresponding MD5 password hashes with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/R2Games.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"R2Games","Title":"R2Games","Domain":"r2games.com","BreachDate":"2015-11-01","AddedDate":"2016-02-09T12:20:35Z","ModifiedDate":"2016-02-09T12:20:35Z","PwnCount":22281337,"Description":"In late 2015, the gaming website \u003Ca href=\u0022https://www.r2games.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ER2Games\u003C/a\u003E was hacked and more than 2.1M personal records disclosed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 11M accounts were added to \u0022Have I Been Pwned\u0022 in March 2016 and another 9M in July 2016 bringing the total to over 22M.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/R2Games.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RaidForums","Title":"RaidForums","Domain":"raidforums.com","BreachDate":"2020-09-24","AddedDate":"2023-05-31T01:43:34Z","ModifiedDate":"2023-05-31T02:12:05Z","PwnCount":478604,"Description":"In May 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/new-hacking-forum-leaks-data-of-478-000-raidforums-members/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E478k user records from the now defunct hacking forum known as \u0026quot;RaidForums\u0026quot; was posted to another hacking forum\u003C/a\u003E. The data dated back to September 2020 and included email addresses, usernames, dates of birth, IP addresses and passwords stored as Argon2 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RaidForums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RailYatri","Title":"RailYatri","Domain":"railyatri.in","BreachDate":"2022-12-26","AddedDate":"2023-12-05T07:17:53Z","ModifiedDate":"2023-12-05T07:17:53Z","PwnCount":23209732,"Description":"In December 2022, India\u2019s government-approved online travel agency \u003Ca href=\u0022https://cybersecuritynews.com/railyatri-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERailYatri suffered a data breach\u003C/a\u003E. The incident impacted over 31M customers and exposed 23M unique email addresses. Also impacted were names, genders, phone numbers and tickets purchased, including travel information and fares.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RailYatri.png","DataClasses":["Email addresses","Genders","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Rambler","Title":"Rambler","Domain":"rambler.ru","BreachDate":"2014-03-01","AddedDate":"2016-11-01T09:33:34Z","ModifiedDate":"2016-11-01T09:33:34Z","PwnCount":91436280,"Description":"In late 2016, a data dump of almost 100M accounts from Rambler, sometimes referred to as \u0026quot;The Russian Yahoo\u0026quot;, \u003Ca href=\u0022http://www.zdnet.com/article/russian-portal-email-provider-rambler-hacked-98-million-accounts-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas discovered being traded online\u003C/a\u003E. The data set provided to Have I Been Pwned included 91M unique usernames (which also form part of Rambler email addresses) and plain text passwords. According to Rambler, the data dates back to March 2014.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Rambler.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Rankwatch","Title":"RankWatch","Domain":"rankwatch.com","BreachDate":"2016-11-19","AddedDate":"2017-11-03T07:04:08Z","ModifiedDate":"2017-11-03T07:04:08Z","PwnCount":7445067,"Description":"In approximately November 2016, the search engine optimisation management company \u003Ca href=\u0022https://www.rankwatch.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERankWatch\u003C/a\u003E exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called \u0026quot;us_emails\u0026quot;. When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being \u0026quot;in the same vein as the modbsolutions leak\u0026quot;, \u003Ca href=\u0022https://haveibeenpwned.com/PwnedWebsites#ModernBusinessSolutions\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large list of corporate data allegedly used for spam purposes\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Rankwatch.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Raychat","Title":"Raychat","Domain":"raychat.ir","BreachDate":"2021-01-31","AddedDate":"2021-07-04T00:52:38Z","ModifiedDate":"2021-07-04T00:52:38Z","PwnCount":938981,"Description":"In January 2021, the now defunct Iranian social media platform \u003Ca href=\u0022https://www.gizmodo.com.au/2021/02/iranian-chat-app-gets-its-data-wiped-out-in-a-cyberattack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERaychat suffered a data breach that exposed 939 thousand unique email addresses\u003C/a\u003E. The data included names, IP addresses, browser user agent strings and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Raychat.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RbxRocks","Title":"Rbx.Rocks","Domain":"rbx.rocks","BreachDate":"2018-08-06","AddedDate":"2018-11-07T13:26:42Z","ModifiedDate":"2019-07-27T14:58:29Z","PwnCount":149958,"Description":"In August 2018, the Roblox trading site \u003Ca href=\u0022https://rbx.rocks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERbx.Rocks\u003C/a\u003E suffered a data breach. Almost 25k records were sent to HIBP in November and included names, email addresses and passwords stored as bcrypt hashes. In July 2019, a further 125k records emerged bringing the total size of the incident to 150k. The website has since gone offline with a message stating that \u0026quot;Rbx.Rocks v2.0 is currently under construction\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RbxRocks.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ReadNovel","Title":"Read Novel","Domain":"readnovel.com","BreachDate":"2019-05-01","AddedDate":"2022-05-16T08:41:14Z","ModifiedDate":"2022-05-16T08:41:14Z","PwnCount":22424472,"Description":"In May 2019, the Chinese literature website \u003Ca href=\u0022https://www.readnovel.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead Novel\u003C/a\u003E allegedly suffered a data breach that exposed 22M unique email addresses. Data also included usernames, genders, phone numbers and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ReadNovel.png","DataClasses":["Email addresses","Genders","Passwords","Phone numbers","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RealEstateMogul","Title":"Real Estate Mogul","Domain":"realestatemogul.com","BreachDate":"2016-09-06","AddedDate":"2018-09-24T05:08:57Z","ModifiedDate":"2018-09-24T05:08:57Z","PwnCount":307768,"Description":"In September 2016, the real estate investment site \u003Ca href=\u0022https://realestatemogul.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EReal Estate Mogul\u003C/a\u003E had a Mongo DB instance compromised and 5GB of data downloaded by an unauthorised party. The data contained real estate listings including addresses and the names, phone numbers and 308k unique email addresses of the sellers. Real Estate Mogul was advised of the incident in September 2018 and stated that they \u0026quot;found no instance of user account credentials like usernames and passwords nor billing information within this file\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RealEstateMogul.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RealDudesInc","Title":"RealDudesInc","Domain":"realdudesinc.com","BreachDate":"2022-10-22","AddedDate":"2023-02-19T04:52:21Z","ModifiedDate":"2023-02-19T04:52:21Z","PwnCount":101543,"Description":"In October 2022, the GTA mod menu provider \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1584795069260869632\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERealDudesInc suffered a data breach\u003C/a\u003E that exposed over 100k email addresses (many of which are temporary guest account addresses). The breach also included usernames and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RealDudesInc.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RedDoorz","Title":"RedDoorz","Domain":"reddoorz.com","BreachDate":"2020-09-04","AddedDate":"2022-01-28T03:44:12Z","ModifiedDate":"2022-01-28T03:44:12Z","PwnCount":5890277,"Description":"In September 2020, the hotel management \u0026amp; booking platform \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/58-million-reddoorz-user-records-for-sale-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERedDoorz suffered a data breach that exposed over 5.8M user accounts\u003C/a\u003E. The breached data included names, email addresses, phone numbers, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RedDoorz.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Occupations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RedLineStealer","Title":"RedLine Stealer","Domain":"","BreachDate":"2021-12-05","AddedDate":"2021-12-30T05:24:21Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":441657,"Description":"In December 2021, \u003Ca href=\u0022https://twitter.com/MayhemDayOne/status/1474749233475596292\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Elogs from the RedLine Stealer malware were left publicly exposed and were then obtained by security researcher Bob Diachenko\u003C/a\u003E. The data included 441 thousand unique email addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":false},{"Name":"BlueSnapRegpack","Title":"Regpack","Domain":"bluesnap.com","BreachDate":"2016-05-20","AddedDate":"2016-09-13T04:35:05Z","ModifiedDate":"2016-09-13T04:35:05Z","PwnCount":104977,"Description":"In July 2016, a tweet was posted with a link to an alleged data breach of \u003Ca href=\u0022http://bluesnap.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlueSnap, a global payment gateway and merchant account provider\u003C/a\u003E. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as \u003Ca href=\u0022http://www.regpacks.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERegpack\u003C/a\u003E was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled \u003Ca href=\u0022https://www.troyhunt.com/someone-just-lost-324k-payment-records-complete-with-cvvs/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESomeone just lost 324k payment records, complete with CVVs\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlueSnapRegpack.png","DataClasses":["Browser user agent details","Credit card CVV","Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Reincubate","Title":"Reincubate","Domain":"reincubate.com","BreachDate":"2017-05-11","AddedDate":"2020-10-29T06:01:21Z","ModifiedDate":"2020-10-29T06:06:15Z","PwnCount":616146,"Description":"In October 2020, the app data company \u003Ca href=\u0022https://reincubate.com/blog/security-incident-oct-2020/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EReincubate suffered a data breach\u003C/a\u003E which exposed a backup from November 2017 (the newest record in the data appeared several months earlier). The data included over 616k unique email addresses, names and passwords stored as PBKDF2 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Reincubate.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RentoMojo","Title":"RentoMojo","Domain":"rentomojo.com","BreachDate":"2023-04-15","AddedDate":"2023-05-10T22:36:01Z","ModifiedDate":"2023-05-10T22:36:01Z","PwnCount":2185697,"Description":"In April 2023, the Indian rental service \u003Ca href=\u0022https://www.indiatoday.in/technology/news/story/rentomojo-confirms-data-breach-attackers-accessed-identifiable-customer-information-2362942-2023-04-21\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERentoMojo suffered a data breach\u003C/a\u003E. The breach exposed over 2M unique email addresses along with names, phone, passport and Aadhaar numbers, genders, dates of birth, purchases and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RentoMojo.png","DataClasses":["Dates of birth","Email addresses","Genders","Government issued IDs","Names","Passport numbers","Passwords","Phone numbers","Purchases","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RepublicanPartyOfTexas","Title":"Republican Party of Texas","Domain":"texasgop.org","BreachDate":"2021-09-11","AddedDate":"2021-10-06T07:44:39Z","ModifiedDate":"2021-10-06T07:44:39Z","PwnCount":72596,"Description":"In September 2021, \u003Ca href=\u0022https://www.dailydot.com/debug/anonymous-texas-gop-epik/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Republican Party of Texas was hacked by a group claiming to be \u0026quot;Anonymous\u0026quot; in retaliation for the state\u0027s controversial abortion ban\u003C/a\u003E. The September defacement was followed by a leak of data and documents which included material from the hosting provider Epik. Impacted data included over 72 thousand unique email addresses across various tables, some also including names, geographic location data, IP addresses and browser user agents.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RepublicanPartyOfTexas.png","DataClasses":["Browser user agent details","Email addresses","Geographic locations","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RetinaX","Title":"Retina-X","Domain":"retinax.com","BreachDate":"2017-02-23","AddedDate":"2017-04-30T01:51:55Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":71153,"Description":"In February 2017, the mobile device monitoring software developer Retina-X was hacked and customer data downloaded before being wiped from their servers. The incident was covered in the Motherboard article titled \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/inside-stalkerware-surveillance-market-flexispy-retina-x\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInside the \u0027Stalkerware\u0027 Surveillance Market, Where Ordinary People Tap Each Other\u0027s Phones\u003C/a\u003E. The service, used to monitor mobile devices, had 71k email addresses and MD5 hashes with no salt exposed. Retina-X \u003Ca href=\u0022http://www.phonesheriff.com/blog/retina-x-studios-server-breached-by-hackers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edisclosed the incident in a blog post\u003C/a\u003E on April 27, 2017.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RetinaX.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Reverb-Nation","Title":"ReverbNation","Domain":"reverbnation.com","BreachDate":"2014-01-01","AddedDate":"2017-10-05T06:56:23Z","ModifiedDate":"2017-10-05T06:56:23Z","PwnCount":7040725,"Description":"In January 2014, the online service for assisting musicians to build their careers \u003Ca href=\u0022https://www.scmagazine.com/2014-breach-prompts-reverbnation-to-notify-customers/article/532492/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EReverbNation suffered a data breach which wasn\u0027t identified until September the following year\u003C/a\u003E. The breach contained over 7 million accounts with unique email addresses and salted SHA1 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Reverb-Nation.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Rightbiz","Title":"Rightbiz","Domain":"rightdev.co.uk","BreachDate":"2023-07-09","AddedDate":"2023-08-10T22:11:35Z","ModifiedDate":"2023-08-10T22:43:06Z","PwnCount":65376,"Description":"In June 2023, data belonging to the \u0026quot;UK\u0027s No.1 Business Marketplace\u0026quot; Rightbiz appeared on a popular hacking forum. Comprising of more than 18M rows of data, the breach included 65k unique email addresses along with names, phone numbers and physical address. Rightbiz didn\u0027t respond to mulitple attempts to disclose the incident. The data was provided to HIBP by a source who requested it be attributed to \u003Ca href=\u0022https://discord.gg/gN9C9em\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;https://discord.gg/gN9C9em\u0026quot;\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Rightbiz.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RiverCityMedia","Title":"River City Media Spam List","Domain":"rivercitymediaonline.com","BreachDate":"2017-01-01","AddedDate":"2017-03-08T23:49:53Z","ModifiedDate":"2017-03-08T23:49:53Z","PwnCount":393430309,"Description":"In January 2017, \u003Ca href=\u0022https://web.archive.org/web/20170426084052/https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive trove of data from River City Media was found exposed online\u003C/a\u003E. The data was found to contain almost 1.4 billion records including email and IP addresses, names and physical addresses, all of which was used as part of an enormous spam operation. Once de-duplicated, there were 393 million unique email addresses within the exposed data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Robinhood","Title":"Robinhood","Domain":"robinhood.com","BreachDate":"2021-11-03","AddedDate":"2022-03-03T22:47:32Z","ModifiedDate":"2022-03-03T22:47:32Z","PwnCount":5003937,"Description":"In November 2021, the online trading platform \u003Ca href=\u0022https://techcrunch.com/2021/11/09/robinhood-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERobinhood suffered a data breach\u003C/a\u003E after a customer service representative was socially engineered. The incident exposed over 5M customer email addresses and 2M customer names. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;Jarand Moen Romtviet\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Robinhood.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Roblox","Title":"Roblox","Domain":"roblox.com","BreachDate":"2016-07-31","AddedDate":"2023-07-23T03:51:55Z","ModifiedDate":"2023-07-23T04:01:44Z","PwnCount":52458,"Description":"In August 2016, \u003Ca href=\u0022https://roblox.fandom.com/wiki/2016_Roblox_security_breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERoblox disclosed a data breach that affected over 50k users\u003C/a\u003E. The security incident impacted email and IP addresses, usernames, purchases and Robux balances which were left exposed on a test server.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Roblox.png","DataClasses":["Account balances","Email addresses","IP addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RobloxDeveloperConference","Title":"Roblox Developer Conference (2023)","Domain":"rdcglobal.com","BreachDate":"2020-12-18","AddedDate":"2023-07-18T21:06:48Z","ModifiedDate":"2024-07-06T00:37:32Z","PwnCount":3943,"Description":"In July 2023, \u003Ca href=\u0022https://twitter.com/troyhunt/status/1681163196110098432\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea list of alleged attendees from the 2017-2020 Roblox Developers Conferences was circulated on a forum\u003C/a\u003E. The data contained 4k unique email addresses along with names, usernames, dates of birth, phone numbers, physical and IP addresses and T-shirt sizes","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Roblox.png","DataClasses":["Clothing sizes","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Roll20","Title":"Roll20","Domain":"roll20.net","BreachDate":"2018-12-26","AddedDate":"2019-07-19T14:26:05Z","ModifiedDate":"2019-07-19T14:26:05Z","PwnCount":3994436,"Description":"In December 2018, the tabletop role-playing games website \u003Ca href=\u0022https://app.roll20.net/forum/post/7209691/roll20-security-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERoll20 suffered a data breach\u003C/a\u003E. Almost 4 million customers were impacted by the breach and had email and IP addresses, names, bcrypt hashes of passwords and the last 4 digits of credit cards exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Roll20.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Romwe","Title":"Romwe","Domain":"romwe.com","BreachDate":"2018-06-01","AddedDate":"2021-01-18T09:15:42Z","ModifiedDate":"2021-01-18T09:15:42Z","PwnCount":19531820,"Description":"In mid-2018, the Hong Kong-based retailer \u003Ca href=\u0022https://finance.yahoo.com/finance/news/romwe-informs-shoppers-data-security-203054849.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERomwe suffered a data breach which exposed almost 20 million customers\u003C/a\u003E. The data was subsequently sold online and includes names, phone numbers, email and IP addresses, customer geographic locations and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Romwe.png","DataClasses":["Geographic locations","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RosebuttBoard","Title":"Rosebutt Board","Domain":"rosebuttboard.com","BreachDate":"2016-05-09","AddedDate":"2016-05-10T07:37:46Z","ModifiedDate":"2016-05-10T07:37:46Z","PwnCount":107303,"Description":"Some time prior to May 2016, \u003Ca href=\u0022https://motherboard.vice.com/read/rosebuttboard-ip-board\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum known as \u0026quot;Rosebutt Board\u0026quot; was hacked\u003C/a\u003E and 107k accounts were exposed. The self-described \u0026quot;top one board for anal fisting, prolapse, huge insertions and rosebutt fans\u0026quot; had email and IP addresses, usernames and weakly stored salted MD5 password hashes hacked from the IP.Board based forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RosebuttBoard.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RoyalEnfield","Title":"Royal Enfield","Domain":"royalenfield.com","BreachDate":"2019-01-01","AddedDate":"2022-03-31T21:13:58Z","ModifiedDate":"2022-03-31T21:13:58Z","PwnCount":420873,"Description":"In January 2020, motorcycle maker \u003Ca href=\u0022https://www.thequint.com/news/india/royal-enfield-exposed-database-containing-450000-customer-data-cyber-security-expert\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERoyal Enfield left a database publicly exposed that resulted in the inadvertent publication of over 400k customers\u003C/a\u003E. The impacted data included email and physical addresses, names, motorcycle information, social media profiles, passwords, and other personal information. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RoyalEnfield.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Social media profiles","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RussianAmerica","Title":"Russian America","Domain":"russianamerica.com","BreachDate":"2017-01-01","AddedDate":"2018-09-13T04:48:08Z","ModifiedDate":"2018-09-13T04:48:08Z","PwnCount":182717,"Description":"In approximately 2017, the website for Russian speakers in America known as \u003Ca href=\u0022http://www.russianamerica.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERussian America\u003C/a\u003E suffered a data breach. The incident exposed 183k unique records including names, email addresses, phone numbers and passwords stored in both plain text and as MD5 hashes. Russian America was contacted about the breach but did not respond.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RussianAmerica.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SalvadoranCitizens","Title":"Salvadoran Citizens","Domain":"","BreachDate":"2024-04-02","AddedDate":"2024-04-10T22:25:03Z","ModifiedDate":"2024-04-10T22:26:30Z","PwnCount":946989,"Description":"In April 2024, \u003Ca href=\u0022https://protos.com/hacker-doxxes-nearly-every-adult-in-el-salvador/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enearly 6 million records of Salvadoran citizens were published to a popular hacking forum\u003C/a\u003E. The data included names, dates of birth, phone numbers, physical addresses and nearly 1M unique email addresses. Further, over 5M corresponding profile photos were also included in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ElSalvadorFlag.png","DataClasses":["Dates of birth","Email addresses","Government issued IDs","Names","Phone numbers","Physical addresses","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SaverSpy","Title":"SaverSpy","Domain":"","BreachDate":"2018-09-18","AddedDate":"2018-09-25T10:59:05Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":2457420,"Description":"In September 2018, \u003Ca href=\u0022https://www.linkedin.com/pulse/another-e-marketing-database-11-million-records-bob-diachenko/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko discovered a massive collection of personal details exposed in an unprotected Mongo DB instance\u003C/a\u003E. The data appears to have been used in marketing campaigns (possibly for spam purposes) but had little identifying data about it other than a description of \u0026quot;Yahoo_090618_ SaverSpy\u0026quot;. The data set provided to HIBP had almost 2.5M unique email addresses (all of which were from Yahoo!) alongside names, genders and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Genders","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SCDailyPhoneSpamList","Title":"SC Daily Phone Spam List","Domain":"data4marketers.com","BreachDate":"2015-04-14","AddedDate":"2016-11-24T06:04:34Z","ModifiedDate":"2016-11-24T06:04:34Z","PwnCount":32939105,"Description":"In early 2015, a spam list known as \u003Ca href=\u0022http://www.data4marketers.com/2015APRspecials.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESC Daily Phone\u003C/a\u003E emerged containing almost 33M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. \u003Ca href=\u0022https://www.troyhunt.com/have-i-been-pwned-and-spam-lists-of-personal-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about spam lists in HIBP.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Scentbird","Title":"Scentbird","Domain":"scentbird.com","BreachDate":"2020-06-22","AddedDate":"2020-07-30T00:11:15Z","ModifiedDate":"2020-07-30T00:11:15Z","PwnCount":5814988,"Description":"In June 2020, the online fragrance service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EScentbird suffered a data breach\u003C/a\u003E that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of birth, passwords stored as bcrypt hashes and indicators of password strength were all exposed. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Scentbird.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Password strengths","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SchoolDistrict42","Title":"School District 42","Domain":"sd42.ca","BreachDate":"2023-01-15","AddedDate":"2023-02-02T05:27:50Z","ModifiedDate":"2023-02-02T08:16:17Z","PwnCount":18850,"Description":"In January 2023, \u003Ca href=\u0022https://www.mapleridgenews.com/news/maple-ridge-pitt-meadows-school-district-suffers-massive-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPitt Meadows School District 42 in British Columbia suffered a data breach\u003C/a\u003E. The incident exposed the names and email addresses of approximately 19k students and staff which were consequently redistributed on a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SchoolDistrict42.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Seedpeer","Title":"Seedpeer","Domain":"seedpeer.eu","BreachDate":"2015-07-12","AddedDate":"2016-03-09T02:49:28Z","ModifiedDate":"2016-03-09T02:49:28Z","PwnCount":281924,"Description":"In July 2015, the torrent site Seedpeer was hacked and 282k member records were exposed. The data included usernames, email addresses and passwords stored as weak MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Seedpeer.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sephora","Title":"Sephora","Domain":"sephora.com.au","BreachDate":"2017-01-09","AddedDate":"2019-10-06T15:14:12Z","ModifiedDate":"2019-10-06T15:14:12Z","PwnCount":780073,"Description":"In approximately January 2017, the beauty store \u003Ca href=\u0022https://www.zdnet.com/article/sephora-data-breach-hits-southeast-asia-and-anz-customers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESephora suffered a data breach\u003C/a\u003E. Impacting customers in South East Asia, Australia and New Zealand, 780k unique email addresses were included in the breach alongside names, genders, dates of birth, ethnicities and other personal information. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sephora.png","DataClasses":["Dates of birth","Email addresses","Ethnicities","Genders","Names","Physical attributes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ServerPact","Title":"ServerPact","Domain":"serverpact.com","BreachDate":"2016-01-01","AddedDate":"2016-09-06T04:21:06Z","ModifiedDate":"2016-09-06T04:21:06Z","PwnCount":73587,"Description":"In mid-2015, the Dutch Minecraft site \u003Ca href=\u0022https://twitter.com/serverpact/status/772534083788365829\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EServerPact was hacked\u003C/a\u003E and 73k accounts were exposed. Along with birth dates, email and IP addresses, the site also exposed SHA1 password hashes with the username as the salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ServerPact.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SevenRooms","Title":"SevenRooms","Domain":"sevenrooms.com","BreachDate":"2022-12-11","AddedDate":"2023-08-24T21:49:00Z","ModifiedDate":"2023-08-24T21:49:00Z","PwnCount":1205385,"Description":"In December 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/restaurant-crm-platform-sevenrooms-confirms-breach-after-data-for-sale/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum\u003C/a\u003E. The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unauthorised access of \u0026quot;a file transfer interface of a third-party vendor\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SevenRooms.png","DataClasses":["Email addresses","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shadi","Title":"Shadi.com","Domain":"shadi.com","BreachDate":"2016-07-09","AddedDate":"2022-07-20T07:07:31Z","ModifiedDate":"2022-07-20T07:07:31Z","PwnCount":2021984,"Description":"In July 2016, the Muslim dating site \u003Ca href=\u0022https://news.softpedia.com/news/data-from-two-muslim-dating-sites-two-others-dumped-online-506356.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShadi.com suffered a data breach that exposed over 2M members\u0027 email addresses\u003C/a\u003E. The breach also exposed passwords stored as MD5 hashes alongside their plain text equivalents. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;fall1984@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shadi.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shadow","Title":"Shadow","Domain":"shadow.tech","BreachDate":"2023-09-28","AddedDate":"2024-08-11T00:06:02Z","ModifiedDate":"2024-08-11T04:46:29Z","PwnCount":543295,"Description":"In September 2023, the cloud gaming provider \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/shadow-pc-warns-of-data-breach-as-hacker-tries-to-sell-gamers-info/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShadow suffered a data breach that exposed over half a million customer records\u003C/a\u003E. The data included email and physical addresses, names and dates of birth. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shadow.png","DataClasses":["Dates of birth","Email addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShareThis","Title":"ShareThis","Domain":"sharethis.com","BreachDate":"2018-07-09","AddedDate":"2019-03-03T06:31:39Z","ModifiedDate":"2019-03-12T21:00:14Z","PwnCount":40960499,"Description":"In July 2018, the social bookmarking and sharing service \u003Ca href=\u0022https://www.sharethis.com/data-privacy-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShareThis suffered a data breach\u003C/a\u003E. The incident exposed 41 million unique email addresses alongside names and in some cases, dates of birth and password hashes. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShareThis.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SHEIN","Title":"SHEIN","Domain":"shein.com","BreachDate":"2018-06-01","AddedDate":"2019-07-17T13:59:41Z","ModifiedDate":"2019-07-17T13:59:41Z","PwnCount":39086762,"Description":"In June 2018, online fashion retailer \u003Ca href=\u0022https://www.zdnet.com/article/shein-fashion-retailer-announces-breach-affecting-6-42-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESHEIN suffered a data breach\u003C/a\u003E. The company discovered the breach 2 months later in August then disclosed the incident another month after that. A total of 39 million unique email addresses were found in the breach alongside MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SHEIN.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shitexpress","Title":"Shitexpress","Domain":"shitexpress.com","BreachDate":"2022-08-08","AddedDate":"2022-08-16T22:40:35Z","ModifiedDate":"2022-08-16T22:40:35Z","PwnCount":23817,"Description":"In August 2022, the online faeces delivery service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/anonymous-poop-gifting-site-hacked-customers-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShitexpress suffered a data breach that exposed 24k unique email addresses\u003C/a\u003E. The addresses spanned invoices, gift cards, promotions and PayPal records. The breach also exposed the IP and email addresses of senders, physical addresses of recipients and messages accompanying the shit delivery.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shitexpress.png","DataClasses":["Email addresses","IP addresses","Names","Physical addresses","Private messages","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShockGore","Title":"ShockGore","Domain":"shockgore.com","BreachDate":"2020-08-11","AddedDate":"2022-01-20T00:07:47Z","ModifiedDate":"2022-01-20T00:07:47Z","PwnCount":73944,"Description":"In August 2020, the website for sharing graphic videos and images of gore and animal cruelty suffered a data breach. The breach exposed 74k unique email addresses alongside usernames, IP addresses, genders and unsalted SHA-1 password hashes. Private messages were also exposed, many containing requests for material of a depraved nature. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShockGore.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShoeZone","Title":"Shoe Zone","Domain":"shoezone.com","BreachDate":"2024-06-28","AddedDate":"2024-08-05T22:13:35Z","ModifiedDate":"2024-08-05T22:13:35Z","PwnCount":46140,"Description":"In June 2024, \u003Ca href=\u0022https://cybernews.com/news/shoezone-cyberattack-uk-retail-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum\u003C/a\u003E. The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits), and 46k unique email addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShoeZone.png","DataClasses":["Email addresses","Names","Partial credit card data","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShopBack","Title":"ShopBack","Domain":"shopback.com","BreachDate":"2020-09-17","AddedDate":"2021-04-25T05:41:24Z","ModifiedDate":"2021-04-25T05:41:24Z","PwnCount":20529819,"Description":"In September 2020, the cashback reward program \u003Ca href=\u0022https://support.shopback.com.au/hc/en-us/articles/360054141274-Customer-Notice-FAQs\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShopBack suffered a data breach\u003C/a\u003E. The incident exposed over 20 million unique email addresses along with names, phone numbers, country of residence and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShopBack.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShopperPlus","Title":"Shopper\u002B","Domain":"shopperplus.ca","BreachDate":"2020-09-14","AddedDate":"2023-03-11T07:20:20Z","ModifiedDate":"2023-03-11T07:20:20Z","PwnCount":878290,"Description":"In March 2023, \u0026quot;Canada\u0027s online shopping mall\u0026quot; \u003Ca href=\u0022https://twitter.com/MikeSafariMusic/status/1634251270817980424\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShopper\u002B disclosed a data breach discovered on a public hacking forum\u003C/a\u003E. The breach dated back to September 2020 and included 878k customer records with email and physical addresses, names, phone numbers and in some cases, genders and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShopperPlus.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShortEdition","Title":"Short \u00C9dition","Domain":"short-edition.com","BreachDate":"2021-06-26","AddedDate":"2021-07-19T04:49:43Z","ModifiedDate":"2021-07-19T04:49:43Z","PwnCount":505466,"Description":"In June 2021, the French publishing house of short literature \u003Ca href=\u0022https://short-edition.com/en/p/cyber-attack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShort \u00C9dition suffered a data breach that exposed 505k records\u003C/a\u003E. Impacted data included email and physical addresses, names, usernames, phone numbers, dates of birth, genders and passwords stored as either salted SHA-1 or salted SHA-512 hashes. Short \u00C9dition self-submitted the impacted data to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShortEdition.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shotbow","Title":"Shotbow","Domain":"shotbow.net","BreachDate":"2016-05-09","AddedDate":"2017-10-29T23:53:20Z","ModifiedDate":"2017-10-29T23:53:20Z","PwnCount":1052753,"Description":"In May 2016, the multiplayer server for Minecraft service \u003Ca href=\u0022https://shotbow.net/forum/threads/security-data-breach-and-information-leak.346321/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShotbow announced they\u0027d suffered a data breach\u003C/a\u003E. The incident resulted in the exposure of over 1 million unique email addresses, usernames and salted SHA-256 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shotbow.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SirHurt","Title":"SirHurt","Domain":"sirhurt.net","BreachDate":"2021-04-23","AddedDate":"2022-05-24T05:06:08Z","ModifiedDate":"2022-05-24T05:06:08Z","PwnCount":90655,"Description":"In April 2021, the the Roblox cheats website \u003Ca href=\u0022https://wearedevs.net/forum/t/20397\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESirHurt suffered a data breach\u003C/a\u003E that exposed over 90k customer records. The exposed data included email and IP addresses, usernames and passwords stored as MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SirHurt.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SitePoint","Title":"SitePoint","Domain":"sitepoint.com","BreachDate":"2020-06-20","AddedDate":"2022-08-17T08:21:50Z","ModifiedDate":"2022-08-17T08:21:50Z","PwnCount":1021790,"Description":"In June 2020, the web development site \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESitePoint suffered a data breach that exposed over 1M customer records\u003C/a\u003E. Impacted data included email and IP addresses, names, usernames, bios and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SitePoint.png","DataClasses":["Bios","Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SkTorrent","Title":"SkTorrent","Domain":"sktorrent.eu","BreachDate":"2016-02-19","AddedDate":"2016-02-23T03:30:49Z","ModifiedDate":"2016-02-23T03:30:49Z","PwnCount":117070,"Description":"In February 2016, the Slovak torrent tracking site SkTorrent \u003Ca href=\u0022http://tech.sme.sk/c/20099331/hackeri-ukradli-na-slovensku-118-tisic-identit.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and over 117k records leaked online\u003C/a\u003E. The data dump included usernames, email addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SkTorrent.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Slickwraps","Title":"Slickwraps","Domain":"slickwraps.com","BreachDate":"2020-02-16","AddedDate":"2020-02-22T19:20:00Z","ModifiedDate":"2020-02-22T19:20:00Z","PwnCount":857611,"Description":"In February 2020, the online store for consumer electronics wraps \u003Ca href=\u0022https://www.slickwraps.com/blog/update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESlickwraps suffered a data breach\u003C/a\u003E. The incident resulted in the exposure of 858k unique email addresses across customer records and newsletter subscribers. Additional impacted data included names, physical addresses, phone numbers and purchase histories.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Slickwraps.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SlideTeam","Title":"SlideTeam","Domain":"slideteam.net","BreachDate":"2021-04-06","AddedDate":"2023-01-07T01:05:24Z","ModifiedDate":"2023-01-07T01:05:24Z","PwnCount":1464271,"Description":"In April 2021, the \u0026quot;world\u2019s largest collection of pre-designed presentation slides\u0026quot; \u003Ca href=\u0022https://news.kaduu.ch/2022/08/25/worlds-largest-supplier-of-powerpoint-content-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESlideTeam had 1.4M records breached and later published to a popular hacking forum the following year\u003C/a\u003E. Allegedly sourced from a compromised Magento instance, the data included names, email addresses and passwords stored as salted hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SlideTeam.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Smogon","Title":"Smogon","Domain":"smogon.com","BreachDate":"2017-09-10","AddedDate":"2018-04-11T00:12:09Z","ModifiedDate":"2018-04-11T00:12:09Z","PwnCount":386489,"Description":"In April 2018, the Pok\u00E9mon website known as \u003Ca href=\u0022https://www.smogon.com/forums/threads/we-were-hacked-recently-you-may-potentially-want-to-change-your-passwords.3632265/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESmogon announced they\u0027d suffered a data breach\u003C/a\u003E. The breach dated back to September 2017 and affected their XenForo based forum. The exposed data included usernames, email addresses, genders and both bcrypt and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Smogon.png","DataClasses":["Email addresses","Genders","Geographic locations","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Snail","Title":"Snail","Domain":"snail.com","BreachDate":"2015-03-14","AddedDate":"2019-07-27T16:24:09Z","ModifiedDate":"2019-07-27T16:24:09Z","PwnCount":1410899,"Description":"In March 2015, the gaming website \u003Ca href=\u0022https://www.technadu.com/emuparadise-1-1-million-user-data-breach/70025/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESnail suffered a data breach\u003C/a\u003E that impacted 1.4 million subscribers. The impacted data included usernames, IP and email addresses and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Snail.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Snapchat","Title":"Snapchat","Domain":"snapchat.com","BreachDate":"2014-01-01","AddedDate":"2014-01-02T00:00:00Z","ModifiedDate":"2014-01-02T00:00:00Z","PwnCount":4609615,"Description":"In January 2014 just one week after \u003Ca href=\u0022http://gibsonsec.org/snapchat/fulldisclosure/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGibson Security detailed vulnerabilities in the service\u003C/a\u003E, Snapchat had 4.6 million usernames and phone number exposed. The attack involved \u003Ca href=\u0022http://www.troyhunt.com/2014/01/searching-snapchat-data-breach-with.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebrute force enumeration of a large number of phone numbers\u003C/a\u003E against the Snapchat API in what appears to be a response to Snapchat\u0027s assertion that such an attack was \u0026quot;theoretical\u0026quot;. Consequently, the breach enabled individual usernames (which are often used across other services) to be resolved to phone numbers which users usually wish to keep private.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Snapchat.png","DataClasses":["Geographic locations","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SoarGames","Title":"SoarGames","Domain":"soargames.com","BreachDate":"2019-12-16","AddedDate":"2023-12-03T06:56:13Z","ModifiedDate":"2023-12-03T06:56:13Z","PwnCount":4774445,"Description":"In December 2019, the now defunct gaming website SoarGames suffered a data breach that exposed 4.8M unique email addresses. The impacted data included usernames, email and IP addresses and salted MD5 password hashes. A significant number of the email addresses appeared to have been generated as opposed to organically provided by the user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SoarGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SocialEngineered","Title":"Social Engineered","Domain":"socialengineered.net","BreachDate":"2019-06-13","AddedDate":"2019-06-23T20:46:39Z","ModifiedDate":"2019-06-25T18:06:57Z","PwnCount":89392,"Description":"In June 2019, the \u0026quot;Art of Human Hacking\u0026quot; site \u003Ca href=\u0022https://socialengineered.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESocial Engineered\u003C/a\u003E suffered a data breach. The breach of the MyBB forum was published on a rival hacking forum and included 89k unique email addresses spread across 55k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SocialEngineered.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SIAE","Title":"Societ\u00E0 Italiana degli Autori ed Editori","Domain":"siae.it","BreachDate":"2018-11-03","AddedDate":"2018-11-07T04:31:14Z","ModifiedDate":"2018-11-07T04:37:11Z","PwnCount":14609,"Description":"In November 2018, the Societ\u00E0 Italiana degli Autori ed Editori (Italian Society of Authors and Publishers, or SIAE) \u003Ca href=\u0022https://www.repubblica.it/tecnologia/sicurezza/2018/11/03/news/tecnologia_altro_attacco_di_anonplus_bucato_il_sito_della_siae_e_rubati_4_giga_di_dati-210654944/?ref=search\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked, defaced and almost 4GB of data leaked publicly via Twitter\u003C/a\u003E. The data included over 14k registered users\u0027 names, email addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SIAE.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sonicbids","Title":"Sonicbids","Domain":"sonicbids.com","BreachDate":"2019-12-30","AddedDate":"2020-08-18T07:39:37Z","ModifiedDate":"2020-08-18T07:39:37Z","PwnCount":751700,"Description":"In December 2019, the booking website \u003Ca href=\u0022https://oag.ca.gov/system/files/Sonicbids%20-%20%20CA.pdf\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESonicbids suffered a data breach\u003C/a\u003E which they attributed to \u0026quot;a data privacy event involving our third-party cloud hosting services\u0026quot;. The breach contained 752k user records including names and usernames, email addresses and passwords stored as PBKDF2 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sonicbids.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sony","Title":"Sony","Domain":"sony.com","BreachDate":"2011-06-02","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":37103,"Description":"In 2011, Sony suffered breach after breach after breach \u0026mdash; it was a \u003Cem\u003Every\u003C/em\u003E bad year for them. The breaches spanned various areas of the business ranging from the PlayStation network all the way through to the motion picture arm, Sony Pictures. A SQL Injection vulnerability in \u003Ca href=\u0022http://www.sonypictures.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esonypictures.com\u003C/a\u003E lead to \u003Ca href=\u0022http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etens of thousands of accounts across multiple systems being exposed\u003C/a\u003E complete with plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sony.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Soundwave","Title":"Soundwave","Domain":"soundwave.com","BreachDate":"2015-07-16","AddedDate":"2017-03-17T22:36:34Z","ModifiedDate":"2017-03-17T22:36:34Z","PwnCount":130705,"Description":"In approximately mid 2015, the music tracking app \u003Ca href=\u0022http://www.soundwave.com/help/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESoundwave suffered a data breach\u003C/a\u003E. The breach stemmed from an incident whereby \u0026quot;production data had been used to populate the test database\u0026quot; and was then inadvertently exposed in a MongoDB. The data contained 130k records and included email addresses, dates of birth, genders and MD5 hashes of passwords without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Soundwave.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Social connections"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SpecialKSpamList","Title":"Special K Data Feed Spam List","Domain":"data4marketers.com","BreachDate":"2015-10-07","AddedDate":"2016-11-24T00:18:27Z","ModifiedDate":"2016-11-24T00:18:27Z","PwnCount":30741620,"Description":"In mid to late 2015, a spam list known as the \u003Ca href=\u0022http://www.data4marketers.com/d4m_SpecialKfeed2015.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESpecial K Data Feed\u003C/a\u003E was discovered containing almost 31M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. \u003Ca href=\u0022https://www.troyhunt.com/have-i-been-pwned-and-spam-lists-of-personal-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about spam lists in HIBP.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sphero","Title":"Sphero","Domain":"sphero.com","BreachDate":"2023-09-09","AddedDate":"2023-10-20T07:16:25Z","ModifiedDate":"2023-10-20T07:16:25Z","PwnCount":832255,"Description":"In September 2023, \u003Ca href=\u0022https://www.safetydetectives.com/news/sphero-leak-report/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 1M rows of data from the educational robots company Sphero was posted to a popular hacking forum\u003C/a\u003E. The data contained 832k unique email addresses alongside names, usernames, dates of birth and geographic locations.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sphero.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Spirol","Title":"Spirol","Domain":"spirol.com","BreachDate":"2014-02-22","AddedDate":"2014-02-22T20:47:56Z","ModifiedDate":"2014-02-22T20:47:56Z","PwnCount":55622,"Description":"In February 2014, Connecticut based Spirol Fastening Solutions \u003Ca href=\u0022http://news.softpedia.com/news/Details-of-70-000-Users-Leaked-by-Hackers-From-Systems-of-SPIROL-International-428669.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach that exposed over 70,000 customer records\u003C/a\u003E. The attack was allegedly mounted by exploiting a SQL injection vulnerability which yielded data from Spirol\u2019s CRM system ranging from customers\u2019 names, companies, contact information and over 55,000 unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Spirol.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sport2000","Title":"Sport 2000","Domain":"sport2000.fr","BreachDate":"2024-04-18","AddedDate":"2024-08-28T06:56:12Z","ModifiedDate":"2024-08-28T06:56:12Z","PwnCount":3189643,"Description":"In April 2024, \u003Ca href=\u0022https://www.clubic.com/actualite-525045-sport-2000-victime-d-une-cyberattaque-un-gang-de-pirates-francais-soupconne-de-vendre-les-donnees-de-4-millions-de-clients.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe French sporting equipment manufacturer Sport 2000 announced it had suffered a data breach\u003C/a\u003E. The data was subsequently put up for sale on a popular hacking forum and included 4.4M rows with 3.2M unique email addresses alongside names, physical addresses, phone numbers, dates of birth and purchases made by store name. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sport2000.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Spoutible","Title":"Spoutible","Domain":"spoutible.com","BreachDate":"2024-01-31","AddedDate":"2024-02-05T07:33:00Z","ModifiedDate":"2024-02-05T07:33:00Z","PwnCount":207114,"Description":"In January 2024, \u003Ca href=\u0022https://www.troyhunt.com/how-spoutibles-leaky-api-spurted-out-a-deluge-of-personal-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESpoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information\u003C/a\u003E. The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes. The incident also exposed 2FA secrets and backup codes along with password reset tokens.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Spoutible.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SpyFone","Title":"SpyFone","Domain":"spyfone.com","BreachDate":"2018-08-16","AddedDate":"2018-08-24T04:36:24Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":44109,"Description":"In August 2018, the spyware company \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/9kmj4v/spyware-company-spyfone-terabytes-data-exposed-online-leak\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESpyFone left terabytes of data publicly exposed\u003C/a\u003E. Collected surreptitiously whilst the targets were using their devices, the data included photos, audio recordings, text messages and browsing history which were then exposed via a number of misconfigurations within SpyFone\u0027s systems. The data belonged the thousands of SpyFone customers and included 44k unique email addresses, many likely belonging to people the targeted phones had contact with.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SpyFone.png","DataClasses":["Audio recordings","Browsing histories","Device information","Email addresses","Geographic locations","IMEI numbers","IP addresses","Names","Passwords","Photos","SMS messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Spytech","Title":"Spytech","Domain":"spytech-web.com","BreachDate":"2024-06-04","AddedDate":"2024-07-30T03:30:44Z","ModifiedDate":"2024-07-30T03:30:44Z","PwnCount":5645,"Description":"In July 2024, \u003Ca href=\u0022https://techcrunch.com/2024/07/25/spytech-data-breach-windows-mac-android-chromebook-spyware/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Espyware maker Spytech suffered a data breach that exposed data collected as recently as the previous month\u003C/a\u003E. Designed to \u0026quot;invisibly record everything users do\u0026quot;, the breach exposed information related to both purchasers and targets of the product. Target data collection (and subsequent exposure) included the infected computer name, browsing history, applications used, usernames of authenticated users, keywords being monitored, file operations (creation and deletion), computer usage times and email addresses, often captured within the spyware\u0027s logs. The data also included the names, purchases and md5 password hashes of purchasers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Spytech.png","DataClasses":["Browsing histories","Device information","Email addresses","Names","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Staminus","Title":"Staminus","Domain":"staminus.net","BreachDate":"2016-03-11","AddedDate":"2017-10-05T03:58:50Z","ModifiedDate":"2017-10-05T03:58:50Z","PwnCount":26815,"Description":"In March 2016, the DDoS protection service \u003Ca href=\u0022https://krebsonsecurity.com/2016/03/hackers-target-anti-ddos-firm-staminus/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStaminus was \u0026quot;massively hacked\u0026quot;\u003C/a\u003E resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data. 27k unique email addresses were found in the data which was subsequently released to the public. Staminus is no longer in operation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Staminus.png","DataClasses":["Credit cards","Email addresses","IP addresses","Passwords","Support tickets","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StarNet","Title":"StarNet","Domain":"starnet.md","BreachDate":"2015-02-26","AddedDate":"2015-04-11T06:35:46Z","ModifiedDate":"2015-04-11T06:35:46Z","PwnCount":139395,"Description":"In February 2015, the Moldavian ISP \u0026quot;StarNet\u0026quot; \u003Ca href=\u0022http://www.moldova.org/the-database-of-an-internet-provider-from-moldova-was-stolen-and-published/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehad it\u0027s database published online\u003C/a\u003E. The dump included nearly 140k email addresses, many with personal details including contact information, usage patterns of the ISP and even passport numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StarNet.png","DataClasses":["Customer interactions","Dates of birth","Email addresses","Genders","IP addresses","MAC addresses","Names","Passport numbers","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Start","Title":"START","Domain":"start.film","BreachDate":"2021-06-01","AddedDate":"2022-08-30T02:48:30Z","ModifiedDate":"2022-08-30T02:55:07Z","PwnCount":7455386,"Description":"In August 2022, \u003Ca href=\u0022https://meduza.io/news/2022/08/28/v-set-popali-dannye-44-millionov-polzovateley-onlayn-kinoteatra-start\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of an attack against the Russian streaming service \u0026quot;START\u0026quot;\u003C/a\u003E. The incident led to the exposure of 44M records containing 7.4M unique email addresses. The impacted data also included the subscriber\u0027s country and password hash. START subsequently \u003Ca href=\u0022https://t.me/start_shows/1181\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eacknowledged the incident in a Telegram post\u003C/a\u003E and stated that the data dated back to 2021.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Start.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StarTribune","Title":"StarTribune","Domain":"startribune.com","BreachDate":"2019-10-10","AddedDate":"2020-10-30T23:30:39Z","ModifiedDate":"2020-10-31T01:01:09Z","PwnCount":2192857,"Description":"In October 2019, the Minnesota-based news service \u003Ca href=\u0022https://www.startribune.com/hacker-group-claims-to-have-stolen-star-tribune-user-information/570384542/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStarTribune suffered a data breach\u003C/a\u003E which was subsequently sold on the dark web. The breach exposed over 2 million unique email addresses alongside names, usernames, physical addresses, dates of birth, genders and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StarTribune.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TelegramStealerLogs","Title":"Stealer Logs Posted to Telegram","Domain":"","BreachDate":"2024-07-18","AddedDate":"2024-08-01T05:38:53Z","ModifiedDate":"2024-08-01T05:38:53Z","PwnCount":26105473,"Description":"In July 2024, \u003Ca href=\u0022https://troyhunt.com/begging-for-bounties-and-more-info-stealer-logs\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Einfo stealer logs with 26M unique email addresses were collated from malicious Telegram channels\u003C/a\u003E. The data contained 22GB of logs consisting of email addresses, passwords and the websites they were used on, all obtained by malware running on infected machines.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SterKinekor","Title":"Ster-Kinekor","Domain":"sterkinekor.co.za","BreachDate":"2017-03-09","AddedDate":"2017-03-13T10:13:16Z","ModifiedDate":"2017-03-13T10:13:16Z","PwnCount":1619544,"Description":"In 2016, the South African cinema company \u003Ca href=\u0022http://blog.roguecode.co.za/sterkinekor-vulnerability-download-millions-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESter-Kinekor had a security flaw\u003C/a\u003E which leaked a large amount of customer data via an enumeration vulnerability in the API of their old website. Whilst more than 6 million accounts were leaked by the flaw, the exposed data only contained 1.6 million unique email addresses. The data also included extensive personal information such as names, addresses, birthdates, genders and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SterKinekor.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StockX","Title":"StockX","Domain":"stockx.com","BreachDate":"2019-07-26","AddedDate":"2019-08-10T15:34:08Z","ModifiedDate":"2019-08-11T04:12:11Z","PwnCount":6840339,"Description":"In July 2019, the fashion and sneaker trading platform \u003Ca href=\u0022https://stockx.com/news/update-on-data-security-issue/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStockX suffered a data breach\u003C/a\u003E which was subsequently sold via a dark webmarketplace. The exposed data included 6.8 million unique email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StockX.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StoryBird","Title":"StoryBird","Domain":"storybird.com","BreachDate":"2015-08-07","AddedDate":"2021-02-02T00:39:58Z","ModifiedDate":"2021-02-02T00:39:58Z","PwnCount":1047200,"Description":"In August 2015, the storytelling service \u003Ca href=\u0022https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStoryBird suffered a data breach\u003C/a\u003E exposing 4 million records with 1 million unique email addresses. Impacted data also included names, usernames and passwords stored as PBKDF2 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StoryBird.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Straffic","Title":"Straffic","Domain":"straffic.io","BreachDate":"2020-02-14","AddedDate":"2020-02-27T19:28:29Z","ModifiedDate":"2020-02-27T19:28:29Z","PwnCount":48580249,"Description":"In February 2020, Israeli marketing company \u003Ca href=\u0022https://www.databreachtoday.com/israeli-marketing-company-exposes-contacts-database-a-13785\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStraffic exposed a database with 140GB of personal data\u003C/a\u003E. The publicly accessible Elasticsearch database contained over 300M rows with 49M unique email addresses. Exposed data also included names, phone numbers, physical addresses and genders. In \u003Ca href=\u0022https://straffic.io/updates.php\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etheir breach disclosure message\u003C/a\u003E, Straffic stated that \u0026quot;it is impossible to create a totally immune system, and these things can occur\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Straffic.png","DataClasses":["Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Stratfor","Title":"Stratfor","Domain":"stratfor.com","BreachDate":"2011-12-24","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":859777,"Description":"In December 2011, \u0026quot;Anonymous\u0026quot; \u003Ca href=\u0022http://www.troyhunt.com/2011/12/5-website-security-lessons-courtesy-of.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked the global intelligence company known as \u0026quot;Stratfor\u0026quot;\u003C/a\u003E and consequently disclosed a veritable treasure trove of data including hundreds of gigabytes of email and tens of thousands of credit card details which were promptly used by the attackers to make charitable donations (among other uses). The breach also included 860,000 user accounts complete with email address, time zone, some internal system data and MD5 hashed passwords with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Stratfor.png","DataClasses":["Credit cards","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StreetEasy","Title":"StreetEasy","Domain":"streeteasy.com","BreachDate":"2016-06-28","AddedDate":"2019-10-06T18:18:50Z","ModifiedDate":"2019-10-06T18:25:03Z","PwnCount":988230,"Description":"In approximately June 2016, the real estate website \u003Ca href=\u0022https://therealdeal.com/2019/02/19/a-million-streeteasy-accounts-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStreetEasy suffered a data breach\u003C/a\u003E. In total, 988k unique email addresses were included in the breach alongside names, usernames and SHA-1 hashes of passwords, all of which appeared for sale on a dark web marketplace in February 2019. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StreetEasy.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Stripchat","Title":"Stripchat","Domain":"stripchat.com","BreachDate":"2021-11-05","AddedDate":"2022-08-31T06:17:42Z","ModifiedDate":"2022-08-31T06:37:07Z","PwnCount":10001355,"Description":"In November 2021, the live sex cams and adult chat website \u003Ca href=\u0022https://www.bitdefender.com.au/blog/hotforsecurity/unsecure-server-exposed-200-million-records-of-adult-webcam-models-and-users-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStripchat left several databases exposed and unsecured\u003C/a\u003E. In June the following year, over 10M Stripchat records appeared on a popular hacking forum. The exposed data included usernames, email addresses and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Stripchat.png","DataClasses":["Email addresses","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StrongholdKingdoms","Title":"Stronghold Kingdoms","Domain":"strongholdkingdoms.com","BreachDate":"2018-07-04","AddedDate":"2019-07-21T15:36:01Z","ModifiedDate":"2019-07-21T15:36:01Z","PwnCount":5187305,"Description":"In July 2018, the massive multiplayer online game \u003Ca href=\u0022https://techraptor.net/content/roll20-stronghold-kingdoms-subject-security-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStronghold Kingdoms suffered a data breach\u003C/a\u003E. Almost 5.2 million accounts were impacted by the incident which exposed emails addresses, usernames and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StrongholdKingdoms.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SubaGames","Title":"SubaGames","Domain":"subagames.com","BreachDate":"2016-11-01","AddedDate":"2021-08-25T06:39:28Z","ModifiedDate":"2021-08-25T06:44:29Z","PwnCount":6137666,"Description":"In November 2016, the game developer \u003Ca href=\u0022https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESuba Games suffered a data breach\u003C/a\u003E which led to the exposure of 6.1M unique email addresses. Impacted data also included usernames and passwords, most of which appeared circulating in the breached file in plain text after being cracked from salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SubaGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SumoTorrent","Title":"Sumo Torrent","Domain":"sumotorrent.sx","BreachDate":"2014-06-21","AddedDate":"2016-03-09T01:23:23Z","ModifiedDate":"2016-03-09T01:23:23Z","PwnCount":285191,"Description":"In June 2014, the torrent site Sumo Torrent was hacked and 285k member records were exposed. The data included IP addresses, email addresses and passwords stored as weak MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SumoTorrent.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SundryFiles","Title":"Sundry Files","Domain":"sundryfiles.com","BreachDate":"2022-01-21","AddedDate":"2023-03-31T04:51:11Z","ModifiedDate":"2023-03-31T04:51:11Z","PwnCount":274461,"Description":"In January 2022, the now defunct file upload service Sundry Files suffered a data breach that exposed 274k unique email addresses. The data also included usernames, IP addresses and passwords stored as salted SHA-256 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SundryFiles.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SuperVPNGeckoVPN","Title":"SuperVPN \u0026 GeckoVPN","Domain":"","BreachDate":"2021-02-25","AddedDate":"2021-02-28T22:30:29Z","ModifiedDate":"2021-02-28T22:49:32Z","PwnCount":20339937,"Description":"In February 2021, \u003Ca href=\u0022https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea series of \u0026quot;free\u0026quot; VPN services were breached including SuperVPN and GeckoVPN\u003C/a\u003E, exposing over 20M records. The data appeared together in a single file with a small number of records also included from FlashVPN, suggesting that all three brands may share the same platform. Impacted data also included email addresses, the country logged in from and the date and time each login occurred alongside device information including the make and model, IMSI number and serial number. The data was provided to HIBP by a source who requested it be attributed to redredred@riseup.net.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SuperVPNGeckoVPN.png","DataClasses":["Device information","Device serial numbers","Email addresses","Geographic locations","IMSI numbers","Login histories"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SurveyLama","Title":"SurveyLama","Domain":"surveylama.com","BreachDate":"2024-02-01","AddedDate":"2024-04-02T23:04:58Z","ModifiedDate":"2024-04-02T23:04:58Z","PwnCount":4426879,"Description":"In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already \u0026quot;notified the users by email\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SurveyLama.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SvenskaMagic","Title":"SvenskaMagic","Domain":"svenskamagic.com","BreachDate":"2015-07-01","AddedDate":"2018-08-30T05:05:04Z","ModifiedDate":"2018-08-30T05:08:09Z","PwnCount":30327,"Description":"Sometime in 2015, the Swedish magic website \u003Ca href=\u0022https://www.svenskamagic.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESvenskaMagic\u003C/a\u003E suffered a data breach that exposed over 30k records. The compromised data included usernames, email addresses and MD5 password hashes. The data was self-submitted to HIBP by SvenskaMagic.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SvenskaMagic.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SweClockers","Title":"SweClockers.com","Domain":"sweclockers.com","BreachDate":"2015-04-01","AddedDate":"2017-03-22T02:01:20Z","ModifiedDate":"2018-07-27T21:59:04Z","PwnCount":254867,"Description":"In early 2015, the Swedish tech news site \u003Ca href=\u0022http://www.sweclockers.com/nyhet/20800-sweclockers-drabbas-av-dataintrang\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESweClockers was hacked\u003C/a\u003E and 255k accounts were exposed. The attack led to the exposure of usernames, email addresses and salted hashes of passwords stored with a combination of MD5 and SHA512.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SweClockers.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Switch","Title":"Switch","Domain":"switchit.hu","BreachDate":"2024-10-01","AddedDate":"2024-10-05T20:18:44Z","ModifiedDate":"2024-10-05T20:18:44Z","PwnCount":5397,"Description":"In October 2024, the Hungarian IT headhunting service \u003Ca href=\u0022https://telex.hu/techtud/2024/10/01/kiberbiztonsag-adatvedelem-adatszivargas-szemelyes-adatok-switch-it-fejvadasz-ceg\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESwitch inadvertently exposed thousands of customer records via a public GitHub repository\u003C/a\u003E. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Switch.png","DataClasses":["Email addresses","Job applications","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SwordFantasy","Title":"SwordFantasy","Domain":"swordfantasy.com","BreachDate":"2017-01-20","AddedDate":"2024-03-26T08:31:58Z","ModifiedDate":"2024-03-26T08:31:58Z","PwnCount":2690657,"Description":"In January 2019, the now defunct MMO and RPG game SwordFantasy suffered a data breach that exposed 2.7M unique email addresses. Other impacted data included username, IP address and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SwordFantasy.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Swvl","Title":"Swvl","Domain":"swvl.com","BreachDate":"2020-06-23","AddedDate":"2020-07-31T06:24:42Z","ModifiedDate":"2020-07-31T07:59:49Z","PwnCount":4195918,"Description":"In June 2020, the Egyptian bus operator \u003Ca href=\u0022https://portswigger.net/daily-swig/egyptian-bus-operator-swvl-hit-by-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESwvl suffered a data breach\u003C/a\u003E which impacted over 4 million members of the service. The exposed data included names, email addresses, phone numbers, profile photos, partial credit card data (type and last 4 digits) and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Swvl.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Phone numbers","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"T2","Title":"T2","Domain":"t2tea.com","BreachDate":"2024-04-17","AddedDate":"2024-04-22T06:17:17Z","ModifiedDate":"2024-04-24T04:06:11Z","PwnCount":94584,"Description":"In April 2024, \u003Ca href=\u0022https://www.cyberdaily.au/security/10446-t2-scalded-by-alleged-data-breach-affecting-more-than-80-000-customers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E95k records from the T2 tea store were posted to a popular hacking forum\u003C/a\u003E. Data included email and physical addresses, names, phone numbers, dates of birth, purchases and passwords stored as scrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/T2.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TaiLieu","Title":"TaiLieu","Domain":"tailieu.vn","BreachDate":"2019-11-24","AddedDate":"2020-05-03T23:48:08Z","ModifiedDate":"2020-05-03T23:48:08Z","PwnCount":7327477,"Description":"In November 2019, the Vietnamese education website \u003Ca href=\u0022https://tailieu.vn/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaiLieu\u003C/a\u003E allegedly suffered a data breach exposing 7.3M customer records. Impacted data included names and usernames, email addresses, dates of birth, genders and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E after being shared on a popular hacking forum. TaiLieu did not respond when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TaiLieu.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tamodo","Title":"Tamodo","Domain":"tamodo.com","BreachDate":"2020-02-28","AddedDate":"2020-03-24T23:47:43Z","ModifiedDate":"2020-03-24T23:55:46Z","PwnCount":494945,"Description":"In February 2020, the affiliate marketing network \u003Ca href=\u0022https://www.tamodo.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETamodo\u003C/a\u003E suffered a data breach which was subsequently shared on a popular hacking forum. The incident exposed almost 500k accounts including names, email addresses, dates of birth and passwords stored as bcrypt hashes. Tamodo failed to respond to multiple attempts to report the breach via published communication channels.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tamodo.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tangerine","Title":"Tangerine","Domain":"tangerinetelecom.com.au","BreachDate":"2024-02-18","AddedDate":"2024-02-28T01:42:43Z","ModifiedDate":"2024-02-28T01:42:43Z","PwnCount":243462,"Description":"In February 2024, the Australian Telco \u003Ca href=\u0022https://www.itnews.com.au/news/tangerine-telecom-says-customer-data-of-232000-affected-by-cyber-incident-605337\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETangerine suffered a data breach that exposed over 200k customer records\u003C/a\u003E. Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process involves sending a one-time password after entering an email address and phone number, it previously used a traditional password which was also exposed as a bcrypt hash.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tangerine.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Taobao","Title":"Taobao","Domain":"taobao.com","BreachDate":"2012-01-01","AddedDate":"2016-10-08T10:53:23Z","ModifiedDate":"2016-10-08T10:53:23Z","PwnCount":21149008,"Description":"In approximately 2012, it\u0027s alleged that the Chinese shopping site known as \u003Ca href=\u0022https://www.taobao.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaobao\u003C/a\u003E suffered a data breach that impacted over 21 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Taobao.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TAPAirPortugal","Title":"TAP Air Portugal","Domain":"flytap.com","BreachDate":"2022-08-25","AddedDate":"2022-09-23T05:33:05Z","ModifiedDate":"2023-02-05T06:13:01Z","PwnCount":6083479,"Description":"In August 2022, the Portuguese airline \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/ragnar-locker-ransomware-claims-attack-on-portugals-flag-airline/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETAP Air Portugal was the target of a ransomware attack perpetrated by the Ragnar Locker gang\u003C/a\u003E who later leaked the compromised data via a public dark web site. Over 5M unique email addresses were exposed alongside other personal data including names, genders, DoBs, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TAPAirPortugal.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Nationalities","Phone numbers","Physical addresses","Salutations","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tappware","Title":"Tappware","Domain":"tappware.com","BreachDate":"2024-04-23","AddedDate":"2024-05-09T00:34:12Z","ModifiedDate":"2024-05-09T00:34:12Z","PwnCount":94734,"Description":"In April 2024, \u003Ca href=\u0022https://bcsi.gov.bd/bangladeshi-tech-company-tappware-database-compromise/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum\u003C/a\u003E. Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens including names, physical addresses, job titles, dates of birth, genders and scans of government issued national identity (NID) cards.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tappware.png","DataClasses":["Dates of birth","Email addresses","Genders","Government issued IDs","Job titles","Names","Phone numbers","Physical addresses","Religions"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Taringa","Title":"Taringa","Domain":"taringa.net","BreachDate":"2017-08-01","AddedDate":"2018-04-19T10:11:37Z","ModifiedDate":"2018-04-19T10:11:37Z","PwnCount":27971100,"Description":"In September 2017, news broke that \u003Ca href=\u0022https://thehackernews.com/2017/09/taringa-data-breach-hacking.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaringa had suffered a data breach exposing 28 million records\u003C/a\u003E. Known as \u0026quot;The Latin American Reddit\u0026quot;, \u003Ca href=\u0022https://www.taringa.net/posts/taringa/19972402/Un-mensaje-importante-sobre-la-seguridad-de-tu-cuenta.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaringa\u0027s breach disclosure notice\u003C/a\u003E indicated the incident dated back to August that year. The exposed data included usernames, email addresses and weak MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Taringa.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Solomid","Title":"Team SoloMid","Domain":"solomid.net","BreachDate":"2014-12-22","AddedDate":"2016-03-09T13:04:08Z","ModifiedDate":"2016-03-09T13:04:08Z","PwnCount":442166,"Description":"In December 2014, the electronic sports organisation known as \u003Ca href=\u0022http://www.dailydot.com/esports/null-consolidated-team-solomid-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETeam SoloMid was hacked\u003C/a\u003E and 442k members accounts were leaked. The accounts included email and IP addresses, usernames and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Solomid.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Technic","Title":"Technic","Domain":"technicpack.net","BreachDate":"2018-11-30","AddedDate":"2018-12-04T02:32:35Z","ModifiedDate":"2018-12-04T02:32:35Z","PwnCount":265410,"Description":"In November 2018, the Minecraft modpack platform known as \u003Ca href=\u0022https://www.technicpack.net/article/forums-database-breach.149\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETechnic suffered a data breach\u003C/a\u003E. Technic promptly disclosed the breach and advised that the impacted data included over 265k unique users\u0027 email and IP addresses, chat logs, private messages and \u003Ca href=\u0022https://twitter.com/PedroACunha/status/1069740224497020929\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epasswords stored as bcrypt hashes with a work factor of 13\u003C/a\u003E. Technic self-submitted the breach to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Technic.png","DataClasses":["Chat logs","Email addresses","IP addresses","Passwords","Private messages","Time zones"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Teespring","Title":"Teespring","Domain":"teespring.com","BreachDate":"2020-04-01","AddedDate":"2021-06-25T06:58:48Z","ModifiedDate":"2021-06-25T06:58:48Z","PwnCount":8234193,"Description":"In April 2020, the custom printed apparel website \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-data-of-millions-of-teespring-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETeespring suffered a data breach that exposed 8.2 million customer records\u003C/a\u003E. The data included email addresses, names, geographic locations and social media IDs.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Teespring.png","DataClasses":["Email addresses","Geographic locations","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TRAI","Title":"Telecom Regulatory Authority of India","Domain":"trai.gov.in","BreachDate":"2015-04-27","AddedDate":"2015-04-27T11:21:59Z","ModifiedDate":"2015-04-27T11:21:59Z","PwnCount":107776,"Description":"In April 2015, the Telecom Regulatory Authority of India (TRAI) \u003Ca href=\u0022http://www.dnaindia.com/scitech/report-email-savetheinternet-net-neutrality-campaign-public-privacy-spam-phishing-2081037\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epublished tens of thousand of emails\u003C/a\u003E sent by Indian citizens supporting net neutrality as part of the SaveTheInternet campaign. The published data included lists of emails including the sender\u0027s name and email address as well as the contents of the email as well, often with signatures including other personal data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TRAI.png","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Teracod","Title":"Teracod","Domain":"teracod.org","BreachDate":"2016-05-28","AddedDate":"2016-08-22T11:21:27Z","ModifiedDate":"2016-08-22T11:21:27Z","PwnCount":97151,"Description":"In May 2015, almost 100k user records were extracted from the Hungarian torrent site known as Teracod. The data was later discovered being torrented itself and included email addresses, passwords, private messages between members and the peering history of IP addresses using the service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Teracod.png","DataClasses":["Avatars","Email addresses","IP addresses","Passwords","Payment histories","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Terravision","Title":"Terravision","Domain":"terravision.eu","BreachDate":"2023-02-01","AddedDate":"2023-04-23T03:50:37Z","ModifiedDate":"2023-04-23T03:50:37Z","PwnCount":2075625,"Description":"In February 2023, the European airport transfers service \u003Ca href=\u0022https://www.terravision.eu/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETerravision\u003C/a\u003E suffered a data breach. The breach exposed over 2M records of customer data including names, phone numbers, email addresses, salted password hashes and in some cases, date of birth and country of origin. Terravision did not respond to multiple attempts by individuals period over a period of months to report the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Terravision.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tesco","Title":"Tesco","Domain":"tesco.com","BreachDate":"2014-02-12","AddedDate":"2014-02-13T21:19:24Z","ModifiedDate":"2014-02-13T21:19:24Z","PwnCount":2239,"Description":"In February 2014, \u003Ca href=\u0022http://www.bbc.co.uk/news/technology-26171130\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 2,000 Tesco accounts with usernames, passwords and loyalty card balances appeared on Pastebin\u003C/a\u003E. Whilst the source of the breach is not clear, many confirmed the credentials were valid for Tesco and indeed \u003Ca href=\u0022http://www.troyhunt.com/2012/07/lessons-in-website-security-anti.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E they have a history of poor online security\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tesco.png","DataClasses":["Email addresses","Passwords","Reward program balances"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TGBUS","Title":"TGBUS","Domain":"tgbus.com","BreachDate":"2017-09-01","AddedDate":"2018-04-28T02:02:29Z","ModifiedDate":"2018-04-28T02:02:29Z","PwnCount":10371766,"Description":"In approximately 2017, it\u0027s alleged that the Chinese gaming site known as \u003Ca href=\u0022http://www.tgbus.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETGBUS\u003C/a\u003E suffered a data breach that impacted over 10 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TGBUS.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheCandidBoard","Title":"The Candid Board","Domain":"thecandidboard.com","BreachDate":"2015-09-03","AddedDate":"2017-01-22T08:33:43Z","ModifiedDate":"2017-01-22T08:33:43Z","PwnCount":178201,"Description":"In September 2015, the non-consensual voyeurism site \u003Ca href=\u0022http://www.ibtimes.co.uk/upskirt-porn-website-hit-massive-data-leak-exposing-nearly-180000-voyeurs-1602756\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;The Candid Board\u0026quot; suffered a data breach\u003C/a\u003E. The hack of the vBulletin forum led to the exposure of over 178k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheCandidBoard.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheFappening","Title":"The Fappening","Domain":"thefappening.so","BreachDate":"2015-12-01","AddedDate":"2016-04-13T01:08:20Z","ModifiedDate":"2016-04-13T01:08:20Z","PwnCount":179030,"Description":"In December 2015, the forum for discussing naked celebrity photos known as \u0026quot;The Fappening\u0026quot; (named after the iCloud leaks of 2014) was compromised and 179k accounts were leaked. Exposed member data included usernames, email addresses and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheFappening.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheFlyOnTheWall","Title":"The Fly on the Wall","Domain":"theflyonthewall.com","BreachDate":"2017-12-31","AddedDate":"2018-01-15T06:42:31Z","ModifiedDate":"2018-01-15T06:42:31Z","PwnCount":84011,"Description":"In December 2017, the stock market news website \u003Ca href=\u0022http://theflyonthewall.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Fly on the Wall\u003C/a\u003E suffered a data breach. The data in the breach included 84k unique email addresses as well as purchase histories and credit card data. \u003Ca href=\u0022https://www.troyhunt.com/streamlining-data-breach-disclosure-a-step-by-step-process\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENumerous attempts were made to contact The Fly on the Wall about the incident\u003C/a\u003E, however no responses were received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheFlyOnTheWall.png","DataClasses":["Age groups","Credit cards","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HalloweenSpot","Title":"The Halloween Spot","Domain":"thehalloweenspot.com","BreachDate":"2019-09-27","AddedDate":"2020-03-16T05:20:32Z","ModifiedDate":"2020-03-16T22:07:11Z","PwnCount":10653,"Description":"In September 2019, the Halloween costume store \u003Ca href=\u0022https://www.thehalloweenspot.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Halloween Spot\u003C/a\u003E suffered a data breach. Originally misattributed to fancy dress store \u003Ca href=\u0022https://www.smiffys.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESmiffys\u003C/a\u003E, the breach contained 13GB of data with over 10k unique email addresses alongside names, physical and IP addresses, phone numbers and order histories. The Halloween Spot advised customers the breach was traced back to \u0026quot;an old shipping information database\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HalloweenSpot.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheHeritageFoundation","Title":"The Heritage Foundation","Domain":"heritage.org","BreachDate":"2024-07-09","AddedDate":"2024-07-10T06:51:28Z","ModifiedDate":"2024-07-10T06:51:28Z","PwnCount":72004,"Description":"In July 2024, \u003Ca href=\u0022https://cyberscoop.com/hackvists-release-two-gigabytes-of-heritage-foundation-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal\u003C/a\u003E. The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the comments left) and by content contributors (along with usernames and passwords stored as either MD5 or phpass hashes).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheHeritageFoundation.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KodiFoundation","Title":"The Kodi Foundation","Domain":"kodi.tv","BreachDate":"2023-02-16","AddedDate":"2023-04-13T05:01:41Z","ModifiedDate":"2023-04-13T05:01:41Z","PwnCount":400635,"Description":"In February 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/kodi-discloses-data-breach-after-forum-database-for-sale-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Kodi Foundation suffered a data breach that exposed more than 400k user records\u003C/a\u003E. Attributed to an account belonging to \u0026quot;a trusted but currently inactive member of the forum admin team\u0026quot;, the breach involved the administrator account creating a database backup that was subsequently downloaded before being sold on a hacking forum. The breach exposed email and IP addresses, usernames, genders and passwords stored as MyBB salted hashes. The Kodi Foundation elected to self-submit impacted email addresses to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KodiFoundation.png","DataClasses":["Browser user agent details","Dates of birth","Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ThePostMillennial","Title":"The Post Millennial","Domain":"thepostmillennial.com","BreachDate":"2024-05-02","AddedDate":"2024-05-10T01:55:22Z","ModifiedDate":"2024-05-14T20:33:14Z","PwnCount":56973345,"Description":"In May 2024, \u003Ca href=\u0022https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe conservative news website The Post Millennial suffered a data breach\u003C/a\u003E. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from \u003Ca href=\u0022https://sprunge.us/SZTt4N\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethousands of mailing lists\u003C/a\u003E \u003Cem\u003Ealleged\u003C/em\u003E to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ThePostMillennial.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheGradCafe","Title":"TheGradCafe","Domain":"thegradcafe.com","BreachDate":"2023-02-26","AddedDate":"2023-03-24T04:12:17Z","ModifiedDate":"2023-03-24T04:12:17Z","PwnCount":310975,"Description":"In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheGradCafe.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheTVDB","Title":"TheTVDB.com","Domain":"thetvdb.com","BreachDate":"2017-11-21","AddedDate":"2018-01-29T07:50:12Z","ModifiedDate":"2018-01-29T07:50:12Z","PwnCount":181871,"Description":"In November 2017, the open television database known as \u003Ca href=\u0022https://forums.thetvdb.com/viewtopic.php?f=3\u0026t=43254\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETheTVDB.com suffered a data breach\u003C/a\u003E. The breached data was posted to a hacking forum and included 182k records with usernames, email addresses and MySQL password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheTVDB.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Thingiverse","Title":"Thingiverse","Domain":"thingiverse.com","BreachDate":"2020-10-13","AddedDate":"2021-10-14T10:02:04Z","ModifiedDate":"2021-10-14T10:02:04Z","PwnCount":228102,"Description":"In October 2021, a database backup taken from the 3D model sharing service \u003Ca href=\u0022https://www.databreachtoday.com/thingiverse-data-leak-affects-25-million-subscribers-a-17729\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThingiverse began extensively circulating within the hacking community\u003C/a\u003E. Dating back to October 2020, the 36GB file contained 228 thousand unique email addresses, mostly alongside comments left on 3D models. The data also included usernames, IP addresses, full names and passwords stored as either unsalted SHA-1 or bcrypt hashes. In some cases, physical addresses was also exposed. Thingiverse\u0027s owner, MakerBot, is aware of the incident but at the time of writing, is yet to issue a disclosure statement. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Thingiverse.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ThisHabboForum","Title":"ThisHabbo Forum","Domain":"thishabboforum.com","BreachDate":"2014-01-01","AddedDate":"2015-03-28T05:35:28Z","ModifiedDate":"2015-03-28T05:35:28Z","PwnCount":612414,"Description":"In 2014, the ThisHabbo forum (a fan site for Habbo.com, a Finnish social networking site) \u003Ca href=\u0022https://www.google.com/search?q=\u0022thishabbo_forum.txt\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eappeared among a list of compromised sites\u003C/a\u003E which has subsequently been removed from the internet. Whilst the actual date of the exploit is not clear, the breached data includes usernames, email addresses, IP addresses and salted hashes of passwords. A further 584k records were added from a more comprehensive breach file provided in October 2016.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ThisHabboForum.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tianya","Title":"Tianya","Domain":"tianya.cn","BreachDate":"2011-12-26","AddedDate":"2016-06-30T03:39:05Z","ModifiedDate":"2016-06-30T03:39:05Z","PwnCount":29020808,"Description":"In December 2011, \u003Ca href=\u0022http://thehackernews.com/2011/12/tianya-chinas-biggest-online-forum-40.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChina\u0027s largest online forum known as Tianya was hacked\u003C/a\u003E and tens of millions of accounts were obtained by the attacker. The leaked data included names, usernames and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tianya.png","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ticketcounter","Title":"Ticketcounter","Domain":"ticketcounter.nl","BreachDate":"2021-02-22","AddedDate":"2021-03-01T22:37:54Z","ModifiedDate":"2023-06-21T20:28:24Z","PwnCount":1921722,"Description":"In August 2020, the Dutch ticketing service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/european-e-ticketing-platform-ticketcounter-extorted-in-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETicketcounter inadvertently published a database backup to a publicly accessible location where it was then found and downloaded in February 2021\u003C/a\u003E. The data contained 1.9M unique email addresses which were offered for sale on a hacking forum and in some cases included names, physical and IP addresses, genders, dates of birth, payment histories and bank account numbers. Ticketcounter was later held to ransom with the threat of the breached being released publicly. The data was provided to HIBP by a source who requested it be attributed to redredred@riseup.net.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ticketcounter.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Genders","IP addresses","Names","Payment histories","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ticketek","Title":"Ticketek","Domain":"ticketek.com.au","BreachDate":"2024-05-31","AddedDate":"2024-06-28T01:17:02Z","ModifiedDate":"2024-07-17T20:43:22Z","PwnCount":17643173,"Description":"In May 2024, \u003Ca href=\u0022https://www.abc.net.au/news/2024-05-31/ticketek-australia-cyber-security-data-breach-names-emails-leak/103921986\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform\u003C/a\u003E. The following month, \u003Ca href=\u0022https://techcrunch.com/2024/06/21/hacker-claims-to-have-30-million-customer-records-from-australian-ticket-seller-giant-teg/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared for sale on a popular hacking forum\u003C/a\u003E and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ticketek.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":true,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ticketfly","Title":"Ticketfly","Domain":"ticketfly.com","BreachDate":"2018-05-31","AddedDate":"2018-06-03T06:14:14Z","ModifiedDate":"2021-07-23T03:15:33Z","PwnCount":26151608,"Description":"In May 2018, the website for the ticket distribution service \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/mbk3nx/ticketfly-website-database-hacked-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETicketfly was defaced by an attacker and was subsequently taken offline\u003C/a\u003E. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location. The data included over 26 million unique email addresses along with names, physical addresses and phone numbers. Whilst there were no passwords in the publicly leaked data, \u003Ca href=\u0022https://support.ticketfly.com/customer/en/portal/articles/2941983-ticketfly-cyber-incident-update\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETicketfly later issued an incident update\u003C/a\u003E and stated that \u0026quot;It is possible, however, that hashed values of password credentials could have been accessed\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ticketfly.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tigo","Title":"Tigo","Domain":"tigo.chat","BreachDate":"2023-03-31","AddedDate":"2023-07-24T23:25:32Z","ModifiedDate":"2023-07-24T23:25:32Z","PwnCount":700394,"Description":"In Mid-2023, 300GB of data containing over 100M records from \u003Ca href=\u0022https://tigo.chat/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Chinese video chat platform \u0026quot;Tigo\u0026quot;\u003C/a\u003E dating back to March that year was discovered. The data contained over 700k unique names, usernames, email and IP addresses, genders, profile photos and private messages. Tigo did not respond to multiple attempts to disclose the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tigo.png","DataClasses":["Device information","Email addresses","Genders","Geographic locations","IP addresses","Names","Private messages","Profile photos","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tokopedia","Title":"Tokopedia","Domain":"tokopedia.com","BreachDate":"2020-04-17","AddedDate":"2020-05-02T23:45:21Z","ModifiedDate":"2020-07-17T00:53:20Z","PwnCount":71443698,"Description":"In April 2020, Indonesia\u0027s largest online store \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-15-million-records-from-tokopedia-indonesias-largest-online-store/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETokopedia suffered a data breach\u003C/a\u003E. The incident resulted in 15M rows of data being posted to a popular hacking forum. An additional 76M rows were later provided to HIBP in July 2020. In total, the data included over 71M unique email addresses alongside names, genders, birth dates and passwords stored as SHA2-384 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tokopedia.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ToonDoo","Title":"ToonDoo","Domain":"toondoo.com","BreachDate":"2019-08-21","AddedDate":"2019-11-11T06:19:53Z","ModifiedDate":"2019-11-11T06:19:53Z","PwnCount":6002694,"Description":"In August 2019, the comic strip creation website \u003Ca href=\u0022https://www.zataz.com/6-000-000-de-donnees-personnelles-piratees-pour-le-site-toondoo/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EToonDoo suffered a data breach\u003C/a\u003E. The data was subsequently redistributed on a popular hacking forum in November where the personal information of over 6M subscribers was shared. Impacted data included email and IP addresses, usernames, genders, the location of the individual and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ToonDoo.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TorrentInvites","Title":"Torrent Invites","Domain":"torrent-invites.com","BreachDate":"2013-12-12","AddedDate":"2017-03-22T01:14:11Z","ModifiedDate":"2017-03-22T01:14:11Z","PwnCount":352120,"Description":"In December 2013, the torrent site \u003Ca href=\u0022https://www.reddit.com/r/trackers/comments/1sqqf7/torrentinvites_hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETorrent Invites was hacked\u003C/a\u003E and over 352k accounts were exposed. The vBulletin forum contained usernames, email and IP addresses, birth dates and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TorrentInvites.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Toumei","Title":"Toumei","Domain":"toumei.co.jp","BreachDate":"2023-10-18","AddedDate":"2023-10-27T07:16:19Z","ModifiedDate":"2023-10-27T07:16:19Z","PwnCount":76682,"Description":"In October 2023, the Japanese consultancy firm \u003Ca href=\u0022https://www.toumei.co.jp/news/2023/10/information_privacy/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EToumei suffered a data breach\u003C/a\u003E. The breach exposed over 100M lines and 10GB of data including 77k unique email addresses along with names, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Toumei.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tout","Title":"Tout","Domain":"tout.com","BreachDate":"2014-09-11","AddedDate":"2020-01-25T06:12:28Z","ModifiedDate":"2020-01-25T06:12:28Z","PwnCount":652683,"Description":"In approximately September 2014, the now defunct social networking service \u003Ca href=\u0022https://en.wikipedia.org/wiki/Tout_(company)\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETout\u003C/a\u003E suffered a data breach. The breach subsequently appeared years later and included 653k unique email addresses, names, IP addresses, the location of the user, their bio and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;nmapthis@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tout.png","DataClasses":["Bios","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tracki","Title":"Tracki","Domain":"tracki.com","BreachDate":"2024-08-15","AddedDate":"2024-08-19T07:52:19Z","ModifiedDate":"2024-08-19T07:52:19Z","PwnCount":372557,"Description":"In August 2024, \u003Ca href=\u0022https://maia.crimew.gay/posts/gps-track-deez-nuts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki\u003C/a\u003E. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tracki.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Traderie","Title":"Traderie","Domain":"traderie.com","BreachDate":"2022-09-24","AddedDate":"2024-08-25T20:08:07Z","ModifiedDate":"2024-08-25T20:08:07Z","PwnCount":364898,"Description":"In September 2022, \u003Ca href=\u0022https://techcrunch.com/2023/09/07/traderie-a-marketplace-for-in-game-items-alerts-users-to-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records\u003C/a\u003E (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Traderie.png","DataClasses":["Email addresses","IP addresses","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TravelOK","Title":"Travel Oklahoma","Domain":"travelok.com","BreachDate":"2020-12-17","AddedDate":"2021-03-10T22:48:23Z","ModifiedDate":"2021-03-10T22:48:23Z","PwnCount":637279,"Description":"In December 2020, \u003Ca href=\u0022https://tulsaworld.com/news/local/state-tourism-department-reports-data-breach-no-social-security-financial-data-compromised/article_105b0d18-6595-11eb-998b-1b96c12d2d14.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Oklahoma state Tourism and Recreation Department suffered a data breach\u003C/a\u003E. The incident exposed 637k email addresses across a variety of tables including age ranges against brochure orders and dates of birth against contest entries. Genders, names and physical addresses were also exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;badhou3a\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TravelOK.png","DataClasses":["Age groups","Dates of birth","Email addresses","Genders","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Travelio","Title":"Travelio","Domain":"travelio.com","BreachDate":"2021-11-23","AddedDate":"2022-04-08T00:05:43Z","ModifiedDate":"2022-04-08T00:05:43Z","PwnCount":471376,"Description":"In November 2021, the Indonesian real estate website \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/12/14/dark-web-roundup-november-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETravelio suffered a data breach that exposed over 470k customer accounts\u003C/a\u003E. The data included email addresses, names, password hashes, phone numbers and for some accounts, dates of birth, physical address and Facebook auth tokens. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Travelio.png","DataClasses":["Auth tokens","Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Trello","Title":"Trello","Domain":"trello.com","BreachDate":"2024-01-16","AddedDate":"2024-01-22T19:41:05Z","ModifiedDate":"2024-01-22T19:41:05Z","PwnCount":15111945,"Description":"In January 2024, \u003Ca href=\u0022https://twitter.com/H4ckManac/status/1747527579559411959\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata was scraped from Trello and posted for sale on a popular hacking forum\u003C/a\u003E. Containing over 15M email addresses, names and usernames, the data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorised access had occurred.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Trello.png","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TrikSpamBotnet","Title":"Trik Spam Botnet","Domain":"","BreachDate":"2018-06-12","AddedDate":"2018-06-14T08:05:50Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":43432346,"Description":"In June 2018, the command and control server of a malicious botnet known as the \u0026quot;Trik Spam Botnet\u0026quot; \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/trik-spam-botnet-leaks-43-million-email-addresses/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas misconfigured such that it exposed the email addresses of more than 43 million people\u003C/a\u003E. The researchers who discovered the exposed Russian server believe the list of addresses was used to distribute various malware strains via malspam campaigns (emails designed to deliver malware).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":true,"IsSubscriptionFree":false},{"Name":"Trillian","Title":"Trillian","Domain":"trillian.im","BreachDate":"2015-12-27","AddedDate":"2016-07-15T11:14:44Z","ModifiedDate":"2016-07-15T11:14:44Z","PwnCount":3827238,"Description":"In December 2015, the instant messaging application \u003Ca href=\u0022https://www.trillian.im/help/trillian-blog-and-forums-security-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETrillian suffered a data breach\u003C/a\u003E. The breach became known in July 2016 and exposed various personal data attributes including names, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Trillian.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TruckersMP","Title":"TruckersMP","Domain":"truckersmp.com","BreachDate":"2016-02-25","AddedDate":"2016-04-24T21:27:05Z","ModifiedDate":"2016-04-24T21:27:05Z","PwnCount":83957,"Description":"In February 2016, the online trucking simulator mod \u003Ca href=\u0022http://truckersmp.com/en_US/blog/8\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETruckersMP suffered a data breach\u003C/a\u003E which exposed 84k user accounts. In a first for \u0022Have I Been Pwned\u0022, \u003Ca href=\u0022https://www.troyhunt.com/100-data-breaches-later-have-i-been-pwned-gets-its-first-self-submission/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe breached data was self-submitted directly by the organisation that was breached itself\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TruckersMP.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TrueFire","Title":"TrueFire","Domain":"truefire.com","BreachDate":"2020-02-21","AddedDate":"2020-08-02T20:46:26Z","ModifiedDate":"2020-08-02T20:46:26Z","PwnCount":599667,"Description":"In February 2020, the guitar tuition website \u003Ca href=\u0022https://guitar.com/news/industry-news/truefire-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETrueFire suffered a data breach\u003C/a\u003E which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TrueFire.png","DataClasses":["Account balances","Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TruthFinder","Title":"Truth Finder","Domain":"truthfinder.com","BreachDate":"2019-04-12","AddedDate":"2023-02-04T07:02:52Z","ModifiedDate":"2023-02-04T07:02:52Z","PwnCount":8159573,"Description":"In 2019, the public records search service \u003Ca href=\u0022https://www.truthfinder.com/security-incident-alert/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETruthFinder suffered a data breach that later came to light in early 2023\u003C/a\u003E. The data included over 8M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TruthFinder.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tumblr","Title":"tumblr","Domain":"tumblr.com","BreachDate":"2013-02-28","AddedDate":"2016-05-29T22:59:04Z","ModifiedDate":"2016-05-29T22:59:04Z","PwnCount":65469298,"Description":"In early 2013, \u003Ca href=\u0022https://staff.tumblr.com/post/144263069415/we-recently-learned-that-a-third-party-had\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etumblr suffered a data breach\u003C/a\u003E which resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tumblr.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TunedGlobal","Title":"Tuned Global","Domain":"tunedglobal.com","BreachDate":"2016-03-16","AddedDate":"2022-08-03T00:00:15Z","ModifiedDate":"2022-08-03T03:10:14Z","PwnCount":985586,"Description":"In January 2021, \u003Ca href=\u0022https://siliconangle.com/2021/01/20/shinyhunters-publishes-1-9m-stolen-user-credentials-photo-editing-site-pixlr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from a number of breached services including Tuned Global were released to a public hacking forum\u003C/a\u003E. The breach appears to date back to 2016 and includes 985k records containing email addresses, names, a small number of physical addresses and phone numbers and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TunedGlobal.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tunngle","Title":"Tunngle","Domain":"tunngle.net","BreachDate":"2016-07-01","AddedDate":"2023-10-21T21:20:33Z","ModifiedDate":"2023-10-21T21:20:33Z","PwnCount":8192928,"Description":"In 2016, the now defunct global LAN gaming network \u003Ca href=\u0022https://web.archive.org/web/20160305044242/http://www.tunngle.net/en/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETunngle\u003C/a\u003E suffered a data breach that exposed 8.2M unique email addresses. The compromised data also included usernames, IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tunngle.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Twitter","Title":"Twitter","Domain":"twitter.com","BreachDate":"2022-01-01","AddedDate":"2022-08-13T02:29:52Z","ModifiedDate":"2022-08-13T02:40:49Z","PwnCount":6682453,"Description":"In January 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-selling-twitter-account-data-of-54-million-users-for-30k/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea vulnerability in Twitter\u0027s platform allowed an attacker to build a database of the email addresses and phone numbers of millions of users of the social platform\u003C/a\u003E. In a disclosure notice later shared in August 2022, \u003Ca href=\u0022https://privacy.twitter.com/en/blog/2022/an-issue-affecting-some-anonymous-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETwitter advised that the vulnerability was related to a bug introduced in June 2021\u003C/a\u003E and that they are directly notifying impacted customers. The impacted data included either email address or phone number alongside other public information including the username, display name, bio, location and profile photo. The data included 6.7M unique email addresses across both active and suspended accounts, the latter appearing in a separate list of 1.4M addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Twitter.png","DataClasses":["Bios","Email addresses","Geographic locations","Names","Phone numbers","Profile photos","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Twitter200M","Title":"Twitter (200M)","Domain":"twitter.com","BreachDate":"2021-01-01","AddedDate":"2023-01-05T20:49:16Z","ModifiedDate":"2023-01-05T20:49:16Z","PwnCount":211524284,"Description":"In early 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/200-million-twitter-users-email-addresses-allegedly-leaked-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 200M records scraped from Twitter appeared on a popular hacking forum\u003C/a\u003E. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Twitter.png","DataClasses":["Email addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ubook","Title":"Ubook","Domain":"ubook.com","BreachDate":"2024-07-28","AddedDate":"2024-07-30T22:25:42Z","ModifiedDate":"2024-07-30T22:25:42Z","PwnCount":699908,"Description":"In July 2024, \u003Ca href=\u0022https://gbhackers.com/ubook-suffered-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum\u003C/a\u003E. Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to profile photos.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ubook.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Uiggy","Title":"Uiggy","Domain":"uiggy.com","BreachDate":"2016-06-01","AddedDate":"2016-06-27T08:07:18Z","ModifiedDate":"2016-06-27T08:07:18Z","PwnCount":2682650,"Description":"In June 2016, the Facebook application known as \u003Ca href=\u0022http://www.uiggy.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUiggy\u003C/a\u003E was hacked and 4.3M accounts were exposed, 2.7M of which had email addresses against them. The leaked accounts also exposed names, genders and the Facebook ID of the owners.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Uiggy.png","DataClasses":["Email addresses","Genders","Names","Social connections","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ulmon","Title":"Ulmon","Domain":"ulmon.com","BreachDate":"2020-01-26","AddedDate":"2020-05-08T02:10:50Z","ModifiedDate":"2020-05-08T02:14:52Z","PwnCount":777769,"Description":"In January 2020, the travel app creator \u003Ca href=\u0022https://www.ulmon.com/blogging/2020/5/4/information-on-ulmon-user-account-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUlmon suffered a data breach\u003C/a\u003E. The service had almost 1.3M records with 777k unique email addresses, names, passwords stored as bcrypt hashes and in some cases, social media profile IDs, telephone numbers and bios. The data was subsequently posted to a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ulmon.png","DataClasses":["Bios","Email addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IGF","Title":"UN Internet Governance Forum","Domain":"intgovforum.org","BreachDate":"2014-02-20","AddedDate":"2014-02-23T04:32:08Z","ModifiedDate":"2014-02-23T04:32:08Z","PwnCount":3200,"Description":"In February 2014, the Internet Governance Forum (formed by the United Nations for policy dialogue on issues of internet governance) was \u003Ca href=\u0022http://www.cyberwarnews.info/2014/02/20/united-nations-internet-governance-forum-hacked-3215-accounts-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked by hacker collective known as Deletesec\u003C/a\u003E. Although tasked with \u0026quot;ensuring the security and stability of the Internet\u0026quot;, the IGF\u2019s website was still breached and resulted in the leak of 3,200 email addresses, names, usernames and cryptographically stored passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IGF.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UnderworldEmpire","Title":"Underworld Empire","Domain":"underworldempireforums.com","BreachDate":"2017-04-25","AddedDate":"2018-02-19T10:28:11Z","ModifiedDate":"2018-02-19T10:28:11Z","PwnCount":428779,"Description":"In April 2017, \u003Ca href=\u0022http://underworldempireforums.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe vBulletin forum for the Underworld Empire game\u003C/a\u003E suffered a data breach that exposed 429k accounts. The data was then posted to a hacking forum in mid-February 2018 where it was made available to download. The source data contained IP and email addresses, usernames and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UnderworldEmpire.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UnicoCampania","Title":"Unico Campania","Domain":"unicocampania.it","BreachDate":"2020-08-19","AddedDate":"2020-08-19T23:29:21Z","ModifiedDate":"2020-08-19T23:29:21Z","PwnCount":166031,"Description":"In August 2020, the Neapolitan public transport website \u003Ca href=\u0022https://www.fanpage.it/napoli/unico-campania-hackerato-il-sito-65mila-email-e-password-di-utenti-in-rete-subito-disattivati/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUnico Campania was hacked and the data extensively circulated\u003C/a\u003E. The breach contained 166k user records with email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UnicoCampania.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Universarium","Title":"Universarium","Domain":"universarium.org","BreachDate":"2019-11-01","AddedDate":"2020-01-03T09:40:01Z","ModifiedDate":"2020-01-03T09:54:20Z","PwnCount":564962,"Description":"In approximately November 2019, the Russian \u0026quot;Remote preparatory faculty for IT specialties\u0026quot; \u003Ca href=\u0022https://universarium.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUniversarium\u003C/a\u003E suffered a data breach. The incident exposed 565k email addresses and passwords in plain text. Universarium did not respond to multiple attempts to make contact over a period of many weeks. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Universarium.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UC","Title":"University of California","Domain":"universityofcalifornia.edu","BreachDate":"2020-12-24","AddedDate":"2021-06-20T07:44:34Z","ModifiedDate":"2021-07-04T01:03:54Z","PwnCount":547422,"Description":"In December 2020, \u003Ca href=\u0022https://portswigger.net/daily-swig/uc-berkeley-confirms-data-breach-becomes-latest-victim-of-accellion-cyber-attack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe University of California suffered a data breach due to vulnerability in in a third-party provider, Accellion\u003C/a\u003E. The breach exposed extensive personal data on both students and staff including 547 thousand unique email addresses, names, dates of birth, genders, social security numbers, ethnicities and other academic related data attributes. Further analysis is available in \u003Ca href=\u0022https://cgorlla.github.io/project/uc\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EExploring the Impact of the UC Data Breach\u003C/a\u003E. The data was provided to HIBP courtesy of Cyril Gorlla.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UC.png","DataClasses":["Dates of birth","Education levels","Email addresses","Ethnicities","Genders","Job titles","Names","Phone numbers","Physical addresses","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UnrealEngine","Title":"Unreal Engine","Domain":"unrealengine.com","BreachDate":"2016-08-11","AddedDate":"2016-11-07T09:04:54Z","ModifiedDate":"2016-11-07T09:04:54Z","PwnCount":530147,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/epic-games-unreal-engine-forums-hacked-in-latest-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Unreal Engine Forum suffered a data breach\u003C/a\u003E, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 530k accounts including usernames, email addresses and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UnrealEngine.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Astoria","Title":"Unverified Data Source","Domain":"astoriacompany.com","BreachDate":"2021-01-26","AddedDate":"2021-03-24T01:47:35Z","ModifiedDate":"2021-04-12T22:58:35Z","PwnCount":11498146,"Description":"In January 2021, over 11M unique email addresses were discovered by Night Lion Security alongside an extensive amount of personal information including names, physical and IP addresses, phone numbers and dates of birth. Some records also contained social security numbers, driver\u0027s license details, personal financial information and health-related data, depending on where the information was sourced from. Initially attributed to Astoria Company, \u003Ca href=\u0022https://astoriacompany.com/cyber-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethey subsequently investigated the incident and confirmed the data did not originate from their services\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Bank account numbers","Credit status information","Dates of birth","Email addresses","Employers","Health insurance information","Income levels","IP addresses","Names","Personal health data","Phone numbers","Physical addresses","Smoking habits","Social security numbers"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Upstox","Title":"Upstox","Domain":"upstox.com","BreachDate":"2021-04-08","AddedDate":"2022-01-19T03:29:03Z","ModifiedDate":"2022-01-19T03:29:03Z","PwnCount":111002,"Description":"In April 2021, Indian brokerage firm \u003Ca href=\u0022https://www.hackread.com/shinyhunters-broker-firm-upstox-database-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUpstox suffered a data breach\u003C/a\u003E. The incident exposed extensive personal information on over 100k customers including names, genders, dates of birth, physical addresses, banking information and passwords stored as bcrypt hashes. Extensive \u0026quot;know your customer\u0026quot; information was also exposed including scans of bank statements, cheques and identity documents complete with Aadhaar numbers. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Upstox.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Family members\u0027 names","Genders","Government issued IDs","Income levels","Marital statuses","Nationalities","Occupations","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UtahGunExchange","Title":"Utah Gun Exchange","Domain":"utahgunexchange.com","BreachDate":"2020-07-17","AddedDate":"2020-08-19T07:56:09Z","ModifiedDate":"2020-08-19T08:05:00Z","PwnCount":235233,"Description":"In July 2020, \u003Ca href=\u0022https://www.forbes.com/sites/daveywinder/2020/08/15/gun-owners-beware-hacker-offers-240000-stolen-records-on-dark-web-report-utah-gun-exchange-amazon-cloud/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Utah Gun Exchange website suffered a data breach\u003C/a\u003E which included several other associated websites. In total, 235k unique email addresses were exposed before being traded online alongside names, usernames, genders, IP addresses and password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UtahGunExchange.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"uTorrent","Title":"uTorrent","Domain":"utorrent.com","BreachDate":"2016-01-14","AddedDate":"2016-11-05T22:32:39Z","ModifiedDate":"2016-11-05T22:32:39Z","PwnCount":395044,"Description":"In early 2016, the forum for the uTorrent BitTorrent client \u003Ca href=\u0022https://torrentfreak.com/utorrent-forums-hacked-passwords-compromised-160608/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach\u003C/a\u003E which came to light later in the year. The database from the IP.Board based forum contained 395k accounts including usernames, email addresses and MD5 password hashes without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/uTorrent.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"uuu9","Title":"uuu9","Domain":"uuu9.com","BreachDate":"2016-09-06","AddedDate":"2016-12-27T10:05:41Z","ModifiedDate":"2016-12-27T10:05:41Z","PwnCount":7485802,"Description":"In September 2016, data was allegedly obtained from the Chinese website known as \u003Ca href=\u0022http://www.uuu9.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Euuu9.com\u003C/a\u003E and contained 7.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and user names. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/uuu9.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vakinha","Title":"Vakinha","Domain":"vakinha.com.br","BreachDate":"2020-06-22","AddedDate":"2020-08-01T05:56:06Z","ModifiedDate":"2020-08-01T05:56:06Z","PwnCount":4775203,"Description":"In June 2020, the Brazilian fund raising service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVakinha suffered a data breach\u003C/a\u003E which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vakinha.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vastaamo","Title":"Vastaamo","Domain":"vastaamo.fi","BreachDate":"2019-03-31","AddedDate":"2021-07-17T01:51:01Z","ModifiedDate":"2021-08-27T05:37:20Z","PwnCount":30433,"Description":"In October 2020, the Finnish psychotherapy service \u003Ca href=\u0022https://www.wired.com/story/vastaamo-psychotherapy-patients-hack-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVastaamo was the subject of a ransomware attack targeting first the company itself, followed by their patients directly\u003C/a\u003E. The original security incident dates back to a period between late 2018 and early 2019 and exposed data including 30k unique email addresses, names, social security numbers and notes on individuals\u0027 psychotherapy sessions. This breach has been flagged as \u0026quot;sensitive\u0026quot; and is only searchable by owners of the email addresses and domains exposed in the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vastaamo.png","DataClasses":["Email addresses","Names","Personal health data","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VBulletin","Title":"vBulletin","Domain":"vbulletin.com","BreachDate":"2015-11-03","AddedDate":"2016-01-24T13:15:11Z","ModifiedDate":"2016-01-24T13:15:11Z","PwnCount":518966,"Description":"In November 2015, the forum software maker \u003Ca href=\u0022http://www.theregister.co.uk/2015/11/03/vbulletin_forum_software_hacked_defaced/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EvBulletin suffered a serious data breach\u003C/a\u003E. The attack lead to the release of both forum user and customer accounts totalling almost 519k records. The breach included email addresses, birth dates, security questions and answers for customers and salted hashes of passwords for both sources.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VBulletin.png","DataClasses":["Dates of birth","Email addresses","Homepage URLs","Instant messenger identities","IP addresses","Passwords","Security questions and answers","Spoken languages","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vedantu","Title":"Vedantu","Domain":"vedantu.com","BreachDate":"2019-07-08","AddedDate":"2019-11-01T05:13:40Z","ModifiedDate":"2019-11-01T05:13:40Z","PwnCount":686899,"Description":"In mid-2019, the Indian interactive online tutoring platform \u003Ca href=\u0022https://www.vedantu.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVedantu\u003C/a\u003E suffered a data breach which exposed the personal data of 687k users. The JSON formatted database dump exposed extensive personal information including email and IP address, names, phone numbers, genders and passwords stored as bcrypt hashes. When contacted about the incident, Vedantu advised that they were aware of the breach and were in the process of informing their customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vedantu.png","DataClasses":["Browser user agent details","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Spoken languages","Time zones","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VerificationsIO","Title":"Verifications.io","Domain":"verifications.io","BreachDate":"2019-02-25","AddedDate":"2019-03-09T19:29:54Z","ModifiedDate":"2019-03-09T20:49:51Z","PwnCount":763117241,"Description":"In February 2019, the email address validation service \u003Ca href=\u0022https://securitydiscovery.com/800-million-emails-leaked-online-by-email-verification-service\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Everifications.io suffered a data breach\u003C/a\u003E. Discovered by \u003Ca href=\u0022https://twitter.com/mayhemdayone\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBob Diachenko\u003C/a\u003E and \u003Ca href=\u0022https://twitter.com/vinnytroia\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVinny Troia\u003C/a\u003E, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders. No passwords were included in the data. The Verifications.io website went offline during the disclosure process, although \u003Ca href=\u0022https://web.archive.org/web/20190227230352/https://verifications.io/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean archived copy remains viewable\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VerificationsIO.png","DataClasses":["Dates of birth","Email addresses","Employers","Genders","Geographic locations","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Verified","Title":"Verified","Domain":"verified.cm","BreachDate":"2014-01-10","AddedDate":"2014-07-06T04:16:37Z","ModifiedDate":"2014-07-06T04:16:37Z","PwnCount":16919,"Description":"In January 2014, \u003Ca href=\u0022http://securityaffairs.co/wordpress/21120/cyber-crime/verified-communities-hacked.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eone of the largest communities of Eastern Europe cybercriminals known as \u0022Verified\u0022 was hacked\u003C/a\u003E. The breach exposed nearly 17k users of the vBulletin forum including their personal messages and other potentially personally identifiable information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Verified.png","DataClasses":["Email addresses","Historical passwords","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vermillion","Title":"Vermillion","Domain":"v3rmillion.net","BreachDate":"2014-08-30","AddedDate":"2023-07-11T08:14:42Z","ModifiedDate":"2023-07-11T08:14:42Z","PwnCount":8106,"Description":"In August 2014, the Roblox hacking forum Vermillion suffered a data breach that exposed over 8k subscriber records. The breach of the MyBB forum exposed email and IP addresses, usernames, dates of birth and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vermillion.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vianet","Title":"Vianet","Domain":"vianet.com.np","BreachDate":"2020-04-08","AddedDate":"2020-04-22T03:00:17Z","ModifiedDate":"2020-04-22T03:00:17Z","PwnCount":94353,"Description":"In April 2020, the Nepalese internet service provider \u003Ca href=\u0022https://myrepublica.nagariknetwork.com/news/hackers-leak-personal-info-of-vianet-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVianet suffered a data breach\u003C/a\u003E. The attack on the ISP led to the exposure of 177k customer records including 94k unique email addresses. Also exposed were names, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vianet.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VictoryPhones","Title":"Victory Phones","Domain":"victoryphones.com","BreachDate":"2017-01-01","AddedDate":"2017-10-11T21:01:33Z","ModifiedDate":"2017-10-11T21:01:33Z","PwnCount":166046,"Description":"In January 2017, the automated telephony services company \u003Ca href=\u0022http://www.zdnet.com/article/republican-polling-firm-hacked-exposing-donor-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVictory Phones left a Mongo DB database publicly facing without a password\u003C/a\u003E. Subsequently, 213GB of data was downloaded by an unauthorised party including names, addresses, phone numbers and over 166k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VictoryPhones.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ViewFines","Title":"ViewFines","Domain":"viewfines.co.za","BreachDate":"2018-05-07","AddedDate":"2018-05-24T09:11:55Z","ModifiedDate":"2018-05-24T09:11:55Z","PwnCount":777649,"Description":"In May 2018, the South African website for viewing traffic fines online known as \u003Ca href=\u0022https://www.iafrikan.com/2018/05/24/south-africas-viewfines-suffered-major-data-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EViewFines suffered a data breach\u003C/a\u003E. Over 934k records containing 778k unique email addresses were exposed and included names, phone numbers, government issued IDs and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ViewFines.png","DataClasses":["Email addresses","Government issued IDs","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VivaAir","Title":"Viva Air","Domain":"vivaair.com","BreachDate":"2022-03-14","AddedDate":"2023-09-11T07:11:30Z","ModifiedDate":"2024-06-04T18:43:45Z","PwnCount":932232,"Description":"In March 2022, the now defunct Colombian airline \u003Ca href=\u0022https://muchohacker.lol/2023/01/viva-air-leak-26-millones-de-datos-privados-de-clientes-de-la-aerolinea-de-bajo-costo-estarian-en-linea-desde-hace-nueve-meses/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EViva Air suffered a data breach and subsequent ransomware attack\u003C/a\u003E. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VivaAir.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VK","Title":"VK","Domain":"vk.com","BreachDate":"2012-01-01","AddedDate":"2016-06-09T09:16:36Z","ModifiedDate":"2016-06-09T09:16:36Z","PwnCount":93338602,"Description":"In approximately 2012, the Russian social media site known as \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-100-million-accounts-for-vk-russias-facebook\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVK was hacked\u003C/a\u003E and almost 100 million accounts were exposed. The data emerged in June 2016 where it was being sold via a dark market website and included names, phone numbers email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VK.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VNG","Title":"VNG","Domain":"zing.vn","BreachDate":"2015-05-19","AddedDate":"2018-04-28T07:49:02Z","ModifiedDate":"2018-04-28T07:49:02Z","PwnCount":24853850,"Description":"In April 2018, \u003Ca href=\u0022https://congnghe.tuoitre.vn/lo-thong-tin-hang-tram-trieu-tai-khoan-khach-hang-vng-xin-loi-20180427225719109.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive data breach impacting the Vietnamese company known as VNG\u003C/a\u003E after data was discovered being traded on a popular hacking forum where it was extensively redistributed. The breach dated back to an incident in May of 2015 and included of over 163 million customers. The data in the breach contained a wide range of personal attributes including usernames, birth dates, genders and home addresses along with unsalted MD5 hashes and 25 million unique email addresses. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VNG.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Marital statuses","Names","Occupations","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vodafone","Title":"Vodafone","Domain":"vodafone.is","BreachDate":"2013-11-30","AddedDate":"2013-11-30T00:00:00Z","ModifiedDate":"2019-05-13T12:22:01Z","PwnCount":56021,"Description":"In November 2013, \u003Ca href=\u0022http://thehackernews.com/2013/11/vodafone-iceland-hacked-and-exposed.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVodafone in Iceland suffered an attack\u003C/a\u003E attributed to the Turkish hacker collective \u0026quot;Maxn3y\u0026quot;. The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vodafone.png","DataClasses":["Credit cards","Email addresses","Government issued IDs","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","SMS messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VoidTO","Title":"Void.to","Domain":"void.to","BreachDate":"2019-06-13","AddedDate":"2019-09-11T06:47:08Z","ModifiedDate":"2019-09-11T06:47:08Z","PwnCount":95431,"Description":"In June 2019, the hacking website \u003Ca href=\u0022https://void.to/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVoid.to\u003C/a\u003E suffered a data breach. There were 95k unique email addresses spread across 86k forum users and other tables in the database. A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as either salted MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VoidTO.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VTech","Title":"VTech","Domain":"vtechda.com","BreachDate":"2015-11-13","AddedDate":"2015-11-25T07:00:57Z","ModifiedDate":"2015-11-25T07:00:57Z","PwnCount":4833678,"Description":"In November 2015, \u003Ca href=\u0022http://www.troyhunt.com/2015/11/when-children-are-breached-inside.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackers extracted more than 4.8 million parents\u0027 and 227k children\u0027s accounts from VTech\u0027s Learning Lodge website\u003C/a\u003E. The Hong Kong company produces learning products for children including software sold via the compromised website. The data breach exposed extensive personal details including home addresses, security questions and answers and passwords stored as weak MD5 hashes. Furthermore, children\u0027s details including names, ages, genders and associations to their parents\u0027 records were also exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VTech.png","DataClasses":["Dates of birth","Email addresses","Family members\u0027 names","Genders","IP addresses","Names","Passwords","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":true,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VTightGel","Title":"V-Tight Gel","Domain":"vtightgel.com","BreachDate":"2016-02-13","AddedDate":"2017-11-17T07:31:16Z","ModifiedDate":"2017-11-17T07:47:39Z","PwnCount":2013164,"Description":"In approximately February 2016, data surfaced which was allegedly obtained from \u003Ca href=\u0022http://vtightgel.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EV-Tight Gel (vaginal tightening gel)\u003C/a\u003E. Whilst the data set was titled V-Tight, within there were \u003Ca href=\u0022https://pastebin.com/raw/pN7nyjJ7\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E50 other (predominantly wellness-related) domain names\u003C/a\u003E, most owned by the same entity. Multiple HIBP subscribers confirmed that although they couldn\u0027t recall providing data specifically to V-Tight, their personal information including name, phone and physical address was accurate. V-Tight Gel did not reply to multiple requests for comment.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VTightGel.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wakanim","Title":"Wakanim","Domain":"wakanim.tv","BreachDate":"2022-08-28","AddedDate":"2022-10-06T22:44:01Z","ModifiedDate":"2022-10-06T22:44:01Z","PwnCount":6706951,"Description":"In August 2022, the European streaming service \u003Ca href=\u0022https://www.animenewsnetwork.com/news/2022-09-07/wakanim-streaming-service-delays-content-after-possible-data-breach/.189234\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum\u003C/a\u003E. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wakanim.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wanelo","Title":"Wanelo","Domain":"wanelo.com","BreachDate":"2018-12-13","AddedDate":"2019-09-30T17:15:11Z","ModifiedDate":"2019-10-01T05:39:41Z","PwnCount":23165793,"Description":"In approximately December 2018, the digital mall \u003Ca href=\u0022https://www.zdnet.com/article/a-hacker-has-dumped-nearly-one-billion-user-records-over-the-past-two-months/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWanelo suffered a data breach\u003C/a\u003E. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes. After the initial HIBP load, further data containing names, shipping addresses and IP addresses were also provided to HIBP, albeit without direct association to the email addresses and passwords. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wanelo.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WarInc","Title":"War Inc.","Domain":"thewarinc.com","BreachDate":"2012-07-04","AddedDate":"2016-11-07T11:07:25Z","ModifiedDate":"2016-11-07T11:07:25Z","PwnCount":1020136,"Description":"In mid-2012, the real-time strategy game \u003Ca href=\u0022http://thewarinc.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWar Inc.\u003C/a\u003E suffered a data breach. The attack resulted in the exposure of over 1 million accounts including usernames, email addresses and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WarInc.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Warframe","Title":"Warframe","Domain":"warframe.com","BreachDate":"2014-11-24","AddedDate":"2016-07-21T02:25:49Z","ModifiedDate":"2016-07-21T02:25:49Z","PwnCount":819478,"Description":"In November 2014, the online game \u003Ca href=\u0022http://motherboard.vice.com/read/gaming-site-warframe-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWarframe was hacked\u003C/a\u003E and 819k unique email addresses were exposed. Allegedly due to a SQL injection flaw in Drupal, the attack exposed usernames, email addresses and data in a \u0022pass\u0022 column which adheres to the salted SHA12 password hashing pattern used by Drupal 7. Digital Extremes (the developers of Warframe), asserts the salted hashes are of \u0022alias names\u0022 rather than passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Warframe.png","DataClasses":["Email addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Warmane","Title":"Warmane","Domain":"warmane.com","BreachDate":"2016-12-01","AddedDate":"2018-09-08T07:54:18Z","ModifiedDate":"2018-09-08T07:57:44Z","PwnCount":1116256,"Description":"In approximately December 2016, the online service for World of Warcraft private servers \u003Ca href=\u0022https://www.warmane.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWarmane\u003C/a\u003E suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes. The data was subsequently extensively circulated online and was later provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Warmane.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WashingtonStateFoodWorkerCard","Title":"Washington State Food Worker Card","Domain":"foodworkercard.wa.gov","BreachDate":"2022-11-17","AddedDate":"2024-03-31T02:34:15Z","ModifiedDate":"2024-03-31T02:38:36Z","PwnCount":1594305,"Description":"In June 2023, \u003Ca href=\u0022https://tpchd.org/news/data-breach-exposed-food-worker-card-records-we-are-notifying-those-affected/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Tacoma-Pierce County Health Department announced a data breach of their Washington State Food Worker Card online training system\u003C/a\u003E. The breach was published to a popular hacking forum the year before and dated back to a 2018 database backup. Included in the data were 1.6M unique email addresses along with names, post codes, dates of birth and approximately 9.5k driver\u0027s licence numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TacomaPierceCountyHealthDepartment.png","DataClasses":["Dates of birth","Driver\u0027s licenses","Email addresses","Geographic locations","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wattpad","Title":"Wattpad","Domain":"wattpad.com","BreachDate":"2020-06-29","AddedDate":"2020-07-19T22:49:19Z","ModifiedDate":"2020-07-19T22:49:19Z","PwnCount":268765495,"Description":"In June 2020, the user-generated stories website \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWattpad suffered a huge data breach that exposed almost 270 million records\u003C/a\u003E. The data was initially sold then published on a public hacking forum where it was broadly shared. The incident exposed extensive personal information including names and usernames, email and IP addresses, genders, birth dates and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wattpad.png","DataClasses":["Bios","Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Social media profiles","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WeHeartIt","Title":"We Heart It","Domain":"weheartit.com","BreachDate":"2013-11-03","AddedDate":"2017-10-14T20:14:58Z","ModifiedDate":"2017-10-14T20:14:58Z","PwnCount":8600635,"Description":"In November 2013, the image-based social network \u003Ca href=\u0022http://help.weheartit.com/customer/portal/articles/2889018\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWe Heart It suffered a data breach\u003C/a\u003E. The incident wasn\u0027t discovered until October 2017 when 8.6 million user records were sent to HIBP. The data contained user names, email addresses and password hashes, 80% of which were salted SHA-256 with the remainder being MD5 with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WeHeartIt.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WedMeGood","Title":"WedMeGood","Domain":"wedmegood.com","BreachDate":"2021-01-06","AddedDate":"2021-05-13T00:08:20Z","ModifiedDate":"2021-05-13T00:08:20Z","PwnCount":1306723,"Description":"In January 2021, the Indian wedding planning platform \u003Ca href=\u0022https://www.thenewsminute.com/article/wedmegood-and-two-more-sites-hacked-103-crore-users-card-data-leaked-140996\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWedMeGood suffered a data breach that exposed 1.3 million customers\u003C/a\u003E. The breach exposed 41.5GB of data including email and physical addresses, names, genders, phone numbers and password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WedMeGood.png","DataClasses":["Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Weee","Title":"Weee","Domain":"sayweee.com","BreachDate":"2022-07-11","AddedDate":"2023-02-08T23:17:51Z","ModifiedDate":"2023-02-08T23:17:51Z","PwnCount":1117405,"Description":"In February 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata belonging to the Asian and Hispanic food delivery service Weee appeared on a popular hacking forum\u003C/a\u003E. Dating back to mid-2022, the data included 1.1M unique email addresses from 11M rows of orders containing names, phone numbers and delivery instructions.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Weee.png","DataClasses":["Delivery instructions","Email addresses","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WeLeakInfo","Title":"WeLeakInfo","Domain":"weleakinfo.com","BreachDate":"2021-03-08","AddedDate":"2021-03-15T22:48:25Z","ModifiedDate":"2021-05-03T11:08:29Z","PwnCount":11788,"Description":"In March 2021, \u003Ca href=\u0022https://krebsonsecurity.com/2021/03/weleakinfo-leaked-customer-payment-info/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Stripe account of the now-defunct WeLeakInfo service was taken over by \u0026quot;pompompurin\u0026quot;\u003C/a\u003E after acquiring an expired domain name with an email address used to manage the account. Access to Stripe then exposed almost 12k unique email addresses from customers who\u0027d made credit card payments in order to obtain breached data hosted by WeLeakInfo. The data was subsequently leaked publicly and also included names, payment histories, IP addresses, billing addresses, partial credit card data and the organisation making the purchase.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WeLeakInfo.png","DataClasses":["Browser user agent details","Email addresses","Employers","IP addresses","Names","Partial credit card data","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wendys","Title":"Wendy\u0027s","Domain":"wendys.com.ph","BreachDate":"2018-03-31","AddedDate":"2022-05-24T23:50:35Z","ModifiedDate":"2022-05-24T23:50:35Z","PwnCount":52485,"Description":"In March 2018, \u003Ca href=\u0022https://www.rappler.com/technology/202040-wendys-philippines-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWendy\u0027s in the Philippines suffered a data breach\u003C/a\u003E which impacted over 52k customers and job applicants. The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wendys.png","DataClasses":["Education levels","Email addresses","IP addresses","Job applications","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Whitepages","Title":"Whitepages","Domain":"whitepages.com","BreachDate":"2016-06-27","AddedDate":"2019-03-27T01:50:45Z","ModifiedDate":"2019-03-27T01:50:45Z","PwnCount":11657763,"Description":"In mid-2016, the telephone and address directory service \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWhitepages was among a raft of sites that were breached and their data then sold in early-2019\u003C/a\u003E. The data included over 11 million unique email addresses alongside names and passwords stored as either a SHA-1 or bcrypt hash. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Whitepages.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WHMCS","Title":"WHMCS","Domain":"whmcs.com","BreachDate":"2012-05-21","AddedDate":"2016-06-28T23:47:07Z","ModifiedDate":"2016-06-28T23:47:07Z","PwnCount":134047,"Description":"In May 2012, the web hosting, billing and automation company \u003Ca href=\u0022http://news.softpedia.com/news/UGNazi-Leaks-1-7-GB-of-Data-from-WHMCS-Servers-270914.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWHMCS suffered a data breach\u003C/a\u003E that exposed 134k email addresses. The breach included extensive information about customers and payment histories including partial credit card numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WHMCS.png","DataClasses":["Email addresses","Email messages","Employers","IP addresses","Names","Partial credit card data","Passwords","Payment histories","Physical addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WienerBuchereien","Title":"Wiener B\u00FCchereien","Domain":"","BreachDate":"2019-06-10","AddedDate":"2019-06-28T07:51:50Z","ModifiedDate":"2019-06-28T07:51:50Z","PwnCount":224119,"Description":"In June 2019, \u003Ca href=\u0022https://futurezone.at/digital-life/wiener-buechereien-gehackt-daten-von-77000-nutzern-im-netz/400524190\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe library of Vienna (Wiener B\u00FCchereien) suffered a data breach\u003C/a\u003E. The compromised data included 224k unique email addresses, names, physical addresses, phone numbers and dates of birth. The breached data was subsequently posted to Twitter by the alleged perpetrator of the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WienerBuchereien.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WifeLovers","Title":"Wife Lovers","Domain":"wifelovers.com","BreachDate":"2018-10-07","AddedDate":"2018-10-20T20:26:13Z","ModifiedDate":"2018-10-23T06:00:07Z","PwnCount":1274051,"Description":"In October 2018, the site dedicated to posting naked photos and other erotica of wives \u003Ca href=\u0022https://arstechnica.com/information-technology/2018/10/hack-on-8-adult-websites-exposes-oodles-of-intimate-user-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWife Lovers suffered a data breach\u003C/a\u003E. The underlying database supported a total of 8 different adult websites and contained over 1.2M unique email addresses. \u003Ca href=\u0022https://web.archive.org/web/20181020185005/http://wifelovers.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWife Lovers acknowledged the breach\u003C/a\u003E which impacted names, usernames, email and IP addresses and passwords hashed using the weak DEScrypt algorithm. The breach has been marked as \u0026quot;sensitive\u0026quot; due to the nature of the site.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WifeLovers.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WIIUISO","Title":"WIIU ISO","Domain":"wiiuiso.com","BreachDate":"2015-09-25","AddedDate":"2016-09-06T05:51:12Z","ModifiedDate":"2016-09-06T05:51:12Z","PwnCount":458155,"Description":"In September 2015, the Nintendo Wii U forum known as \u003Ca href=\u0022http://www.wiiuiso.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWIIU ISO\u003C/a\u003E was hacked and 458k accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WIIUISO.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WildStar","Title":"WildStar","Domain":"wildstar-online.com","BreachDate":"2015-07-11","AddedDate":"2016-03-06T21:41:16Z","ModifiedDate":"2016-03-06T21:41:16Z","PwnCount":738556,"Description":"In July 2015, the IP.Board forum for the gaming website \u003Ca href=\u0022http://www.wildstar-online.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWildStar\u003C/a\u003E suffered a data breach that exposed over 738k forum members\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WildStar.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Win7Vista","Title":"Win7Vista Forum","Domain":"win7vista.com","BreachDate":"2013-09-03","AddedDate":"2014-06-01T10:01:32Z","ModifiedDate":"2014-06-01T10:01:32Z","PwnCount":202683,"Description":"In September 2013, the \u003Ca href=\u0022http://www.win7vista.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWin7Vista\u003C/a\u003E Windows forum (since renamed to the \u0022Beyond Windows 9\u0022 forum) was hacked and later \u003Ca href=\u0022http://leak.sx/thread-186933\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehad its internal database dumped\u003C/a\u003E. The dump included over 200k members\u2019 personal information and other internal data extracted from the forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Win7Vista.png","DataClasses":["Email addresses","Instant messenger identities","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wishbone","Title":"Wishbone (2016)","Domain":"wishbone.io","BreachDate":"2016-08-07","AddedDate":"2017-03-15T19:29:52Z","ModifiedDate":"2020-05-28T03:55:18Z","PwnCount":2247314,"Description":"In August 2016, the mobile app to \u0026quot;compare anything\u0026quot; known as \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/popular-teen-quiz-app-wishbone-has-been-hacked-exposing-tons-of-user-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWishbone suffered a data breach\u003C/a\u003E. The data contained 9.4 million records with 2.2 million unique email addresses and was allegedly a subset of the complete data set. The exposed data included genders, birthdates, email addresses and phone numbers for an audience predominantly composed of teenagers and young adults.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wishbone.png","DataClasses":["Auth tokens","Dates of birth","Email addresses","Genders","Names","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wishbone2020","Title":"Wishbone (2020)","Domain":"wishbone.io","BreachDate":"2020-01-27","AddedDate":"2020-05-28T03:54:44Z","ModifiedDate":"2020-05-28T03:54:44Z","PwnCount":9705172,"Description":"In January 2020, the mobile app to \u0026quot;compare anything\u0026quot; \u003Ca href=\u0022https://www.infosecurity-magazine.com/news/wishbone-breach-40-million-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWishbone suffered another data breach\u003C/a\u003E which followed their breach from 2016. An extensive amount of personal information including almost 10M unique email addresses alongside names, phone numbers geographic locations and other personal attributes were leaked online and extensively redistributed. Passwords stored as unsalted MD5 hashes were also included in the breach. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;All3in\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wishbone.png","DataClasses":["Auth tokens","Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Profile photos","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WiziShop","Title":"WiziShop","Domain":"wizishop.fr","BreachDate":"2020-07-14","AddedDate":"2020-10-05T03:42:29Z","ModifiedDate":"2021-11-25T22:08:12Z","PwnCount":2856769,"Description":"In July 2020, the French e-commerce platform \u003Ca href=\u0022https://www.wizishop.fr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWiziShop\u003C/a\u003E suffered a data breach. The breach exposed 18GB worth of data including names, phone numbers, dates of birth, physical and IP addresses, SHA-1 password hashes and almost 3 million unique email addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;pom@pompur.in\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WiziShop.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wongnai","Title":"Wongnai","Domain":"wongnai.com","BreachDate":"2020-10-28","AddedDate":"2020-11-04T21:14:50Z","ModifiedDate":"2020-11-05T04:42:20Z","PwnCount":3924454,"Description":"In October 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-is-selling-34-million-user-records-stolen-from-17-companies/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E17 previously undisclosed data breaches appeared for sale\u003C/a\u003E including the Thai restaurant, hotel and attraction finding service, Wongnai. The breach exposed almost 4M unique customer records from some time during 2020 along with names, phone numbers, links to social media profiles and passwords stored as MD5 hashes. The data was self-submitted to HIBP by Wongnai.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wongnai.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WoTLabs","Title":"WoTLabs","Domain":"wotlabs.net","BreachDate":"2024-03-03","AddedDate":"2024-03-07T03:32:45Z","ModifiedDate":"2024-03-07T03:45:25Z","PwnCount":21994,"Description":"In March 2024, WoTLabs (World of Tanks Statistics and Resources) suffered a data breach and \u003Ca href=\u0022https://web.archive.org/web/20240303062156/http://forum.wotlabs.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewebsite defacement attributed to \u0026quot;chromebook breachers\u0026quot;\u003C/a\u003E. The breach exposed 22k forum members\u0027 personal data including email and IP addresses, usernames, dates of birth and time zones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WoTLabs.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Time zones","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WPSandbox","Title":"WPSandbox","Domain":"wpsandbox.io","BreachDate":"2018-11-04","AddedDate":"2018-11-06T07:26:07Z","ModifiedDate":"2018-11-06T07:26:07Z","PwnCount":858,"Description":"In November 2018, the WordPress sandboxing service that allows people to create temporary websites \u003Ca href=\u0022https://wpsandbox.io/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWP Sandbox\u003C/a\u003E discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. The phishing page requested both email addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WPSandbox.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WPT","Title":"WPT Amateur Poker League","Domain":"wptapl.com","BreachDate":"2014-01-04","AddedDate":"2014-02-01T02:57:21Z","ModifiedDate":"2014-02-01T02:57:21Z","PwnCount":148366,"Description":"In January 2014, the \u003Ca href=\u0022http://www.wptapl.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWorld Poker Tour (WPT) Amateur Poker League website\u003C/a\u003E was hacked by the Twitter user @smitt3nz. The attack resulted in the public disclosure of 175,000 accounts including 148,000 email addresses. The plain text password for each account was also included in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WPT.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"xat","Title":"xat","Domain":"xat.com","BreachDate":"2015-11-04","AddedDate":"2016-08-05T06:53:35Z","ModifiedDate":"2016-08-05T06:53:35Z","PwnCount":5968783,"Description":"In November 2015, the online chatroom known as \u003Ca href=\u0022http://xat.com/databreach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;xat\u0026quot; was hacked\u003C/a\u003E and 6 million user accounts were exposed. Used as a chat engine on websites, the leaked data included usernames, email and IP addresses along with hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/xat.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Xbox360ISO","Title":"Xbox 360 ISO","Domain":"xbox360iso.com","BreachDate":"2015-09-25","AddedDate":"2017-01-29T07:20:52Z","ModifiedDate":"2017-01-29T07:20:52Z","PwnCount":1296959,"Description":"In approximately September 2015, the XBOX 360 forum known as \u003Ca href=\u0022http://www.xbox360iso.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXBOX360 ISO\u003C/a\u003E was hacked and 1.2 million accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Xbox360ISO.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Xbox-Scene","Title":"Xbox-Scene","Domain":"xboxscene.com","BreachDate":"2015-02-01","AddedDate":"2016-02-07T20:26:56Z","ModifiedDate":"2016-02-07T20:26:56Z","PwnCount":432552,"Description":"In approximately February 2015, the Xbox forum known as \u003Ca href=\u0022http://xboxscene.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXbox-Scene\u003C/a\u003E was hacked and more than 432k accounts were exposed. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Xbox-Scene.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"xHamster","Title":"xHamster","Domain":"xhamster.com","BreachDate":"2016-11-28","AddedDate":"2018-03-08T02:09:26Z","ModifiedDate":"2018-03-08T02:09:26Z","PwnCount":377377,"Description":"In November 2016, news broke that \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/kb7kqx/hackers-are-trading-hundreds-of-thousands-of-xhamster-porn-account-details\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackers were trading hundreds of thousands of xHamster porn account details\u003C/a\u003E. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/xHamster.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Xiaomi","Title":"Xiaomi","Domain":"xiaomi.cn","BreachDate":"2012-08-01","AddedDate":"2019-07-21T21:45:31Z","ModifiedDate":"2019-07-21T21:45:31Z","PwnCount":7088010,"Description":"In August 2012, \u003Ca href=\u0022https://thehackernews.com/2014/10/xiaomi-data-breach-hacker.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Xiaomi user forum website suffered a data breach\u003C/a\u003E. In all, 7 million email addresses appeared in the breach although a significant portion of them were numeric aliases on the bbs_ml_as_uid.xiaomi.com domain. Usernames, IP addresses and passwords stored as salted MD5 hashes were also exposed. The data was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Xiaomi.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"XKCD","Title":"XKCD","Domain":"xkcd.com","BreachDate":"2019-07-01","AddedDate":"2019-09-01T08:58:32Z","ModifiedDate":"2019-09-01T08:58:32Z","PwnCount":561991,"Description":"In July 2019, \u003Ca href=\u0022https://forums.xkcd.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum for webcomic XKCD\u003C/a\u003E suffered a data breach that impacted 562k subscribers. The breached phpBB forum leaked usernames, email and IP addresses and passwords stored in MD5 phpBB3 format. The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/XKCD.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"XPGameSaves","Title":"XPG","Domain":"xpgamesaves.com","BreachDate":"2016-01-01","AddedDate":"2017-07-01T15:28:17Z","ModifiedDate":"2017-07-01T15:28:17Z","PwnCount":890341,"Description":"In approximately early 2016, the gaming website \u003Ca href=\u0022http://www.xpgamesaves.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXpgamesaves\u003C/a\u003E (XPG) suffered a data breach resulting in the exposure of 890k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory. This data was provided by security researcher and data analyst, Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/XPGameSaves.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"XSplit","Title":"XSplit","Domain":"xsplit.com","BreachDate":"2013-11-07","AddedDate":"2015-08-08T04:28:48Z","ModifiedDate":"2015-08-08T04:28:48Z","PwnCount":2983472,"Description":"In November 2013, the makers of gaming live streaming and recording software \u003Ca href=\u0022https://www.xsplit.com/blog/xsplit-password-reset-alert\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXSplit was compromised in an online attack\u003C/a\u003E. The data breach leaked almost 3M names, email addresses, usernames and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/XSplit.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yahoo","Title":"Yahoo","Domain":"yahoo.com","BreachDate":"2012-07-11","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":453427,"Description":"In July 2012, Yahoo! had their online publishing service \u0026quot;Voices\u0026quot; compromised via a SQL injection attack. The breach resulted in the disclosure of nearly half a million usernames and passwords stored in plain text. The breach showed that of the compromised accounts, a staggering \u003Ca href=\u0022http://www.troyhunt.com/2012/07/what-do-sony-and-yahoo-have-in-common.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E59% of people who also had accounts in the Sony breach reused their passwords across both services\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yahoo.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yam","Title":"Yam","Domain":"yam.com","BreachDate":"2013-06-02","AddedDate":"2021-05-22T08:02:31Z","ModifiedDate":"2021-05-22T08:02:31Z","PwnCount":13258797,"Description":"In June 2013, the Taiwanese website \u003Ca href=\u0022https://twitter.com/StillAzureH/status/1383234219153846276\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EYam.com suffered a data breach which was shared to a popular hacking forum in 2021\u003C/a\u003E. The data included 13 million unique email addresses alongside names, usernames, phone numbers, physical addresses, dates of birth and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yam.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yandex","Title":"Yandex Dump","Domain":"forum.btcsec.com","BreachDate":"2014-09-07","AddedDate":"2014-09-12T04:50:32Z","ModifiedDate":"2014-09-12T04:50:32Z","PwnCount":1186564,"Description":"In September 2014, \u003Ca href=\u0022http://habrahabr.ru/post/235949/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive leak of accounts from Yandex\u003C/a\u003E, the Russian search engine giants who also provides email services. The purported million \u0026quot;breached\u0026quot; accounts were disclosed at the same time as nearly 5M mail.ru accounts with \u003Ca href=\u0022http://globalvoicesonline.org/2014/09/10/russia-email-yandex-mailru-passwords-hacking/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eboth companies claiming the credentials were acquired via phishing scams\u003C/a\u003E rather than being obtained as a result of direct attacks against their services.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yandex.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yatra","Title":"Yatra","Domain":"yatra.com","BreachDate":"2013-09-01","AddedDate":"2018-07-04T23:15:57Z","ModifiedDate":"2018-07-04T23:15:57Z","PwnCount":5033997,"Description":"In September 2013, the Indian bookings website known as \u003Ca href=\u0022https://www.yatra.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EYatra\u003C/a\u003E had 5 million records exposed in a data breach. The data contained email and physical addresses, dates of birth and phone numbers along with both PINs and passwords stored in plain text. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yatra.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","PINs"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YoteprestoCom","Title":"yotepresto.com","Domain":"yotepresto.com","BreachDate":"2020-06-22","AddedDate":"2021-06-25T05:04:47Z","ModifiedDate":"2021-06-25T05:04:47Z","PwnCount":1444629,"Description":"In June 2020, the Mexican lending platform \u003Ca href=\u0022https://newsbeezer.com/mexicoeng/yotepresto-has-disclosed-the-emails-and-passwords-of-all-1-4-million-customers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eyotepresto.com suffered a data breach\u003C/a\u003E. Over 1.4 million customers were impacted by the breach which disclosed email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/YoteprestoCom.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Youku","Title":"Youku","Domain":"youku.com","BreachDate":"2016-12-01","AddedDate":"2017-04-15T11:02:35Z","ModifiedDate":"2017-04-15T11:02:35Z","PwnCount":91890110,"Description":"In late 2016, the online Chinese video service \u003Ca href=\u0022http://www.youku.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EYouku\u003C/a\u003E suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Youku.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YouNow","Title":"YouNow","Domain":"younow.com","BreachDate":"2019-02-15","AddedDate":"2019-07-18T08:59:45Z","ModifiedDate":"2019-07-18T08:59:45Z","PwnCount":18241518,"Description":"In February 2019, \u003Ca href=\u0022https://techcrunch.com/2019/02/14/hacker-strikes-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the live broadcasting service YouNow appeared for sale on a dark web marketplace\u003C/a\u003E. Whilst it\u0027s not clear what date the actual breach occurred on, the impacted data included 18M unique email addresses, IP addresses, names, usernames and links to social media profiles. As authentication is performed via social providers, no passwords were exposed in the breach. Many records didn\u0027t have associated email addresses thus the unique number is lower than the reported total number of accounts. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/YouNow.png","DataClasses":["Email addresses","IP addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YouPorn","Title":"YouPorn","Domain":"youporn.com","BreachDate":"2012-02-21","AddedDate":"2015-07-30T05:32:00Z","ModifiedDate":"2018-05-20T05:24:11Z","PwnCount":1327567,"Description":"In February 2012, the adult website YouPorn \u003Ca href=\u0022http://www.huffingtonpost.com/2012/02/22/youporn-hacked-email-addresses-passwords_n_1294502.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehad over 1.3M user accounts exposed in a data breach\u003C/a\u003E. The publicly released data included both email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/YouPorn.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YouveBeenScraped","Title":"You\u0027ve Been Scraped","Domain":"","BreachDate":"2018-10-05","AddedDate":"2018-12-06T19:11:27Z","ModifiedDate":"2018-12-06T19:11:27Z","PwnCount":66147869,"Description":"In October and November 2018, \u003Ca href=\u0022https://blog.hackenproof.com/industry-news/new-report-unknown-data-scraper-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator\u003C/a\u003E. Containing a total of over 66M records, the owner of the data couldn\u0027t be identified but it is believed to have been scraped from LinkedIn hence the title \u0026quot;You\u0027ve Been Scraped\u0026quot;. The exposed records included names, both work and personal email addresses, job titles and links to the individuals\u0027 LinkedIn profiles.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","Geographic locations","Job titles","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zacks","Title":"Zacks","Domain":"zacks.com","BreachDate":"2020-05-10","AddedDate":"2023-06-10T23:10:02Z","ModifiedDate":"2023-06-10T23:23:18Z","PwnCount":8929503,"Description":"In December 2022, the investment research company \u003Ca href=\u0022https://www.zacks.com/breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZacks announced a data breach\u003C/a\u003E. The following month, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/zacks-investment-research-data-breach-affects-820-000-clients/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereports emerged of the incident impacting 820k customers\u003C/a\u003E. However, in June 2023, a corpus of data with almost 9M Zacks customers appeared before being broadly circulated on a popular hacking forum. The most recent data was dated May 2020 and included names, usernames, email and physical addresses, phone numbers and passwords stored as unsalted SHA-256 hashes. On disclosure of the larger breach, Zacks advised that in addition to their original report \u0026quot;the unauthorised third parties also gained access to encrypted [sic] passwords of zacks.com customers, but only in the encrypted [sic] format\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zacks.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ZadigVoltaire","Title":"Zadig \u0026 Voltaire","Domain":"zadig-et-voltaire.com","BreachDate":"2023-11-16","AddedDate":"2024-06-17T06:02:11Z","ModifiedDate":"2024-06-17T06:02:11Z","PwnCount":586895,"Description":"In June 2024, \u003Ca href=\u0022https://x.com/h4ckmanac/status/1798228918006091819\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data brach sourced from French fashion brand Zadig \u0026 Voltaire was publicly posted to a popular hacking forum\u003C/a\u003E. The data included names, email and physical addresses, phone numbers and genders. When contacted about the incident, Zadig \u0026 Voltaire advised the incident had occurred more than 6 months ago and that \u0026quot;all measures were taken quickly\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ZadigVoltaire.png","DataClasses":["Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ZAPHosting","Title":"ZAP-Hosting","Domain":"zap-hosting.com","BreachDate":"2021-11-22","AddedDate":"2022-03-19T23:48:45Z","ModifiedDate":"2022-03-19T23:48:45Z","PwnCount":746682,"Description":"In November 2021, web host \u003Ca href=\u0022https://twitter.com/zaphosting/status/1503346593591873543\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZAP-Hosting suffered a data breach\u003C/a\u003E that exposed over 60GB of data containing 746k unique email addresses. The breach also contained support chat logs, IP addresses, names, purchases, physical addresses and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ZAPHosting.png","DataClasses":["Browser user agent details","Chat logs","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zhenai","Title":"Zhenai.com","Domain":"zhenai.com","BreachDate":"2011-12-21","AddedDate":"2019-07-11T06:31:32Z","ModifiedDate":"2019-07-11T06:31:32Z","PwnCount":5024908,"Description":"In December 2011, the Chinese dating site known as \u003Ca href=\u0022http://nic.xjtu.edu.cn/info/1018/1909.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZhenai.com suffered a data breach\u003C/a\u003E that impacted 5 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zhenai.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zomato","Title":"Zomato","Domain":"zomato.com","BreachDate":"2017-05-17","AddedDate":"2017-09-04T21:06:46Z","ModifiedDate":"2017-09-04T21:06:46Z","PwnCount":16472873,"Description":"In May 2017, the restaurant guide website \u003Ca href=\u0022https://www.hackread.com/zomato-hacked-17-million-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZomato was hacked\u003C/a\u003E resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zomato.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zoomcar","Title":"Zoomcar","Domain":"zoomcar.com","BreachDate":"2018-07-01","AddedDate":"2020-06-05T02:57:26Z","ModifiedDate":"2020-06-05T02:57:26Z","PwnCount":3589795,"Description":"In July 2018, the Indian self-drive car rental company \u003Ca href=\u0022https://tech.economictimes.indiatimes.com/news/internet/data-of-3-5-million-zoomcar-customers-up-for-sale/75896086\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZoomcar suffered a data breach which was subsequently sold on a dark web marketplace in 2020\u003C/a\u003E. The breach exposed over 3.5M records including names, email and IP addresses, phone numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zoomcar.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zoosk","Title":"Zoosk (2011)","Domain":"zoosk.com","BreachDate":"2011-01-01","AddedDate":"2017-02-08T07:59:39Z","ModifiedDate":"2020-08-06T21:54:13Z","PwnCount":52578183,"Description":"In approximately 2011, an alleged breach of the dating website \u003Ca href=\u0022https://www.zoosk.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZoosk\u003C/a\u003E began circulating. Comprised of almost 53 million records, the data contained email addresses and plain text passwords. However, during extensive verification in May 2016 \u003Ca href=\u0022https://www.troyhunt.com/heres-how-i-verify-data-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eno evidence could be found that the data was indeed sourced from the dating service\u003C/a\u003E. This breach has consequently been flagged as \u003Ca href=\u0022https://www.troyhunt.com/introducing-fabricated-data-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Efabricated\u003C/a\u003E; it\u0027s highly unlikely the data was sourced from Zoosk.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zoosk.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":true,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zoosk2020","Title":"Zoosk (2020)","Domain":"zoosk.com","BreachDate":"2020-01-12","AddedDate":"2020-08-07T03:46:38Z","ModifiedDate":"2020-08-07T03:46:38Z","PwnCount":23927853,"Description":"In January 2020, the online dating service \u003Ca href=\u0022https://grahamcluley.com/zoosk-hacking/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZoosk suffered a data breach\u003C/a\u003E which was subsequently shared extensively across online hacking communities. The breach contained 24 million unique email addresses alongside extensive personal information including genders, sexualities, dates of birth, physical attributes such as height and weight, religions, ethnicities and political views. The breach also allegedly exposed MD5 password hashes, although the data circulating in hacking circles had this field nulled out. The breach was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zoosk.png","DataClasses":["Dates of birth","Drinking habits","Education levels","Email addresses","Ethnicities","Family structure","Genders","Geographic locations","Income levels","Names","Nicknames","Physical attributes","Political views","Relationship statuses","Religions","Sexual orientations","Smoking habits"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zooville","Title":"Zooville","Domain":"zooville.org","BreachDate":"2019-09-27","AddedDate":"2019-10-19T21:22:44Z","ModifiedDate":"2019-10-20T21:58:16Z","PwnCount":71407,"Description":"In September 2019, the zoophilia and bestiality forum \u003Ca href=\u0022https://www.zooville.org/threads/security-incident-and-site-rebuild-september-2019.9/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZooville suffered a data breach\u003C/a\u003E. The usernames and email addresses of 71k members were accessed via an unpatched vulnerability in the vBulletin forum software then subsequently distributed online. A second data set was later provided to HIBP which contained a complete vBulletin database dump including IP addresses, dates of birth and passwords stored as bcrypt hashes. The site administrator advised that following the breach, all data had been deleted from the forum and a new one had been stood up on the XenForo platform. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;burger vault\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zooville.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zurich","Title":"Zurich","Domain":"zurich.co.jp","BreachDate":"2023-01-08","AddedDate":"2023-01-22T22:30:56Z","ModifiedDate":"2023-01-22T22:30:56Z","PwnCount":756737,"Description":"In January 2023, \u003Ca href=\u0022https://therecord.media/millions-of-aflac-zurich-insurance-customers-in-japan-have-data-leaked-after-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses\u003C/a\u003E. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zurich.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zynga","Title":"Zynga","Domain":"zynga.com","BreachDate":"2019-09-01","AddedDate":"2019-12-19T04:54:45Z","ModifiedDate":"2020-01-11T00:41:51Z","PwnCount":172869660,"Description":"In September 2019, game developer \u003Ca href=\u0022https://www.cnet.com/news/words-with-friends-hack-reportedly-exposes-data-of-more-than-200m-players/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZynga (the creator of Words with Friends) suffered a data breach\u003C/a\u003E. The incident exposed 173M unique email addresses alongside usernames and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zynga.png","DataClasses":["Email addresses","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Parapa","Title":"\u041F\u0430\u0440\u0430 \u041F\u0430","Domain":"parapa.mail.ru","BreachDate":"2016-08-08","AddedDate":"2016-12-28T07:03:17Z","ModifiedDate":"2016-12-28T07:03:17Z","PwnCount":4946850,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/over-25-million-accounts-stolen-after-mail-ru-forums-raided-by-hackers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Russian gaming site known as \u041F\u0430\u0440\u0430 \u041F\u0430 (or parapa.mail.ru) was hacked\u003C/a\u003E along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 4.9 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Parapa.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SprashivaiRu","Title":"\u0421\u043F\u0440\u0430\u0448\u0438\u0432\u0430\u0439.\u0440\u0443","Domain":"sprashivai.ru","BreachDate":"2015-05-11","AddedDate":"2015-05-12T23:50:08Z","ModifiedDate":"2015-05-12T23:50:08Z","PwnCount":3474763,"Description":"In May 2015, \u003Ca href=\u0022http://sprashivai.ru/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0421\u043F\u0440\u0430\u0448\u0438\u0432\u0430\u0439.\u0440\u0443\u003C/a\u003E (a the Russian website for anonymous reviews) was \u003Ca href=\u0022http://tjournal.ru/p/sprashivairu-passwords-leak\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereported to have had 6.7 million user details exposed\u003C/a\u003E by a hacker known as \u0026quot;w0rm\u0026quot;. Intended to be a site for expressing anonymous opinions, the leaked data included email addresses, birth dates and other personally identifiable data about almost 3.5 million unique email addresses found in the leak.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SprashivaiRu.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DecoratingTheHouse","Title":"\uC9D1\uAFB8\uBBF8\uAE30","Domain":"ggumim.co.kr","BreachDate":"2020-03-27","AddedDate":"2020-08-02T05:34:42Z","ModifiedDate":"2020-08-02T05:34:42Z","PwnCount":1298651,"Description":"In March 2020, the Korean interior decoration website \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E???? (Decorating the House) suffered a data breach\u003C/a\u003E which impacted almost 1.3 million members. Served via the URL \u003Ca href=\u0022https://www.ggumim.co.kr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eggumim.co.kr\u003C/a\u003E, the exposed data included email addresses, names, usernames and phone numbers, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DecoratingTheHouse.png","DataClasses":["Email addresses","Names","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false}] \ No newline at end of file +[{"Name":"000webhost","Title":"000webhost","Domain":"000webhost.com","BreachDate":"2015-03-01","AddedDate":"2015-10-26T23:35:45Z","ModifiedDate":"2017-12-10T21:44:27Z","PwnCount":14936670,"Description":"In approximately March 2015, the free web hosting provider \u003Ca href=\u0022http://www.troyhunt.com/2015/10/breaches-traders-plain-text-passwords.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E000webhost suffered a major data breach\u003C/a\u003E that exposed almost 15 million customer records. The data was sold and traded before 000webhost was alerted in October. The breach included names, email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/000webhost.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"123RF","Title":"123RF","Domain":"123rf.com","BreachDate":"2020-03-22","AddedDate":"2020-11-15T00:59:50Z","ModifiedDate":"2020-11-15T01:07:10Z","PwnCount":8661578,"Description":"In March 2020, the stock photo site \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/popular-stock-photo-service-hit-by-data-breach-83m-records-for-sale/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E123RF suffered a data breach\u003C/a\u003E which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/123RF.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"126","Title":"126","Domain":"126.com","BreachDate":"2012-01-01","AddedDate":"2016-10-08T07:46:05Z","ModifiedDate":"2016-10-08T07:46:05Z","PwnCount":6414191,"Description":"In approximately 2012, it\u0027s alleged that the Chinese email service known as \u003Ca href=\u0022http://126.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E126\u003C/a\u003E suffered a data breach that impacted 6.4 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/126.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"17Media","Title":"17","Domain":"17app.co","BreachDate":"2016-04-19","AddedDate":"2016-07-08T01:55:03Z","ModifiedDate":"2016-07-08T01:55:03Z","PwnCount":4009640,"Description":"In April 2016, customer data obtained from the streaming app known as \u0026quot;17\u0026quot; \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-millions-of-user-accounts-for-streaming-app-17\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eappeared listed for sale on a Tor hidden service marketplace\u003C/a\u003E. The data contained over 4 million unique email addresses along with IP addresses, usernames and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/17Media.png","DataClasses":["Device information","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"17173","Title":"17173","Domain":"17173.com","BreachDate":"2011-12-28","AddedDate":"2018-04-28T04:53:15Z","ModifiedDate":"2018-04-28T04:53:15Z","PwnCount":7485802,"Description":"In late 2011, \u003Ca href=\u0022https://news.softpedia.com/news/China-Investigates-Hacking-Operations-That-Exposed-100-Million-Users-244312.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea series of data breaches in China affected up to 100 million users\u003C/a\u003E, including 7.5 million from the gaming site known as 17173. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/17173.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"2844Breaches","Title":"2,844 Separate Data Breaches","Domain":"","BreachDate":"2018-02-19","AddedDate":"2018-02-26T10:06:02Z","ModifiedDate":"2018-02-26T10:06:02Z","PwnCount":80115532,"Description":"In February 2018, \u003Ca href=\u0022https://www.troyhunt.com/ive-just-added-2844-new-data-breaches-with-80m-records-to-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive collection of almost 3,000 alleged data breaches was found online\u003C/a\u003E. Whilst some of the data had previously been seen in Have I Been Pwned, 2,844 of the files consisting of more than 80 million unique email addresses had not previously been seen. Each file contained both an email address and plain text password and were consequently loaded as a single \u0026quot;unverified\u0026quot; data breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"2fast4u","Title":"2fast4u","Domain":"2fast4u.be","BreachDate":"2017-12-20","AddedDate":"2018-01-07T08:19:39Z","ModifiedDate":"2018-01-07T08:19:39Z","PwnCount":17706,"Description":"In December 2017, the Belgian motorcycle forum \u003Ca href=\u0022https://www.2fast4u.be\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2fast4u\u003C/a\u003E discovered a data breach of their system. The breach of the vBulletin message board impacted over 17k individual users and exposed email addresses, usersnames and salted MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/2fast4u.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"500px","Title":"500px","Domain":"500px.com","BreachDate":"2018-07-05","AddedDate":"2019-03-25T08:01:09Z","ModifiedDate":"2019-03-25T08:01:09Z","PwnCount":14867999,"Description":"In mid-2018, the online photography community \u003Ca href=\u0022https://support.500px.com/hc/en-us/articles/360017752493-Security-Issue-February-2019-FAQ\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E500px suffered a data breach\u003C/a\u003E. The incident exposed almost 15 million unique email addresses alongside names, usernames, genders, dates of birth and either an MD5 or bcrypt password hash. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/500px.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"7k7k","Title":"7k7k","Domain":"7k7k.com","BreachDate":"2011-01-01","AddedDate":"2017-09-26T21:54:01Z","ModifiedDate":"2017-09-26T21:54:01Z","PwnCount":9121434,"Description":"In approximately 2011, it\u0027s alleged that the Chinese gaming site known as \u003Ca href=\u0022http://www.7k7k.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E7k7k\u003C/a\u003E suffered a data breach that impacted 9.1 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/7k7k.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"8fit","Title":"8fit","Domain":"8fit.com","BreachDate":"2018-07-01","AddedDate":"2019-03-21T18:50:00Z","ModifiedDate":"2019-03-21T18:50:00Z","PwnCount":15025407,"Description":"In July 2018, the health and fitness service \u003Ca href=\u0022https://8fit.zendesk.com/hc/en-us/articles/360017746394-Notice\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E8fit suffered a data breach\u003C/a\u003E. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/8fit.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"8tracks","Title":"8tracks","Domain":"8tracks.com","BreachDate":"2017-06-27","AddedDate":"2018-02-16T07:09:30Z","ModifiedDate":"2019-08-25T08:52:21Z","PwnCount":17979961,"Description":"In June 2017, the online playlists service known as \u003Ca href=\u0022https://blog.8tracks.com/2017/06/27/password-security-alert/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E8Tracks suffered a data breach\u003C/a\u003E which impacted 18 million accounts. In their disclosure, 8Tracks advised that \u0026quot;the vector for the attack was an employee\u2019s GitHub account, which was not secured using two-factor authentication\u0026quot;. Salted SHA-1 password hashes for users who \u003Cem\u003Edidn\u0027t\u003C/em\u003E sign up with either Google or Facebook authentication were also included. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses. The complete set of 18M records was later provided by JimScott.Sec@protonmail.com and updated in HIBP accordingly.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/8tracks.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Abandonia","Title":"Abandonia (2015)","Domain":"abandonia.com","BreachDate":"2015-11-01","AddedDate":"2017-06-05T05:56:47Z","ModifiedDate":"2022-12-07T05:56:07Z","PwnCount":776125,"Description":"In November 2015, the gaming website dedicated to classic DOS games \u003Ca href=\u0022http://www.abandonia.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAbandonia\u003C/a\u003E suffered a data breach resulting in the exposure of 776k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Abandonia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Abandonia2022","Title":"Abandonia (2022)","Domain":"abandonia.com","BreachDate":"2022-11-15","AddedDate":"2022-12-07T06:04:17Z","ModifiedDate":"2022-12-11T12:25:07Z","PwnCount":919790,"Description":"In November 2022, the gaming website dedicated to classic DOS games \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1594670215471792130\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAbandonia\u003C/a\u003E suffered a data breach resulting in the exposure of 920k unique user records. This breach was in addition to another one 7 years earlier in 2015. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Abandonia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AbuseWithUs","Title":"AbuseWith.Us","Domain":"abusewith.us","BreachDate":"2016-07-01","AddedDate":"2017-10-09T11:08:45Z","ModifiedDate":"2017-10-09T11:08:45Z","PwnCount":1372550,"Description":"In 2016, the site dedicated to helping people hack email and online gaming accounts known as Abusewith.us suffered multiple data breaches. The site \u003Ca href=\u0022https://krebsonsecurity.com/2017/02/who-ran-leakedsource-com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eallegedly had an administrator in common with the nefarious LeakedSource site\u003C/a\u003E, both of which have since been shut down. The exposed data included more than 1.3 million unique email addresses, often accompanied by usernames, IP addresses and plain text or hashed passwords retrieved from various sources and intended to be used to compromise the victims\u0027 accounts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AbuseWithUs.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AcneOrg","Title":"Acne.org","Domain":"acne.org","BreachDate":"2014-11-25","AddedDate":"2016-03-06T11:07:41Z","ModifiedDate":"2016-03-06T11:07:41Z","PwnCount":432943,"Description":"In November 2014, the acne website \u003Ca href=\u0022http://www.acne.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eacne.org\u003C/a\u003E suffered a data breach that exposed over 430k forum members\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AcneOrg.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Activision","Title":"Activision","Domain":"activision.com","BreachDate":"2022-12-04","AddedDate":"2023-10-03T07:09:49Z","ModifiedDate":"2023-10-03T07:09:49Z","PwnCount":16006,"Description":"In December 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-alleged-activision-employee-data-on-cybercrime-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records\u003C/a\u003E. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee. Activision advised that no sensitive employee information was included in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Activision.png","DataClasses":["Email addresses","Geographic locations","Job titles","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ActMobile","Title":"ActMobile","Domain":"actmobile.com","BreachDate":"2021-10-08","AddedDate":"2021-11-09T07:55:03Z","ModifiedDate":"2021-11-09T07:55:03Z","PwnCount":1583193,"Description":"In October 2021, \u003Ca href=\u0022https://www.comparitech.com/blog/information-security/vpn-database-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN and FreeVPN\u003C/a\u003E. The exposed data included 1.6 million unique email addresses along with IP addresses and password hashes, all of which were subsequently leaked on a popular hacking forum. Although usage of the service was verified by HIBP subscribers, \u003Ca href=\u0022https://www.databreaches.net/shoot-the-messenger-monday-edition-actmobile-threatens-researcher-whose-only-sin-was-trying-to-let-them-know-they-are-leaking-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EActMobile denied the data was sourced from them\u003C/a\u003E and the breach has subsequently been flagged as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ActMobile.png","DataClasses":["Email addresses","IP addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Acuity","Title":"Acuity","Domain":"","BreachDate":"2020-06-18","AddedDate":"2023-11-15T07:16:23Z","ModifiedDate":"2023-11-15T07:16:23Z","PwnCount":14055729,"Description":"In mid-2020, \u003Ca href=\u0022https://www.troyhunt.com/acuity-who-attempts-and-failures-to-attribute-437gb-of-breached-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea 437GB corpus of data attributed to an entity named \u0026quot;Acuity\u0026quot; was created and later extensively distributed\u003C/a\u003E. However, the source could not be confidently verified as any known companies named Acuity. The data totalled over 14M unique email addresses with each row containing extensive personal information across more than 400 columns of data including names, phone numbers, physical addresses, genders and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Adapt","Title":"Adapt","Domain":"adapt.io","BreachDate":"2018-11-05","AddedDate":"2018-11-22T19:43:06Z","ModifiedDate":"2018-11-22T19:43:06Z","PwnCount":9363740,"Description":"In November 2018, \u003Ca href=\u0022https://blog.hackenproof.com/industry-news/another-decision-makers-database-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified an unprotected database hosted by data aggregator \u0026quot;Adapt\u0026quot;\u003C/a\u003E. A provider of \u0026quot;Fresh Quality Contacts\u0026quot;, the service exposed over 9.3M unique records of individuals and employer information including their names, employers, job titles, contact information and data relating to the employer including organisation description, size and revenue. No response was received from Adapt when contacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Adapt.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Adecco","Title":"Adecco","Domain":"adecco.com","BreachDate":"2021-01-03","AddedDate":"2022-05-31T06:33:24Z","ModifiedDate":"2022-05-31T06:37:53Z","PwnCount":4284538,"Description":"In March 2021, \u003Ca href=\u0022https://cybernews.com/security/5-million-adecco-com-users-data-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive data breach impacting millions of Adecco customers in South America\u003C/a\u003E which was subsequently sold on a popular hacking forum. The breach exposed over 4M unique email addresses as well as genders, dates of birth, marital statuses, phone numbers and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Adecco.png","DataClasses":["Email addresses","Genders","Geographic locations","Marital statuses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ABFRL","Title":"Aditya Birla Fashion and Retail","Domain":"abfrl.com","BreachDate":"2021-12-01","AddedDate":"2022-01-15T02:58:39Z","ModifiedDate":"2022-01-15T03:02:43Z","PwnCount":5470063,"Description":"In December 2021, Indian retailer \u003Ca href=\u0022https://restoreprivacy.com/aditya-birla-fashion-and-retail-ltd-abfrl-hack-2022/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAditya Birla Fashion and Retail Ltd was breached and ransomed\u003C/a\u003E. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next month. The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes. Employee data was also dumped publicly and included salary grades, marital statuses and religions. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ABFRL.png","DataClasses":["Email addresses","Genders","Income levels","Job titles","Marital statuses","Names","Passwords","Phone numbers","Physical addresses","Purchases","Religions","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Adobe","Title":"Adobe","Domain":"adobe.com","BreachDate":"2013-10-04","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2022-05-15T23:52:49Z","PwnCount":152445165,"Description":"In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, \u003Cem\u003Eencrypted\u003C/em\u003E password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also \u003Ca href=\u0022http://www.troyhunt.com/2013/11/adobe-credentials-and-serious.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edisclosed much about the passwords\u003C/a\u003E adding further to the risk that hundreds of millions of Adobe customers already faced.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Adobe.png","DataClasses":["Email addresses","Password hints","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdultFriendFinder","Title":"Adult FriendFinder (2015)","Domain":"adultfriendfinder.com","BreachDate":"2015-05-21","AddedDate":"2015-05-22T06:03:44Z","ModifiedDate":"2020-02-07T01:11:13Z","PwnCount":3867997,"Description":"In May 2015, the adult hookup site \u003Ca href=\u0022http://www.bbc.com/news/business-32839196\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAdult FriendFinder was hacked\u003C/a\u003E and nearly 4 million records dumped publicly. The data dump included extremely sensitive personal information about individuals and their relationship statuses and sexual preferences combined with personally identifiable information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdultFriendFinder.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Races","Relationship statuses","Sexual orientations","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdultFriendFinder2016","Title":"Adult FriendFinder (2016)","Domain":"adultfriendfinder.com","BreachDate":"2016-10-16","AddedDate":"2020-02-06T23:53:53Z","ModifiedDate":"2020-02-07T01:11:28Z","PwnCount":169746810,"Description":"In October 2016, the adult entertainment company \u003Ca href=\u0022https://www.zdnet.com/article/adultfriendfinder-network-hack-exposes-secrets-of-412-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFriend Finder Networks suffered a massive data breach\u003C/a\u003E. The incident impacted multiple separate online assets owned by the company, the largest of which was the Adult FriendFinder website alleged to be \u0026quot;the world\u0027s largest sex \u0026amp; swinger community\u0026quot;. Exposed data included usernames, passwords stored as SHA-1 hashes and 170 million unique email addresses. This incident is separate to the 2015 data breach Adult FriendFinder also suffered. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdultFriendFinder.png","DataClasses":["Email addresses","Passwords","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdultFanFiction","Title":"Adult-FanFiction.Org","Domain":"adult-fanfiction.org","BreachDate":"2018-05-30","AddedDate":"2018-08-06T08:56:03Z","ModifiedDate":"2018-08-06T08:56:03Z","PwnCount":186082,"Description":"In May 2018, the website for sharing adult-orientated works of fiction known as \u003Ca href=\u0022http://www.adult-fanfiction.org\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAdult-FanFiction.Org\u003C/a\u003E had 186k records exposed in a data breach. The data contained names, email addresses, dates of birth and passwords stored as \u003Cem\u003Eboth\u003C/em\u003E MD5 hashes and plain text. AFF did not respond when contacted about the breach and the site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdultFanFiction.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AdvanceAutoParts","Title":"Advance Auto Parts","Domain":"advanceautoparts.com","BreachDate":"2024-06-05","AddedDate":"2024-06-24T09:51:11Z","ModifiedDate":"2024-06-24T09:51:11Z","PwnCount":79243727,"Description":"In June 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/advance-auto-parts-confirms-data-breach-exposed-employee-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAdvance Auto Parts confirmed they had suffered a data breach\u003C/a\u003E which was posted for sale to a popular hacking forum. Linked to unauthorised access to Snowflake cloud services, the breach exposed a large number of records related to both customers and employees. In total, 79M unique email addresses were included in the breach, alongside names, phone numbers, addresses and further data attributes related to company employees.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AdvanceAutoParts.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AerServ","Title":"AerServ","Domain":"aerserv.com","BreachDate":"2018-04-01","AddedDate":"2018-12-06T02:58:12Z","ModifiedDate":"2018-12-06T02:58:12Z","PwnCount":66308,"Description":"In April 2018, the ad management platform known as \u003Ca href=\u0022https://www.aerserv.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAerServ\u003C/a\u003E suffered a data breach. Acquired by InMobi earlier in the year, the AerServ breach impacted over 66k unique email addresses and also included contact information and passwords stored as salted SHA-512 hashes. The data was publicly posted to Twitter later in 2018 after which InMobi was notified and advised they were aware of the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AerServ.png","DataClasses":["Email addresses","Employers","Job titles","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AgusiQTorrents","Title":"AgusiQ-Torrents.pl","Domain":"agusiq-torrents.pl","BreachDate":"2019-09-24","AddedDate":"2019-12-04T21:54:50Z","ModifiedDate":"2019-12-04T21:54:50Z","PwnCount":90478,"Description":"In September 2019, Polish torrent site \u003Ca href=\u0022http://agusiq-torrents.pl/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAgusiQ-Torrents.pl\u003C/a\u003E suffered a data breach. The incident exposed 90k member records including email and IP addresses, usernames and passwords stored as MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AgusiQTorrents.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AhaShare","Title":"AhaShare.com","Domain":"ahashare.com","BreachDate":"2013-05-30","AddedDate":"2014-11-06T21:47:52Z","ModifiedDate":"2014-11-06T21:47:52Z","PwnCount":180468,"Description":"In May 2013, the torrent site \u003Ca href=\u0022http://www.ahashare.com\u0022\u003EAhaShare.com\u003C/a\u003E suffered a breach which resulted in more than 180k user accounts being published publicly. The breach included a raft of personal information on registered users plus despite assertions of not distributing personally identifiable information, the site also leaked the IP addresses used by the registered identities.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AhaShare.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Partial dates of birth","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AIType","Title":"ai.type","Domain":"aitype.com","BreachDate":"2017-12-05","AddedDate":"2017-12-08T21:31:25Z","ModifiedDate":"2017-12-08T21:31:25Z","PwnCount":20580060,"Description":"In December 2017, the virtual keyboard application \u003Ca href=\u0022https://mackeepersecurity.com/post/virtual-keyboard-developer-leaked-31-million-of-client-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance\u003C/a\u003E. Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AIType.png","DataClasses":["Address book contacts","Apps installed on devices","Cellular network names","Dates of birth","Device information","Email addresses","Genders","Geographic locations","IMEI numbers","IMSI numbers","IP addresses","Names","Phone numbers","Profile photos","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aimware","Title":"Aimware","Domain":"aimware.net","BreachDate":"2019-04-28","AddedDate":"2022-05-02T02:13:41Z","ModifiedDate":"2022-05-02T02:23:27Z","PwnCount":305470,"Description":"In mid-2019, the video game cheats website \u0026quot;Aimware\u0026quot; suffered a data breach that exposed hundreds of thousands of subscribers\u0027 personal information. Data included email and IP addresses, usernames, forum posts, private messages, website activity and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;clerk/anthrax/soontoberichh\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aimware.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aipai","Title":"Aipai.com","Domain":"aipai.com","BreachDate":"2016-09-27","AddedDate":"2016-11-07T21:55:29Z","ModifiedDate":"2016-11-07T21:55:29Z","PwnCount":6496778,"Description":"In September 2016, data allegedly obtained from the Chinese gaming website known as \u003Ca href=\u0022http://aipai.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAipai.com\u003C/a\u003E and containing 6.5M accounts was leaked online. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and MD5 password hashes. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aipai.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ajarn","Title":"Ajarn","Domain":"ajarn.com","BreachDate":"2018-12-13","AddedDate":"2021-09-26T03:45:38Z","ModifiedDate":"2021-09-26T03:45:38Z","PwnCount":266399,"Description":"In September 2021, the Thai-based English language teaching website \u003Ca href=\u0022https://www.ajarn.com/data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAjarn discovered they\u0027d been the victim of a data breach dating back to December 2018\u003C/a\u003E. The breach was self-submitted to HIBP and included 266k email addresses, names, genders, phone numbers and other personal information. Hashed passwords were also impacted in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ajarn.png","DataClasses":["Dates of birth","Education levels","Email addresses","Genders","Geographic locations","Job applications","Marital statuses","Names","Nationalities","Passwords","Phone numbers","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AKP","Title":"AKP Emails","Domain":"akparti.org.tr","BreachDate":"2016-07-19","AddedDate":"2017-10-01T03:52:37Z","ModifiedDate":"2017-10-01T03:52:37Z","PwnCount":917461,"Description":"In July 2016, a hacker known as Phineas Fisher \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/yp3n55/phineas-fisher-turkish-government-hack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked Turkey\u0027s ruling party (Justice and Development Party or \u0026quot;AKP\u0026quot;) and gained access to 300k emails\u003C/a\u003E. The full contents of the emails were subsequently \u003Ca href=\u0022https://wikileaks.org/akp-emails/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epublished by WikiLeaks and made searchable\u003C/a\u003E. HIBP identified over 917k unique email address patterns in the data set, including message IDs and a number of other non-user addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AKP.png","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AlpineReplay","Title":"AlpineReplay","Domain":"traceup.com","BreachDate":"2019-08-27","AddedDate":"2024-10-17T04:01:13Z","ModifiedDate":"2024-10-17T04:01:13Z","PwnCount":898681,"Description":"In 2019, the snow sports tracking app AlpineReplay suffered a data breach that exposed 900k unique email addresses. Later rolled into the Trace service, the breach included names, usernames, genders, dates of birth, weights and passwords stored as either unsalted MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AlpineReplay.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Physical attributes","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Altenen","Title":"Altenen","Domain":"altenens.is","BreachDate":"2022-06-24","AddedDate":"2024-11-05T06:20:27Z","ModifiedDate":"2024-11-05T06:20:27Z","PwnCount":1267701,"Description":"In June 2022, the malicious \u0026quot;carding\u0026quot; (referring to credit card fraud) website Altenen suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The data included 1.3M unique email addresses, usernames, bcrypt password hashes and cryptocurrency wallet addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Altenen.png","DataClasses":["Cryptocurrency wallet addresses","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AmartFurniture","Title":"Amart Furniture","Domain":"amartfurniture.com.au","BreachDate":"2022-05-16","AddedDate":"2022-05-25T23:43:23Z","ModifiedDate":"2022-05-25T23:43:23Z","PwnCount":108940,"Description":"In May 2022, the Australian retailer \u003Ca href=\u0022https://www.ozbargain.com.au/node/701231\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAmart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack\u003C/a\u003E. Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AmartFurniture.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ancestry","Title":"Ancestry","Domain":"ancestry.com","BreachDate":"2015-11-07","AddedDate":"2017-12-24T04:28:45Z","ModifiedDate":"2017-12-24T04:28:45Z","PwnCount":297806,"Description":"In November 2015, an Ancestry service known as \u003Ca href=\u0022https://blogs.ancestry.com/ancestry/2017/12/23/rootsweb-security-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERootsWeb suffered a data breach\u003C/a\u003E. The breach was not discovered until late 2017 when a file containing almost 300k email addresses and plain text passwords was identified. ","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ancestry.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AndroidForums","Title":"Android Forums","Domain":"androidforums.com","BreachDate":"2011-10-30","AddedDate":"2015-12-20T06:47:19Z","ModifiedDate":"2020-08-07T23:29:01Z","PwnCount":745355,"Description":"In October 2011, the Android Forums website \u003Ca href=\u0022http://www.pcworld.com/article/259201/online_android_forum_hacked_user_data_accessed.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E and 745k user accounts were subsequently leaked publicly. The compromised data included email addresses, user birth dates and passwords stored as a salted MD5 hash.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AndroidForums.png","DataClasses":["Dates of birth","Email addresses","Homepage URLs","Instant messenger identities","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AndroidLista","Title":"AndroidLista","Domain":"androidlista.com","BreachDate":"2021-07-28","AddedDate":"2023-10-17T21:15:55Z","ModifiedDate":"2023-10-17T21:18:24Z","PwnCount":6640643,"Description":"In July 2021, the Android applications and games review site \u003Ca href=\u0022https://www.androidlista.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAndroidLista\u003C/a\u003E suffered a data breach. The incident exposed 6.6M user records containing email addresses, names, usernames and passwords stored as salted SHA-1 hashes, all of which were subsequently posted to a popular hacking forum. AndroidLista did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AndroidLista.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimalJam","Title":"Animal Jam","Domain":"animaljam.com","BreachDate":"2020-10-12","AddedDate":"2020-11-12T01:18:50Z","ModifiedDate":"2020-11-12T01:18:50Z","PwnCount":7104998,"Description":"In October 2020, the online game for kids \u003Ca href=\u0022https://www.animaljam.com/en/2020databreach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimal Jam suffered a data breach\u003C/a\u003E which was subsequently shared through online hacking communities the following month. The data contained 46 million user accounts with over 7 million unique email addresses. Impacted data also included usernames, IP addresses and for some records, dates of birth (sometimes in partial form), physical addresses, parent names and passwords stored as PBKDF2 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimalJam.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimeGame","Title":"AnimeGame","Domain":"animegame.me","BreachDate":"2020-02-27","AddedDate":"2020-03-09T05:52:08Z","ModifiedDate":"2020-03-09T05:52:08Z","PwnCount":1431378,"Description":"In February 2020, the gaming website \u003Ca href=\u0022http://animegame.me/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimeGame\u003C/a\u003E suffered a data breach. The incident affected 1.4M subscribers and exposed email addresses, usernames and passwords stored as salted MD5 hashes. The data was subsequently shared on a popular hacking forum and was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimeGame.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimeLeague","Title":"AnimeLeague","Domain":"animeleague.net","BreachDate":"2024-07-04","AddedDate":"2024-07-31T07:57:48Z","ModifiedDate":"2024-07-31T07:57:48Z","PwnCount":192134,"Description":"In July 2024, \u003Ca href=\u0022https://www.animeleague.net/forum/viewtopic.php?f=55\u0026t=134675\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimeLeague disclosed a data breach of their services\u003C/a\u003E. The data was posted for sale on a popular hacking forum and included 2 databases covering both event registration records and a dump of the phpBB bulletin board. The impacted data included passwords in various hashed formats including SHA-1, salted md5 and bcrypt, as well as usernames, private messages, dates of birth, purchases and 192k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimeLeague.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Phone numbers","Private messages","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AnimePlanet","Title":"Anime-Planet","Domain":"anime-planet.com","BreachDate":"2016-01-01","AddedDate":"2019-07-28T00:35:07Z","ModifiedDate":"2019-07-28T00:35:07Z","PwnCount":368507,"Description":"In approximately 2016, the anime website \u003Ca href=\u0022https://www.anime-planet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnime-Planet\u003C/a\u003E suffered a data breach that impacted 369k subscribers. The exposed data included usernames, IP and email addresses, dates of birth and passwords stored as unsalted MD5 hashes and for newer accounts, bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AnimePlanet.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Animoto","Title":"Animoto","Domain":"animoto.com","BreachDate":"2018-07-10","AddedDate":"2019-07-18T05:04:08Z","ModifiedDate":"2019-07-18T05:04:08Z","PwnCount":22437749,"Description":"In July 2018, the cloud-based video making service \u003Ca href=\u0022https://techcrunch.com/2018/08/20/animoto-hack-exposes-personal-information-geolocation-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAnimoto suffered a data breach\u003C/a\u003E. The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Animoto.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AntiPublic","Title":"Anti Public Combo List","Domain":"","BreachDate":"2016-12-16","AddedDate":"2017-05-04T22:07:38Z","ModifiedDate":"2017-05-04T22:07:38Z","PwnCount":457962538,"Description":"In December 2016, a huge list of email address and password pairs appeared in a \u0026quot;combo list\u0026quot; referred to as \u0026quot;Anti Public\u0026quot;. The list contained 458 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for \u0026quot;credential stuffing\u0026quot;, that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read \u003Ca href=\u0022https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPassword reuse, credential stuffing and another billion records in Have I Been Pwned\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ApexSMS","Title":"ApexSMS","Domain":"","BreachDate":"2019-04-15","AddedDate":"2023-09-21T14:57:43Z","ModifiedDate":"2023-09-21T14:57:43Z","PwnCount":23246481,"Description":"In May 2019, \u003Ca href=\u0022https://techcrunch.com/2019/05/09/sms-spammers-doxxed/?guccounter=1\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive SMS spam operation known as \u0026quot;ApexSMS\u0026quot; which was discovered after a MongoDB instance of the same name was found exposed without a password\u003C/a\u003E. The incident leaked over 80M records with 23M unique email addresses alongside names, phone numbers and carriers, geographic locations (state and country), genders and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Phone numbers","Telecommunications carrier"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"APKTW","Title":"APK.TW","Domain":"apk.tw","BreachDate":"2022-09-03","AddedDate":"2024-03-09T00:17:54Z","ModifiedDate":"2024-03-09T00:17:54Z","PwnCount":2451197,"Description":"In September 2022, the Taiwanese Android forum APK.TW suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The breach exposed 2.5M unique email addresses along with IP addresses, usernames and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/APKTW.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Apollo","Title":"Apollo","Domain":"apollo.io","BreachDate":"2018-07-23","AddedDate":"2018-10-05T19:14:11Z","ModifiedDate":"2018-10-23T04:01:48Z","PwnCount":125929660,"Description":"In July 2018, the sales engagement startup \u003Ca href=\u0022https://www.wired.com/story/apollo-breach-linkedin-salesforce-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EApollo left a database containing billions of data points publicly exposed without a password\u003C/a\u003E. The data was discovered by security researcher \u003Ca href=\u0022http://www.vinnytroia.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVinny Troia\u003C/a\u003E who subsequently sent a subset of the data containing 126 million unique email addresses to Have I Been Pwned. The data left exposed by Apollo was used in their \u0026quot;revenue acceleration platform\u0026quot; and included personal information such as names and email addresses as well as professional information including places of employment, the roles people hold and where they\u0027re located. Apollo stressed that the exposed data did not include sensitive information such as passwords, social security numbers or financial data. \u003Ca href=\u0022https://www.apollo.io/contact\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Apollo website has a contact form\u003C/a\u003E for those looking to get in touch with the organisation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Apollo.png","DataClasses":["Email addresses","Employers","Geographic locations","Job titles","Names","Phone numbers","Salutations","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Appartoo","Title":"Appartoo","Domain":"appartoo.com","BreachDate":"2017-03-25","AddedDate":"2019-05-02T07:07:24Z","ModifiedDate":"2019-05-02T07:07:24Z","PwnCount":49681,"Description":"In March 2017, the French Flatsharing site known as \u003Ca href=\u0022https://www.appartoo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAppartoo\u003C/a\u003E suffered a data breach. The incident exposed an extensive amount of personal information on almost 50k members including email addresses, genders, ages, private messages sent between users of the service and passwords stored as SHA-256 hashes. Appartoo advised that all subscribers were notified of the incident in early 2017.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Appartoo.png","DataClasses":["Ages","Auth tokens","Email addresses","Employment statuses","Genders","IP addresses","Marital statuses","Names","Passwords","Physical addresses","Private messages","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Appen","Title":"Appen","Domain":"appen.com","BreachDate":"2020-06-22","AddedDate":"2020-07-30T07:00:21Z","ModifiedDate":"2020-07-30T07:00:21Z","PwnCount":5888405,"Description":"In June 2020, the AI training data company \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAppen suffered a data breach\u003C/a\u003E exposing the details of almost 5.9 million users which were subsequently sold online. Included in the breach were names, email addresses and passwords stored as bcrypt hashes. Some records also contained phone numbers, employers and IP addresses. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Appen.png","DataClasses":["Email addresses","Employers","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aptoide","Title":"Aptoide","Domain":"aptoide.com","BreachDate":"2020-04-13","AddedDate":"2020-04-19T03:07:42Z","ModifiedDate":"2020-04-19T03:07:42Z","PwnCount":20012235,"Description":"In April 2020, the independent Android app store \u003Ca href=\u0022https://blog.aptoide.com/aptoide-credentials-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAptoide suffered a data breach\u003C/a\u003E. The incident resulted in the exposure of 20M customer records which were subsequently shared online via a popular hacking forum. Impacted data included email and IP addresses, names, IP addresses and passwords stored as SHA-1 hashes without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aptoide.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ArmorGames","Title":"Armor Games","Domain":"armorgames.com","BreachDate":"2019-01-01","AddedDate":"2019-07-20T06:03:31Z","ModifiedDate":"2021-04-07T06:28:50Z","PwnCount":10604307,"Description":"In January 2019, the game portal website \u003Ca href=\u0022https://techraptor.net/content/armor-games-data-breach-january-2019\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArmor Games suffered a data breach\u003C/a\u003E. A total of 10.6 million email addresses were impacted by the breach which also exposed usernames, IP addresses, birthdays of administrator accounts and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ArmorGames.png","DataClasses":["Bios","Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ArmyForceOnline","Title":"Army Force Online","Domain":"armyforceonline.com","BreachDate":"2016-05-18","AddedDate":"2016-11-10T03:24:38Z","ModifiedDate":"2020-08-07T03:19:40Z","PwnCount":1531235,"Description":"In May 2016, the online gaming site \u003Ca href=\u0022http://armyforceonline.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArmy Force Online\u003C/a\u003E suffered a data breach that exposed 1.5M accounts. The breached data was found being regularly traded online and included usernames, email and IP addresses and MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ArmyForceOnline.png","DataClasses":["Avatars","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Artsy","Title":"Artsy","Domain":"artsy.net","BreachDate":"2018-04-01","AddedDate":"2020-05-25T20:59:10Z","ModifiedDate":"2020-05-25T21:08:08Z","PwnCount":1079970,"Description":"In April 2018, the online arts database \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArtsy suffered a data breach which consequently appeared for sale on a dark web marketplace\u003C/a\u003E. Over 1M accounts were impacted and included IP and email addresses, names and passwords stored as salted SHA-512 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Artsy.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Artvalue","Title":"Artvalue","Domain":"artvalue.com","BreachDate":"2019-06-19","AddedDate":"2019-07-19T13:16:52Z","ModifiedDate":"2019-07-19T13:35:22Z","PwnCount":157692,"Description":"In June 2019, the France-based art valuation website \u003Ca href=\u0022http://artvalue.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArtvalue.com\u003C/a\u003E left their 158k member subscriber base publicly exposed in a text file on their website. The exposed data included names, usernames, email addresses and passwords stored as MD5 hashes. The site operator did not respond when contacted about the incident, although the exposed file was subsequently removed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Artvalue.png","DataClasses":["Email addresses","Names","Passwords","Salutations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AshleyMadison","Title":"Ashley Madison","Domain":"ashleymadison.com","BreachDate":"2015-07-19","AddedDate":"2015-08-18T20:55:05Z","ModifiedDate":"2015-08-18T20:55:05Z","PwnCount":30811934,"Description":"In July 2015, the infidelity website Ashley Madison \u003Ca href=\u0022http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a serious data breach\u003C/a\u003E. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as \u0026quot;sensitive\u0026quot; and is not publicly searchable, although individuals may discover if they\u0027ve been impacted by \u003Ca href=\u0022https://haveibeenpwned.com/NotifyMe\u0022\u003Eregistering for notifications\u003C/a\u003E. \u003Ca href=\u0022http://www.troyhunt.com/2015/07/heres-how-im-going-to-handle-ashley.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead about this approach in detail\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AshleyMadison.png","DataClasses":["Dates of birth","Email addresses","Ethnicities","Genders","Names","Passwords","Payment histories","Phone numbers","Physical addresses","Security questions and answers","Sexual orientations","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AstroPID","Title":"Astropid","Domain":"astropid.com","BreachDate":"2013-12-19","AddedDate":"2014-07-06T03:49:45Z","ModifiedDate":"2014-07-06T03:49:45Z","PwnCount":5788,"Description":"In December 2013, the vBulletin forum for the social engineering site known as \u0022AstroPID\u0022 was breached and \u003Ca href=\u0022https://www.sinister.ly/Thread-40-Compromised-databases\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eleaked publicly\u003C/a\u003E. The site provided tips on fraudulently obtaining goods and services, often by providing a legitimate \u0022PID\u0022 or Product Information Description. The breach resulted in nearly 6k user accounts and over 220k private messages between forum members being exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AstroPID.png","DataClasses":["Email addresses","Instant messenger identities","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AllegedATT","Title":"AT\u0026T","Domain":"","BreachDate":"2021-08-20","AddedDate":"2024-03-19T06:30:49Z","ModifiedDate":"2024-03-31T03:04:13Z","PwnCount":49102176,"Description":"In March 2024, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-massive-alleged-att-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etens of millions of records allegedly breached from AT\u0026T were posted to a popular hacking forum\u003C/a\u003E. Dating back to August 2021, the data was originally posted for sale before later being freely released. At the time, AT\u0026T maintained that there had not been a breach of their systems and that the data originated from elsewhere. 12 days later, \u003Ca href=\u0022https://about.att.com/story/2024/addressing-data-set-released-on-dark-web.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAT\u0026T acknowledged that data fields specific to them were in the breach and that it was not yet known whether the breach occurred at their end or that of a vendor\u003C/a\u003E. \u003Ca href=\u0022https://techcrunch.com/2024/03/30/att-reset-account-passcodes-customer-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAT\u0026T also proceeded to reset customer account passcodes\u003C/a\u003E, an indicator that there was sufficient belief passcodes had been compromised. The incident exposed names, email and physical addresses, dates of birth, phone numbers and US social security numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ATT.png","DataClasses":["Dates of birth","Email addresses","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Aternos","Title":"Aternos","Domain":"aternos.org","BreachDate":"2015-12-06","AddedDate":"2016-10-01T23:42:56Z","ModifiedDate":"2016-10-01T23:42:56Z","PwnCount":1436486,"Description":"In December 2015, the service for creating and running free Minecraft servers known as \u003Ca href=\u0022https://twitter.com/AternosStatus/status/696121828360716288\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAternos suffered a data breach that impacted 1.4 million subscribers\u003C/a\u003E. The data included usernames, email and IP addresses and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Aternos.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"AtlasQuantum","Title":"Atlas Quantum","Domain":"atlasquantum.com","BreachDate":"2018-08-25","AddedDate":"2018-08-27T01:42:34Z","ModifiedDate":"2018-08-28T21:17:47Z","PwnCount":261463,"Description":"In August 2018, the cryptocurrency investment platform \u003Ca href=\u0022https://www.facebook.com/notes/atlas-quantum/comunicado-importante/2196456297259749/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAtlas Quantum suffered a data breach\u003C/a\u003E. The breach leaked the personal data of 261k investors on the platform including their names, phone numbers, email addresses and account balances.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/AtlasQuantum.png","DataClasses":["Account balances","Email addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Atmeltomo","Title":"Atmeltomo","Domain":"atmeltomo.com","BreachDate":"2021-04-16","AddedDate":"2023-08-22T01:29:29Z","ModifiedDate":"2023-08-22T01:29:29Z","PwnCount":580177,"Description":"In April 2021, \u0026quot;Japan\u0027s largest e-mail friend search site\u0026quot; \u003Ca href=\u0022https://socradar.io/the-week-in-dark-web-29-august-2022-access-sales-and-data-leaks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAtmeltomo suffered a data breach that was later sold on a popular hacking forum\u003C/a\u003E. The breach exposed 1.3M records with 580k unique email addresses along with usernames, IP addresses and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Atmeltomo.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Audi","Title":"Audi","Domain":"audiusa.com","BreachDate":"2019-08-14","AddedDate":"2021-07-23T06:31:33Z","ModifiedDate":"2021-07-23T21:57:33Z","PwnCount":2743539,"Description":"In August 2019, \u003Ca href=\u0022https://techcrunch.com/2021/06/11/volkswagen-says-a-vendors-security-lapse-exposed-3-3-million-drivers-details/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAudi USA suffered a data breach after a vendor left data unsecured and exposed on the internet\u003C/a\u003E. The data contained 2.7M unique email addresses along with names, phone numbers, physical addresses and vehicle information including VIN. In \u003Ca href=\u0022https://techcrunch.com/2021/06/11/volkswagen-says-a-vendors-security-lapse-exposed-3-3-million-drivers-details/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea disclosure statement from Audi\u003C/a\u003E, they also advised some customers had driver\u0027s licenses, dates of birth, social security numbers and other personal information exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Audi.png","DataClasses":["Dates of birth","Driver\u0027s licenses","Email addresses","Names","Phone numbers","Physical addresses","Social security numbers","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Autocentrum","Title":"Autocentrum.pl","Domain":"autocentrum.pl","BreachDate":"2018-02-04","AddedDate":"2018-02-09T00:55:26Z","ModifiedDate":"2018-02-09T00:55:26Z","PwnCount":143717,"Description":"In February 2018, \u003Ca href=\u0022https://niebezpiecznik.pl/post/wyciek-hasel-144-000-uzytkownikow-autocentrum-pl/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata belonging to the Polish motoring website autocentrum.pl was found online\u003C/a\u003E. The data contained 144k email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Autocentrum.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Autotrader","Title":"Autotrader","Domain":"autotrader.com","BreachDate":"2023-01-06","AddedDate":"2023-01-23T06:24:21Z","ModifiedDate":"2023-01-23T06:24:21Z","PwnCount":20032,"Description":"In January 2023, \u003Ca href=\u0022https://thecyberexpress.com/data1-4-million-autotrader-user-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum\u003C/a\u003E. Autotrader stated that the \u0026quot;data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods\u0026quot;. The data contained 20k unique email addresses alongside physical addresses and phone numbers of dealers and vehicle details including VIN numbers. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Autotrader.png","DataClasses":["Email addresses","Phone numbers","Physical addresses","Vehicle details","Vehicle identification numbers (VINs)"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Avast","Title":"Avast","Domain":"avast.com","BreachDate":"2014-05-26","AddedDate":"2016-03-12T22:08:58Z","ModifiedDate":"2016-03-12T22:08:58Z","PwnCount":422959,"Description":"In May 2014, \u003Ca href=\u0022https://www.grahamcluley.com/2014/05/avast-forum-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Avast anti-virus forum was hacked\u003C/a\u003E and 423k member records were exposed. The Simple Machines Based forum included usernames, emails and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Avast.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Avito","Title":"Avito","Domain":"avito.ma","BreachDate":"2022-11-18","AddedDate":"2023-11-14T06:51:25Z","ModifiedDate":"2023-11-14T06:51:25Z","PwnCount":2721835,"Description":"In November 2022, the Moroccan e-commerce service \u003Ca href=\u0022https://ledesk.ma/2022/12/20/avito-sexplique-sur-le-data-breach-ayant-touche-27-millions-dutilisateurs-de-sa-plateforme/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAvito suffered a data breach that exposed the personal information of 2.7M customers\u003C/a\u003E. The data included name, email, phone, IP address and geographic location.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Avito.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Avvo","Title":"Avvo","Domain":"avvo.com","BreachDate":"2019-12-17","AddedDate":"2022-04-15T03:39:42Z","ModifiedDate":"2022-04-15T03:45:01Z","PwnCount":4101101,"Description":"In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum and used in an extortion scam (it\u0027s possible the exposure dates back earlier than that). The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords. \u003Ca href=\u0022https://troyhunt.com/breach-disclosure-blow-by-blow-heres-why-its-so-hard\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMultiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified with common Avvo and HIBP subscribers.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Avvo.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"B2BUSABusinesses","Title":"B2B USA Businesses","Domain":"","BreachDate":"2017-07-18","AddedDate":"2017-07-18T07:38:04Z","ModifiedDate":"2017-07-18T07:38:04Z","PwnCount":105059554,"Description":"In mid-2017, a spam list of over 105 million individuals in corporate America was discovered online. Referred to as \u0026quot;B2B USA Businesses\u0026quot;, the list categorised email addresses by employer, providing information on individuals\u0027 job titles plus their work phone numbers and physical addresses. \u003Ca href=\u0022https://www.troyhunt.com/have-i-been-pwned-and-spam-lists-of-personal-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about spam lists in HIBP.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BabyNames","Title":"Baby Names","Domain":"babynames.com","BreachDate":"2008-10-24","AddedDate":"2018-10-24T06:27:03Z","ModifiedDate":"2018-10-24T06:27:30Z","PwnCount":846742,"Description":"In approximately 2008, the site to help parents name their children known as \u003Ca href=\u0022https://www.babynames.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBaby Names\u003C/a\u003E suffered a data breach. The incident exposed 846k email addresses and passwords stored as salted MD5 hashes. When contacted in October 2018, Baby Names advised that \u0026quot;the breach happened at least ten years ago\u0026quot; and that members were notified at the time.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BabyNames.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Badoo","Title":"Badoo","Domain":"badoo.com","BreachDate":"2013-06-01","AddedDate":"2016-07-06T08:16:03Z","ModifiedDate":"2016-07-06T08:16:03Z","PwnCount":112005531,"Description":"In June 2016, \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-user-accounts-of-dating-site-badoo\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach allegedly originating from the social website Badoo was found to be circulating amongst traders\u003C/a\u003E. Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes. Whilst there are many indicators suggesting Badoo did indeed suffer a data breach, \u003Ca href=\u0022https://www.troyhunt.com/introducing-unverified-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe legitimacy of the data could not be emphatically proven\u003C/a\u003E so this breach has been categorised as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Badoo.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BannerBit","Title":"BannerBit","Domain":"bannerbit.com","BreachDate":"2018-12-29","AddedDate":"2019-01-08T10:56:34Z","ModifiedDate":"2019-01-08T10:56:34Z","PwnCount":213415,"Description":"In approximately December 2018, the online ad platform \u003Ca href=\u0022https://bannerbit.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBannerBit\u003C/a\u003E suffered a data breach. Containing 213k unique email addresses and plain text passwords, the data was provided to HIBP by a third party. Multiple attempts were made to contact BannerBit, but no response was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BannerBit.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Banorte","Title":"Banorte","Domain":"banorte.com","BreachDate":"2014-08-18","AddedDate":"2022-08-18T23:36:24Z","ModifiedDate":"2022-08-18T23:36:24Z","PwnCount":2107000,"Description":"In August 2022, \u003Ca href=\u0022https://krebsonsecurity.com/2022/08/when-efforts-to-contain-a-data-breach-backfire/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emillions of records from Mexican bank \u0026quot;Banorte\u0026quot; were publicly dumped on a popular hacking forum\u003C/a\u003E including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances. Banorte have stated that the data is \u0026quot;outdated\u0026quot;, although have not yet indicated how far back it dates to. Anecdotal feedback from HIBP subscribers suggests the data may date back 8 years to 2014.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Banorte.png","DataClasses":["Account balances","Email addresses","Genders","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BattlefieldHeroes","Title":"Battlefield Heroes","Domain":"battlefieldheroes.com","BreachDate":"2011-06-26","AddedDate":"2014-01-23T13:10:29Z","ModifiedDate":"2014-01-23T13:10:29Z","PwnCount":530270,"Description":"In June 2011 as part of a final breached data dump, the hacker collective \u0026quot;LulzSec\u0026quot; \u003Ca href=\u0022http://www.rockpapershotgun.com/2011/06/26/lulzsec-over-release-battlefield-heroes-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eobtained and released over half a million usernames and passwords from the game Battlefield Heroes\u003C/a\u003E. The passwords were stored as MD5 hashes with no salt and many were easily converted back to their plain text versions.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BattlefieldHeroes.png","DataClasses":["Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Battlefy","Title":"Battlefy","Domain":"battlefy.com","BreachDate":"2016-01-11","AddedDate":"2022-07-29T00:24:33Z","ModifiedDate":"2022-07-29T00:24:33Z","PwnCount":83610,"Description":"In January 2016, the esports website \u003Ca href=\u0022https://dotesports.com/general/news/battlefy-hack-data-breach-user-credentials-2800\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBattlefy suffered a data breach that exposed 83k customer records\u003C/a\u003E. The impacted data included email addresses, usernames and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Battlefy.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BeautifulPeople","Title":"Beautiful People","Domain":"beautifulpeople.com","BreachDate":"2015-11-11","AddedDate":"2016-04-25T10:05:34Z","ModifiedDate":"2016-04-25T10:05:34Z","PwnCount":1100089,"Description":"In November 2015, the dating website \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2016/04/25/beautiful-people-hack-sexual-preference-location-addresses/#26a2cdf7559f\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBeautiful People was hacked\u003C/a\u003E and over 1.1M accounts were leaked. The data was being traded in underground circles and included a huge amount of personal information related to dating.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BeautifulPeople.png","DataClasses":["Beauty ratings","Car ownership statuses","Dates of birth","Drinking habits","Education levels","Email addresses","Genders","Geographic locations","Home ownership statuses","Income levels","IP addresses","Job titles","Names","Passwords","Personal descriptions","Personal interests","Physical attributes","Sexual orientations","Smoking habits","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bell","Title":"Bell (2014 breach)","Domain":"bell.ca","BreachDate":"2014-02-01","AddedDate":"2014-02-01T23:57:10Z","ModifiedDate":"2014-02-01T23:57:10Z","PwnCount":20902,"Description":"In February 2014, \u003Ca href=\u0022http://news.softpedia.com/news/Hackers-Claim-to-Have-Breached-Bell-Canada-s-Systems-422952.shtml?utm_medium=twitter\u0026utm_source=FredToadster\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBell Canada suffered a data breach via the hacker collective known as NullCrew\u003C/a\u003E. The breach included data from multiple locations within Bell and exposed email addresses, usernames, user preferences and a number of unencrypted passwords and credit card data from 40,000 records containing just over 20,000 unique email addresses and usernames.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bell.png","DataClasses":["Credit cards","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bell2017","Title":"Bell (2017 breach)","Domain":"bell.ca","BreachDate":"2017-05-15","AddedDate":"2017-05-16T01:49:31Z","ModifiedDate":"2017-05-16T01:49:31Z","PwnCount":2231256,"Description":"In May 2017, \u003Ca href=\u0022http://www.cbc.ca/beta/news/technology/bell-data-breach-customer-names-phone-numbers-emails-leak-1.4116608\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Bell telecommunications company in Canada suffered a data breach\u003C/a\u003E resulting in the exposure of millions of customer records. The data was consequently leaked online with a message from the attacker stating that they were \u0026quot;releasing a significant portion of Bell.ca\u0027s data due to the fact that they have failed to cooperate with us\u0026quot; and included a threat to leak more. The impacted data included over 2 million unique email addresses and 153k survey results dating back to 2011 and 2012. There were also 162 Bell employee records with more comprehensive personal data including names, phone numbers and plain text \u0026quot;passcodes\u0026quot;. Bell suffered another breach in 2014 which exposed 40k records.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bell.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Job titles","Names","Passwords","Phone numbers","Spoken languages","Survey results","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Benchmark","Title":"Benchmark","Domain":"benchmark.rs","BreachDate":"2019-11-01","AddedDate":"2023-01-01T01:50:43Z","ModifiedDate":"2023-01-01T01:52:21Z","PwnCount":93343,"Description":"In November 2019, the Serbian technology news website \u003Ca href=\u0022https://forum.benchmark.rs/threads/benchmark-forum-kompromitovan.489760/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBenchmark suffered a breach of its forum\u003C/a\u003E that exposed 93k customer records. The breach exposed IP and email addresses, usernames and passwords stored as salted MD5 hashes. \u003Ca href=\u0022https://forum.benchmark.rs/threads/benchmark-forum-kompromitovan.489760/#post-6758095\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EA forum administrator subsequently advised that the breach was due to the forum previously running on an outdated vBulletin instance\u003C/a\u003E. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;ZAN @ BF\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Benchmark.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bestialitysextaboo","Title":"Bestialitysextaboo","Domain":"bestialitysextaboo.com","BreachDate":"2018-03-19","AddedDate":"2018-03-29T06:10:06Z","ModifiedDate":"2018-03-29T06:10:06Z","PwnCount":3204,"Description":"In March 2018, the animal bestiality website known as \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/evqvpz/bestiality-website-hacked-troy-hunt-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBestialitysextaboo was hacked\u003C/a\u003E. A collection of various sites running on the same service were also compromised and details of the hack (including links to the data) were posted on a popular forum. In all, more than 3.2k unique email addresses were included alongside usernames, IP addresses, dates of birth, genders and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bestialitysextaboo.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bhinneka","Title":"Bhinneka","Domain":"bhinneka.com","BreachDate":"2020-01-27","AddedDate":"2022-10-06T05:11:47Z","ModifiedDate":"2022-10-06T05:11:47Z","PwnCount":1274340,"Description":"In early 2020, the Indonesian consumer electronics website \u003Ca href=\u0022https://www.thejakartapost.com/news/2020/05/13/e-commerce-platform-bhinneka-com-reported-to-be-latest-target-of-data-theft.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBhinneka suffered a data breach that exposed almost 1.3M customer records\u003C/a\u003E. The data included email and physical addresses, names, genders, dates of birth, phone numbers and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bhinneka.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"bigbasket","Title":"bigbasket","Domain":"bigbasket.com","BreachDate":"2020-10-14","AddedDate":"2021-04-26T04:00:10Z","ModifiedDate":"2021-04-26T06:15:01Z","PwnCount":24500011,"Description":"In October 2020, the Indian grocery platform \u003Ca href=\u0022https://indianexpress.com/article/business/business-others/bigbasket-data-breach-user-details-leaked-dark-web-cyber-crime-7009578/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebigbasket suffered a data breach that exposed over 20 million customer records\u003C/a\u003E. The data was originally sold before being leaked publicly in April the following year and included email, IP and physical addresses, names, phones numbers, dates of birth passwords stored as Django(SHA-1) hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/bigbasket.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BigMoneyJobs","Title":"BigMoneyJobs","Domain":"bigmoneyjobs.com","BreachDate":"2014-04-03","AddedDate":"2014-04-08T05:44:10Z","ModifiedDate":"2014-04-08T05:44:10Z","PwnCount":36789,"Description":"In April 2014, the job site \u003Ca href=\u0022http://www.bigmoneyjobs.com\u0022\u003Ebigmoneyjobs.com\u003C/a\u003E was \u003Ca href=\u0022https://twitter.com/ProbablyOnion2/status/451477310319779841\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by an attacker known as \u0026quot;ProbablyOnion\u0026quot;\u003C/a\u003E. The attack resulted in the \u003Ca href=\u0022http://news.softpedia.com/news/BigMoneyJobs-Hacked-Details-of-36-000-Users-Leaked-Online-436250.shtml?utm_source=twitterfeed\u0026utm_medium=twitter\u0026utm_campaign=information_security\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eexposure of over 36,000 user accounts\u003C/a\u003E including email addresses, usernames and passwords which were stored in plain text. The attack was allegedly mounted by exploiting a SQL injection vulnerability.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BigMoneyJobs.png","DataClasses":["Career levels","Education levels","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations","User website URLs","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BinWeevils","Title":"Bin Weevils","Domain":"binweevils.com","BreachDate":"2014-09-01","AddedDate":"2017-08-18T07:10:57Z","ModifiedDate":"2017-08-18T07:10:57Z","PwnCount":1287073,"Description":"In September 2014, the online game \u003Ca href=\u0022http://blog.binweevils.com/2014/09/important-security-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBin Weevils suffered a data breach\u003C/a\u003E. Whilst originally stating that only usernames and passwords had been exposed, \u003Ca href=\u0022https://www.databreaches.net/data-from-2014-hack-of-childrens-online-game-bin-weevils-leaked-online-hacker-claims-20m-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea subsequent story on DataBreaches.net indicated that a more extensive set of personal attributes were impacted\u003C/a\u003E (comments there also suggest the data may have come from a later breach). Data matching that pattern was later provided to Have I Been Pwned by \u003Ca href=\u0022https://twitter.com/akshayindia6\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E@akshayindia6\u003C/a\u003E and included almost 1.3m unique email addresses, genders, ages and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BinWeevils.png","DataClasses":["Ages","Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BiohackMe","Title":"Biohack.me","Domain":"biohack.me","BreachDate":"2016-12-02","AddedDate":"2017-08-23T20:47:39Z","ModifiedDate":"2017-08-23T20:47:39Z","PwnCount":3402,"Description":"In December 2016, the forum for the biohacking website \u003Ca href=\u0022https://forum.biohack.me/index.php?p=/discussion/2101/critical-website-server-compromised-read-this-action-needed\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBiohack.me suffered a data breach\u003C/a\u003E that exposed 3.4k accounts. The data included usernames, email addresses and hashed passwords along with the private messages of forum members. The data was self-submitted to HIBP by the Biohack.me operators.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BiohackMe.png","DataClasses":["Email addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BTSec","Title":"Bitcoin Security Forum Gmail Dump","Domain":"forum.btcsec.com","BreachDate":"2014-01-09","AddedDate":"2014-09-10T20:30:11Z","ModifiedDate":"2014-09-10T20:30:11Z","PwnCount":4789599,"Description":"In September 2014, a large dump of nearly 5M usernames and passwords was \u003Ca href=\u0022https://forum.btcsec.com/index.php?/topic/9426-gmail-meniai-parol/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eposted to a Russian Bitcoin forum\u003C/a\u003E. Whilst commonly reported as 5M \u0026quot;Gmail passwords\u0026quot;, the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were \u003Ca href=\u0022http://web.archive.org/web/20140910190920/http://www.reddit.com/r/netsec/comments/2fz13q/5_millions_of_gmail_passwords_leaked_rus_most/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Econfirmed by multiple source as correct\u003C/a\u003E, albeit a number of years old.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BTSec.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BitcoinTalk","Title":"Bitcoin Talk","Domain":"bitcointalk.org","BreachDate":"2015-05-22","AddedDate":"2017-03-27T23:45:41Z","ModifiedDate":"2017-03-27T23:45:41Z","PwnCount":501407,"Description":"In May 2015, the Bitcoin forum \u003Ca href=\u0022https://www.cryptocoinsnews.com/bitcoin-exchange-btc-e-bitcointalk-forum-breaches-details-revealed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBitcoin Talk was hacked\u003C/a\u003E and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BitcoinTalk.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Passwords","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bitly","Title":"Bitly","Domain":"bitly.com","BreachDate":"2014-05-08","AddedDate":"2017-10-06T06:31:50Z","ModifiedDate":"2017-10-06T08:05:10Z","PwnCount":9313136,"Description":"In May 2014, the link management company \u003Ca href=\u0022https://bitly.com/blog/urgent-security-update-regarding-your-bitly-account/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBitly announced they\u0027d suffered a data breach\u003C/a\u003E. The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bitly.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BitTorrent","Title":"BitTorrent","Domain":"bittorrent.com","BreachDate":"2016-01-01","AddedDate":"2016-06-08T10:49:24Z","ModifiedDate":"2016-06-08T10:49:24Z","PwnCount":34235,"Description":"In January 2016, the forum for the popular torrent software \u003Ca href=\u0022https://motherboard.vice.com/read/another-day-another-hack-user-accounts-for-bittorrents-forum-hacking\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBitTorrent was hacked\u003C/a\u003E. The IP.Board based forum stored passwords as weak SHA1 salted hashes and the breached data also included usernames, email and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BitTorrent.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlackHatWorld","Title":"Black Hat World","Domain":"blackhatworld.com","BreachDate":"2014-06-23","AddedDate":"2015-11-03T22:20:17Z","ModifiedDate":"2015-11-03T22:20:17Z","PwnCount":777387,"Description":"In June 2014, the search engine optimisation forum \u003Ca href=\u0022http://www.blackhatworld.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlack Hat World\u003C/a\u003E had three quarters of a million accounts breached from their system. The breach included various personally identifiable attributes which were publicly released in a MySQL database script.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlackHatWorld.png","DataClasses":["Dates of birth","Email addresses","Instant messenger identities","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlackBerryFans","Title":"BlackBerry Fans","Domain":"blackberryfans.org","BreachDate":"2022-05-06","AddedDate":"2022-05-16T02:15:13Z","ModifiedDate":"2022-05-16T02:16:15Z","PwnCount":174168,"Description":"In May 2022, the Chinese BlackBerry enthusiasts website \u003Ca href=\u0022http://blackberryfans.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlackBerry Fans\u003C/a\u003E suffered a data breach that exposed 174k member records. The impacted data included usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlackBerryFans.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlackSpigotMC","Title":"BlackSpigotMC","Domain":"blackspigot.com","BreachDate":"2019-07-14","AddedDate":"2019-07-17T18:44:17Z","ModifiedDate":"2019-07-17T18:44:17Z","PwnCount":140029,"Description":"In July 2019, the hacking website \u003Ca href=\u0022https://blackspigot.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlackSpigotMC suffered a data breach\u003C/a\u003E. The XenForo forum based site was allegedly compromised by a rival hacking website and resulted in 8.5GB of data being leaked including the database and website itself. The exposed data included 140k unique email addresses, usernames, IP addresses, genders, geographic locations and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlackSpigotMC.png","DataClasses":["Device information","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BlankMediaGames","Title":"BlankMediaGames","Domain":"blankmediagames.com","BreachDate":"2018-12-28","AddedDate":"2019-01-02T05:52:56Z","ModifiedDate":"2019-01-02T06:03:19Z","PwnCount":7633234,"Description":"In December 2018, the Town of Salem website produced by \u003Ca href=\u0022https://blog.dehashed.com/town-of-salem-blankmediagames-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlankMediaGames suffered a data breach\u003C/a\u003E. Reported to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDeHashed\u003C/a\u003E, the data contained 7.6M unique user email addresses alongside usernames, IP addresses, purchase histories and passwords stored as phpass hashes. DeHashed made multiple attempts to contact BlankMediaGames over various channels and many days but had yet to receive a response at the time of publishing.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlankMediaGames.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Passwords","Purchases","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BleachAnime","Title":"Bleach Anime Forum","Domain":"bleachanime.org","BreachDate":"2015-01-01","AddedDate":"2023-11-29T06:22:50Z","ModifiedDate":"2023-11-29T06:22:50Z","PwnCount":143711,"Description":"In 2015, the now defunct independent forum for the Bleach Anime series suffered a data breach that exposed 144k user records. The impacted data included usernames, email addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BleachAnime.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BloomsToday","Title":"Blooms Today","Domain":"bloomstoday.com","BreachDate":"2023-11-11","AddedDate":"2024-09-03T07:06:36Z","ModifiedDate":"2024-09-03T07:06:36Z","PwnCount":3184010,"Description":"In April 2024, \u003Ca href=\u0022https://dailydarkweb.net/blooms-today-alleged-data-breach-threat-actor-offers-15-million-records-for-sale-at-5000/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E15M records from the online florist Blooms Today were listed for sale on a popular hacking forum\u003C/a\u003E. The most recent data in the breach corpus was from November 2023 and appeared alongside 3.2M unique email addresses, names, phone numbers physical addresses and partial credit card data (card type, 4 digits of the number and expiry date). The breach did not expose sufficient card data to make purchases. Blooms Today did not respond when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BloomsToday.png","DataClasses":["Email addresses","Names","Partial credit card data","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"boAt","Title":"boAt","Domain":"boat-lifestyle.com","BreachDate":"2024-03-25","AddedDate":"2024-04-08T08:33:44Z","ModifiedDate":"2024-04-09T04:17:09Z","PwnCount":7528985,"Description":"In March 2024, the Indian audio and wearables brand \u003Ca href=\u0022https://www.forbesindia.com/article/news/hit-with-massive-data-breach-boat-loses-data-of-75-million-customers/92483/1\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EboAt suffered a data breach that exposed 7.5M customer records\u003C/a\u003E. The data included physical and email address, names and phone numbers, all of which were subsequently published to a popular clear web hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/boAt.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bolt","Title":"Bolt","Domain":"bolt.cd","BreachDate":"2017-03-01","AddedDate":"2017-11-24T08:15:24Z","ModifiedDate":"2017-11-24T08:16:45Z","PwnCount":995274,"Description":"In approximately March 2017, the file sharing website \u003Ca href=\u0022http://bolt.cd/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBolt\u003C/a\u003E suffered a data breach resulting in the exposure of 995k unique user records. The data was sourced from their vBulletin forum and contained email and IP addresses, usernames and salted MD5 password hashes. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bolt.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BombujEu","Title":"Bombuj.eu","Domain":"bombuj.eu","BreachDate":"2018-12-07","AddedDate":"2018-12-10T14:04:47Z","ModifiedDate":"2018-12-10T14:04:47Z","PwnCount":575437,"Description":"In December 2018, the Slovak website for watching movies online for free \u003Ca href=\u0022https://www.bombuj.eu\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBombuj.eu\u003C/a\u003E suffered a data breach. The incident exposed over 575k unique email addresses and passwords stored as unsalted MD5 hashes. No response was received from Bombuj.eu when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BombujEu.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bonobos","Title":"Bonobos","Domain":"bonobos.com","BreachDate":"2020-08-14","AddedDate":"2021-01-31T00:09:25Z","ModifiedDate":"2021-01-31T00:12:58Z","PwnCount":2811929,"Description":"In August 2020, the clothing store \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/bonobos-clothing-store-suffers-a-data-breach-hacker-leaks-70gb-database/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBonobos suffered a data breach\u003C/a\u003E that exposed almost 70GB of data containing 2.8 million unique email addresses. The breach also exposed names, physical and IP addresses, phone numbers, order histories and passwords stored as salted SHA-512 hashes, including historical passwords. The breach also exposed partial credit card data including card type, the name on the card, expiry date and the last 4 digits of the card. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bonobos.png","DataClasses":["Email addresses","Historical passwords","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bookchor","Title":"Bookchor","Domain":"bookchor.com","BreachDate":"2021-01-28","AddedDate":"2022-07-03T23:41:38Z","ModifiedDate":"2022-07-03T23:41:38Z","PwnCount":498297,"Description":"In January 2021, the Indian book trading website \u003Ca href=\u0022https://www.opindia.com/2021/04/bookchor-data-breach-information-of-over-5-lakh-users-leaked-what-we-know-so-far/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBookchor suffered a data breach that exposed half a million customer records\u003C/a\u003E. The exposed data included email and IP addresses, names, genders, dates of birth, phone numbers and passwords stored as unsalted MD5 hashes. The data was subsequently traded on a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bookchor.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BookCrossing","Title":"BookCrossing","Domain":"bookcrossing.com","BreachDate":"2012-11-05","AddedDate":"2023-07-25T02:24:52Z","ModifiedDate":"2023-07-25T03:53:37Z","PwnCount":1582323,"Description":"In August 2022, the book social networking site \u003Ca href=\u0022https://www.bookcrossing.com/forum/9/584194\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBookCrossing disclosed a data breach that dated back to a database backup from November 2012\u003C/a\u003E. The incident exposed almost 1.6M records including names, usernames, email and IP addresses, dates of birth and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BookCrossing.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bookmate","Title":"Bookmate","Domain":"bookmate.com","BreachDate":"2018-07-08","AddedDate":"2019-03-22T16:25:58Z","ModifiedDate":"2019-03-22T16:25:58Z","PwnCount":3830916,"Description":"In mid-2018, the social ebook subscription service \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBookmate was among a raft of sites that were breached and their data then sold in early-2019\u003C/a\u003E. The data included almost 4 million unique email addresses alongside names, genders, dates of birth and passwords stored as salted SHA-512 hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bookmate.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BotOfLegends","Title":"Bot of Legends","Domain":"botoflegends.com","BreachDate":"2014-11-13","AddedDate":"2016-12-27T08:24:52Z","ModifiedDate":"2016-12-27T08:24:52Z","PwnCount":238373,"Description":"In November 2014, the forum for \u003Ca href=\u0022http://botoflegends.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBot of Legends\u003C/a\u003E suffered a data breach. The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BotOfLegends.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BourseDesVols","Title":"Bourse des Vols","Domain":"bourse-des-vols.com","BreachDate":"2021-01-12","AddedDate":"2022-07-03T05:17:56Z","ModifiedDate":"2022-07-03T05:17:56Z","PwnCount":1460130,"Description":"In January 2021, the French travel company \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/02/19/dark-web-roundup-january-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBourse des Vols suffered a data breach that exposed 1.46M unique email addresses\u003C/a\u003E across more than 1.2k .sql files and over 9GB of data. The impacted data exposed personal information and travel histories including names, phone numbers, IP and physical addresses, dates of birth along with flights taken and purchases.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BourseDesVols.png","DataClasses":["Dates of birth","Email addresses","Flights taken","IP addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Boxee","Title":"Boxee","Domain":"forums.boxee.com","BreachDate":"2014-03-29","AddedDate":"2014-03-30T13:07:16Z","ModifiedDate":"2014-03-30T13:07:16Z","PwnCount":158093,"Description":"In March 2014, the home theatre PC software maker Boxee had their forums compromised in an attack. The attackers obtained the entire vBulletin MySQL database and promptly posted it for download on the Boxee forum itself. The data included 160k users, password histories, private messages and a variety of other data exposed across nearly 200 publicly exposed tables.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Boxee.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Historical passwords","Instant messenger identities","IP addresses","Passwords","Private messages","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BrandNewTube","Title":"Brand New Tube","Domain":"brandnewtube.com","BreachDate":"2022-08-14","AddedDate":"2022-09-08T08:00:37Z","ModifiedDate":"2022-09-08T08:00:37Z","PwnCount":349627,"Description":"In August 2022, the streaming website \u003Ca href=\u0022https://unitynewsnetwork.co.uk/streaming-site-brand-new-tube-sees-massive-data-breach-with-ip-addresses-and-names-of-users-revealed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBrand New Tube suffered a data breach that exposed the personal information of almost 350k subscribers\u003C/a\u003E. The impacted data included email and IP addresses, usernames, genders, passwords stored as unsalted SHA-1 hashes and private messages.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BrandNewTube.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Brazzers","Title":"Brazzers","Domain":"brazzers.com","BreachDate":"2013-04-01","AddedDate":"2016-09-05T10:02:23Z","ModifiedDate":"2016-09-05T10:02:23Z","PwnCount":790724,"Description":"In April 2013, the adult website known as \u003Ca href=\u0022https://motherboard.vice.com/read/nearly-800000-brazzers-porn-site-accounts-exposed-in-forum-hack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBrazzers was hacked\u003C/a\u003E and 790k accounts were exposed publicly. Each record included a username, email address and password stored in plain text. The breach was brought to light by the \u003Ca href=\u0022https://vigilante.pw\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E data breach reporting site in September 2016.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Brazzers.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BreachForums","Title":"BreachForums","Domain":"breached.vc","BreachDate":"2022-11-29","AddedDate":"2023-07-26T21:08:55Z","ModifiedDate":"2023-07-26T21:08:55Z","PwnCount":212156,"Description":"In November 2022, the well-known hacking forum \u0026quot;BreachForums\u0026quot; was itself, breached. Later the following year, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/fbi-seizes-breachforums-after-arresting-its-owner-pompompurin-in-march/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe operator of the website was arrested and the site seized by law enforcement agencies\u003C/a\u003E. The breach exposed 212k records including usernames, IP and email addresses, private messages between site members and passwords stored as argon2 hashes. The data was provided to HIBP by a source who requested it be attributed to \u003Ca href=\u0022http://t.me/breached_db_person\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;breached_db_person\u0026quot;\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BreachForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BreachForumsClone","Title":"BreachForums Clone","Domain":"breachforums.vc","BreachDate":"2023-06-17","AddedDate":"2023-06-25T05:47:36Z","ModifiedDate":"2023-06-25T05:52:08Z","PwnCount":4204,"Description":"In June 2023, \u003Ca href=\u0022https://www.hackread.com/breachforums-data-breach-members-data-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea clone of the previously shuttered popular hacking forum \u0026quot;BreachForums\u0026quot; suffered a data breach that exposed over 4k records\u003C/a\u003E. The breach was due to an exposed backup of the MyBB database which included email and IP addresses, usernames and Argon2 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BreachForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BTCAlpha","Title":"BTC-Alpha","Domain":"btc-alpha.com","BreachDate":"2021-11-02","AddedDate":"2022-01-27T23:39:18Z","ModifiedDate":"2022-01-27T23:39:18Z","PwnCount":362426,"Description":"In November 2021, the crypto exchange platform \u003Ca href=\u0022https://www.techtarget.com/searchsecurity/news/252509877/Cryptocurrency-exchange-BTC-Alpha-confirms-ransomware-attack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBTC-Alpha suffered a ransomware attack data breach\u003C/a\u003E after which customer data was publicly dumped. The impacted data included 362k email and IP addresses, usernames and passwords stored as PBKDF2 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BTCAlpha.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BTCE","Title":"BTC-E","Domain":"btc-e.com","BreachDate":"2014-10-01","AddedDate":"2017-03-12T03:21:52Z","ModifiedDate":"2017-03-12T03:21:52Z","PwnCount":568340,"Description":"In October 2014, \u003Ca href=\u0022https://www.databreaches.net/bitcoin-exchange-btc-e-and-bitcointalk-forum-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Bitcoin exchange BTC-E was hacked\u003C/a\u003E and 568k accounts were exposed. The data included email and IP addresses, wallet balances and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BTCE.png","DataClasses":["Account balances","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BtoBet","Title":"BtoBet","Domain":"btobet.com","BreachDate":"2019-12-26","AddedDate":"2020-01-11T20:16:42Z","ModifiedDate":"2020-01-11T20:28:06Z","PwnCount":444241,"Description":"In December 2019, \u003Ca href=\u0022https://www.troyhunt.com/the-difficulty-of-disclosure-surebet247-and-the-streisand-effect/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large collection of data from Nigerian gambling company Surebet247 was sent to HIBP\u003C/a\u003E. Alongside the Surebet247, database backups from gambling sites BetAlfa, BetWay, BongoBongo and TopBet was also included. Further investigation \u003Ca href=\u0022https://www.iafrikan.com/2020/01/09/btobet-sports-betting-technology-software-neuron-platform-surebet247-gambling-data-security-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eimplicated betting platform provider BtoBet as being the common source of the data\u003C/a\u003E. Impacted data included user records and extensive information on gambling histories.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BtoBet.png","DataClasses":["Dates of birth","Email addresses","Financial transactions","Geographic locations","IP addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BudTrader","Title":"BudTrader","Domain":"budtrader.com","BreachDate":"2024-06-27","AddedDate":"2024-10-01T13:51:19Z","ModifiedDate":"2024-10-01T13:51:19Z","PwnCount":2721185,"Description":"In July 2024, \u003Ca href=\u0022https://darkwebinformer.com/a-threat-actor-is-allegedly-selling-data-to-budtrader-com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach of the now defunct cannabis social platform BudTrader was posted for sale on a hacking forum\u003C/a\u003E. Dating back to the previous month, the breach of the website exposed 2.7M email addresses, usernames and WordPress password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BudTrader.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Bukalapak","Title":"Bukalapak","Domain":"bukalapak.com","BreachDate":"2017-10-23","AddedDate":"2019-04-18T01:57:35Z","ModifiedDate":"2019-04-18T02:10:15Z","PwnCount":13369666,"Description":"In March 2019, the Indonesian e-commerce website \u003Ca href=\u0022https://www.bukalapak.com/blog/feature-updates/petunjuk-teknis-105502\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBukalapak discovered a data breach of the organisation\u0027s backups dating back to October 2017\u003C/a\u003E. The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;Maxime Thalet\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Bukalapak.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BulgarianNationalRevenueAgency","Title":"Bulgarian National Revenue Agency","Domain":"nap.bg","BreachDate":"2019-07-15","AddedDate":"2019-07-18T18:38:49Z","ModifiedDate":"2019-07-18T18:38:49Z","PwnCount":471167,"Description":"In July 2019, \u003Ca href=\u0022https://thenextweb.com/security/2019/07/16/bulgaria-tax-agency-data-leak-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive data breach of the Bulgarian National Revenue Agency began circulating with data on 5 million people\u003C/a\u003E. Allegedly obtained in June, the data was broadly shared online and included taxation information alongside names, phone numbers, physical addresses and 471 thousand unique email addresses. The breach is said to have affected \u0026quot;nearly all adults in Bulgaria\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BulgarianNationalRevenueAgency.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Taxation records"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BusinessAcumen","Title":"Business Acumen Magazine","Domain":"businessacumen.biz","BreachDate":"2014-04-25","AddedDate":"2014-05-11T04:25:48Z","ModifiedDate":"2014-05-11T04:25:48Z","PwnCount":26596,"Description":"In April 2014, the Australian \u0022Business Acumen Magazine\u0022 website was \u003Ca href=\u0022http://1337mir.com/cracked/2014/04/businessacumen-biz-hacked-26000-user-password-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by an attacker known as 1337MiR\u003C/a\u003E. The breach resulted in over 26,000 accounts being exposed including usernames, email addresses and password stored with a weak cryptographic hashing algorithm (MD5 with no salt).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BusinessAcumen.png","DataClasses":["Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CafeMom","Title":"CafeMom","Domain":"cafemom.com","BreachDate":"2014-04-10","AddedDate":"2017-11-09T19:54:20Z","ModifiedDate":"2017-11-09T19:55:00Z","PwnCount":2628148,"Description":"In 2014, the social network for mothers \u003Ca href=\u0022http://www.cafemom.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECafeMom\u003C/a\u003E suffered a data breach. The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CafeMom.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CafePress","Title":"CafePress","Domain":"cafepress.com","BreachDate":"2019-02-20","AddedDate":"2019-08-05T01:18:43Z","ModifiedDate":"2019-08-05T20:02:32Z","PwnCount":23205290,"Description":"In February 2019, the custom merchandise retailer \u003Ca href=\u0022https://www.cafepress.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECafePress\u003C/a\u003E suffered a data breach. The exposed data included 23 million unique email addresses with some records also containing names, physical addresses, phone numbers and passwords stored as SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CafePress.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CannabisForum","Title":"Cannabis.com","Domain":"cannabis.com","BreachDate":"2014-02-05","AddedDate":"2014-06-01T07:55:24Z","ModifiedDate":"2014-06-01T07:55:24Z","PwnCount":227746,"Description":"In February 2014, the vBulletin forum for the Marijuana site cannabis.com was breached and \u003Ca href=\u0022https://www.google.com/search?q=%22cannabisforum.tar%22\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eleaked publicly\u003C/a\u003E. Whilst there has been no public attribution of the breach, the leaked data included over 227k accounts and nearly 10k private messages between users of the forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CannabisForum.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Historical passwords","Instant messenger identities","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Canva","Title":"Canva","Domain":"canva.com","BreachDate":"2019-05-24","AddedDate":"2019-08-09T14:24:01Z","ModifiedDate":"2019-08-09T14:24:01Z","PwnCount":137272116,"Description":"In May 2019, the graphic design tool website \u003Ca href=\u0022https://support.canva.com/contact/customer-support/may-24-security-incident-faqs/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECanva suffered a data breach\u003C/a\u003E that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords stored as bcrypt hashes for users not using social logins. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Canva.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CapialEconomics","Title":"Capital Economics","Domain":"capitaleconomics.com","BreachDate":"2020-12-12","AddedDate":"2022-07-04T08:16:36Z","ModifiedDate":"2022-07-04T08:16:36Z","PwnCount":263829,"Description":"In December 2020, the economic research company \u003Ca href=\u0022https://securityaffairs.co/wordpress/113581/deep-web/capital-economics-data-leak.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECapital Economics suffered a data breach that exposed 263k customer records\u003C/a\u003E. The exposed data included email and physical addresses, names, phone numbers, job titles and the employer of impacted customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CapialEconomics.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CardingMafiaDec2021","Title":"Carding Mafia (December 2021)","Domain":"cardmafia.cc","BreachDate":"2021-12-28","AddedDate":"2022-01-16T00:04:04Z","ModifiedDate":"2022-01-16T00:04:04Z","PwnCount":303877,"Description":"In December 2021, the Carding Mafia forum suffered a data breach that exposed over 300k members\u0027 email addresses. Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes. This breach came only 9 months after another breach of the forum in March 2021.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CardingMafia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CardingMafia","Title":"Carding Mafia (March 2021)","Domain":"cardmafia.cc","BreachDate":"2021-03-18","AddedDate":"2021-03-23T05:00:29Z","ModifiedDate":"2022-01-15T23:30:24Z","PwnCount":297744,"Description":"In March 2021, the Carding Mafia forum suffered a data breach that exposed almost 300k members\u0027 email addresses. Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CardingMafia.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CashCrate","Title":"CashCrate","Domain":"cashcrate.com","BreachDate":"2016-11-17","AddedDate":"2018-04-20T21:40:38Z","ModifiedDate":"2018-04-20T21:40:38Z","PwnCount":6844490,"Description":"In June 2017, news broke that \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/bj8pvq/hackers-steal-6-million-user-accounts-for-cash-for-surveys-site\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECashCrate had suffered a data breach exposing 6.8 million records\u003C/a\u003E. The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CashCrate.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Catho","Title":"Catho","Domain":"catho.com.br","BreachDate":"2020-03-01","AddedDate":"2020-08-18T22:52:39Z","ModifiedDate":"2020-08-18T22:52:39Z","PwnCount":1173012,"Description":"In approximately March 2020, the Brazilian recruitment website \u003Ca href=\u0022https://www.binarydefense.com/threat_watch/shinyhunters-serving-up-21-new-compromised-databases/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECatho was compromised and subsequently appeared alongside 20 other breached websites\u003C/a\u003E listed for sale on a dark web marketplace. The breach included almost 11 million records with 1.2 million unique email addresses. Names, usernames and plain text passwords were also exposed. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Catho.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CDProjektRed","Title":"CD Projekt RED","Domain":"cdprojektred.com","BreachDate":"2016-03-01","AddedDate":"2017-01-31T06:40:09Z","ModifiedDate":"2017-01-31T06:40:09Z","PwnCount":1871373,"Description":"In March 2016, \u003Ca href=\u0022http://forums.cdprojektred.com/forum/en/the-witcher-series/news-aa/7248610-important-potential-unauthorized-access-to-the-forums%E2%80%99-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPolish game developer CD Projekt RED suffered a data breach\u003C/a\u003E. The hack of their forum led to the exposure of almost 1.9 million accounts along with usernames, email addresses and salted SHA1 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CDProjektRed.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CDEK","Title":"CDEK","Domain":"cdek.ru","BreachDate":"2022-03-09","AddedDate":"2022-03-17T06:19:02Z","ModifiedDate":"2022-03-17T06:19:02Z","PwnCount":19218203,"Description":"In early 2022, a collective known as \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/ukraine-recruits-it-army-to-hack-russian-entities-lists-31-targets/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EIT Army whose stated goal is to \u0026quot;completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases\u0026quot;\u003C/a\u003E published over 30GB of data allegedly sourced from Russian courier service CDEK. The data contained over 19M unique email addresses along with names and phone numbers. The authenticity of the breach could not be independently established and has been flagged as \u0026quot;unverfieid\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CDEK.png","DataClasses":["Email addresses","Names","Phone numbers"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CentralTickets","Title":"Central Tickets","Domain":"centraltickets.co.uk","BreachDate":"2024-07-01","AddedDate":"2024-09-30T15:57:13Z","ModifiedDate":"2024-09-30T15:57:13Z","PwnCount":722860,"Description":"In September 2024, \u003Ca href=\u0022https://www.linkedin.com/posts/threatmon_databreach-cybersecurity-centraltickets-activity-7243167088565960705-vUDM/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the ticketing service Central Tickets was publicly posted to a hacking forum\u003C/a\u003E. The data suggests the breach occurred several months earlier and exposed 723k unique email addresses alongside names, phone numbers, IP addresses, purchases and passwords stored as unsalted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CentralTickets.png","DataClasses":["Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chatbooks","Title":"Chatbooks","Domain":"chatbooks.com","BreachDate":"2020-03-26","AddedDate":"2020-07-29T21:21:46Z","ModifiedDate":"2020-07-29T21:21:46Z","PwnCount":2520441,"Description":"In March 2020, the photo print service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/chatbooks-discloses-data-breach-after-data-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChatbooks suffered a data breach\u003C/a\u003E which was subsequently put up for sale on a dark web marketplace. The breach contained 15 million user records with 2.5 million unique email addresses alongside names, phone numbers, social media profiles and salted SHA-512 password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chatbooks.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CheapAssGamer","Title":"CheapAssGamer.com","Domain":"cheapassgamer.com","BreachDate":"2015-07-01","AddedDate":"2016-11-08T01:58:39Z","ModifiedDate":"2016-11-08T01:58:39Z","PwnCount":444767,"Description":"In approximately mid-2015, the forum for \u003Ca href=\u0022https://www.cheapassgamer.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECheapAssGamer.com\u003C/a\u003E suffered a data breach. The database from the IP.Board based forum contained 445k accounts including usernames, email and IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CheapAssGamer.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chegg","Title":"Chegg","Domain":"chegg.com","BreachDate":"2018-04-28","AddedDate":"2019-08-16T07:24:58Z","ModifiedDate":"2024-04-27T05:34:09Z","PwnCount":39721127,"Description":"In April 2018, the textbook rental service \u003Ca href=\u0022https://techcrunch.com/2018/09/26/chegg-resets-40-million-user-passwords-after-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChegg suffered a data breach\u003C/a\u003E that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes. A small number of records also contained physical address or phone number. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chegg.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chess","Title":"Chess","Domain":"chess.com","BreachDate":"2023-11-08","AddedDate":"2023-11-10T02:02:26Z","ModifiedDate":"2023-11-10T02:02:26Z","PwnCount":827620,"Description":"In November 2023, \u003Ca href=\u0022https://www.hackread.com/hacker-leaks-scraped-chess-com-user-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 800k user records were scraped from the Chess website and posted to a popular hacking forum\u003C/a\u003E. The data included email address, name, username and the geographic location of the user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chess.png","DataClasses":["Email addresses","Geographic locations","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Chowbus","Title":"Chowbus","Domain":"chowbus.com","BreachDate":"2020-10-05","AddedDate":"2020-10-06T06:07:45Z","ModifiedDate":"2020-10-06T06:07:45Z","PwnCount":444224,"Description":"In October 2020, the Asian food delivery app \u003Ca href=\u0022https://www.reddit.com/r/UIUC/comments/j5fcjp/chowbus_is_hacked_leaks_800000_entries_of/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChowbus suffered a data breach which led to over 800,000 records being emailed to customers\u003C/a\u003E. The email contained a link to a CSV file with customer data including physical addresses, names, phone numbers and over 444,000 unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Chowbus.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ChrisLeong","Title":"Chris Leong","Domain":"chrisleong.com","BreachDate":"2024-08-10","AddedDate":"2024-08-13T22:16:41Z","ModifiedDate":"2024-08-13T22:16:41Z","PwnCount":27096,"Description":"In August 2024, \u003Ca href=\u0022https://x.com/DarkWebInformer/status/1822330521147376007\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe website of Master Chris Leong \u0026quot;a leading Tit Tar practitioner in Malaysia\u0026quot; suffered a data breach\u003C/a\u003E. The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many cases, links to Facebook profiles. The company did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ChrisLeong.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Nationalities","Phone numbers","Physical addresses","Purchases","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Cit0day","Title":"Cit0day","Domain":"cit0day.in","BreachDate":"2020-11-04","AddedDate":"2020-11-19T08:07:33Z","ModifiedDate":"2020-11-19T08:07:33Z","PwnCount":226883414,"Description":"In November 2020, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-cit0day-breach-collection\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea collection of more than 23,000 allegedly breached websites known as Cit0day were made available for download on several hacking forums\u003C/a\u003E. The data consisted of 226M unique email address alongside password pairs, often represented as both password hashes and the cracked, plain text versions. Independent verification of the data established it contains many legitimate, previously undisclosed breaches. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CityBee","Title":"CityBee","Domain":"citybee.lt","BreachDate":"2021-02-05","AddedDate":"2021-02-17T00:52:52Z","ModifiedDate":"2021-02-17T00:52:52Z","PwnCount":110156,"Description":"In February 2021, the Lithuanian car-sharing service \u003Ca href=\u0022https://www.reuters.com/article/us-baltic-dataprotection-idUSKBN2AG2BW\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECityBee announced they\u0027d suffered a data breach that exposed 110k customers\u0027 personal information\u003C/a\u003E. The breach exposed names, email addresses, government issued IDs and passwords stored as unsalted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CityBee.png","DataClasses":["Email addresses","Government issued IDs","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CityJerks","Title":"CityJerks","Domain":"cityjerks.com","BreachDate":"2023-02-27","AddedDate":"2023-04-27T21:50:05Z","ModifiedDate":"2023-04-27T21:50:05Z","PwnCount":177554,"Description":"In early 2023, the \u0026quot;mutual masturbation\u0026quot; website \u003Ca href=\u0022https://techcrunch.com/2023/04/27/hackers-steal-emails-private-messages-from-hookup-websites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECityJerks suffered a data breach that exposed 177k unique email addresses\u003C/a\u003E. The breach also included data from the TruckerSucker \u0026quot;dating app for REAL TRUCKERS and REAL MEN\u0026quot; with the combined corpus of data also exposing usernames, IP addresses, dates of birth, sexual orientations, geo locations, private messages between members and passwords stored as salted MD5 hashes. The data was listed on a public hacking site and provided to HIBP by a source who requested it be attributed to \u0026quot;discord.gg/gN9C9em\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CityJerks.png","DataClasses":["Bios","Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","Profile photos","Sexual orientations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CivilOnline","Title":"Civil Online","Domain":"co188.com","BreachDate":"2011-07-10","AddedDate":"2016-11-07T20:41:52Z","ModifiedDate":"2016-11-07T20:41:52Z","PwnCount":7830195,"Description":"In mid-2011, data was allegedly obtained from the Chinese engineering website known as \u003Ca href=\u0022http://www.co188.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECivil Online\u003C/a\u003E and contained 7.8M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email and IP addresses, user names and MD5 password hashes. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CivilOnline.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClashOfKings","Title":"Clash of Kings","Domain":"f.elex.com","BreachDate":"2016-07-14","AddedDate":"2019-07-27T22:03:03Z","ModifiedDate":"2019-07-27T22:03:03Z","PwnCount":1604957,"Description":"In July 2016, \u003Ca href=\u0022https://www.zdnet.com/article/hacker-steals-forums-of-clash-of-kings-mobile-game/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum for the game \u0026quot;Clash of Kings\u0026quot; suffered a data breach\u003C/a\u003E that impacted 1.6 million subscribers. The impacted data included usernames, IP and email addresses and passwords stored as MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClashOfKings.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClearVoiceSurveys","Title":"ClearVoice Surveys","Domain":"clearvoicesurveys.com","BreachDate":"2015-08-23","AddedDate":"2021-04-23T05:00:19Z","ModifiedDate":"2021-04-23T05:00:19Z","PwnCount":15074786,"Description":"In April 2021, the market research surveys company \u003Ca href=\u0022https://www.clearvoicesurveys.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClearVoice Surveys\u003C/a\u003E had a publicly facing database backup from 2015 taken and redistributed on a popular hacking forum. The data included 15M unique email addresses across more than 17M rows of data that also included names, physical and IP addresses, genders, dates of birth and plain text passwords. ClearVoice Surveys advised they were aware of the breach and confirmed its authenticity.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClearVoiceSurveys.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClickASnap","Title":"ClickASnap","Domain":"clickasnap.com","BreachDate":"2022-09-24","AddedDate":"2024-03-13T03:47:22Z","ModifiedDate":"2024-03-13T03:47:22Z","PwnCount":3262980,"Description":"In September 2022, the online photo sharing platform \u003Ca href=\u0022https://blog.clickasnap.com/2022/10/14/clickasnap-website-breach-24-09-22/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClickASnap suffered a data breach\u003C/a\u003E. The incident exposed almost 3.3M personal records including email addresses, usernames and passwords stored as SHA-512 hashes. Further, a collection of paid subscriptions were also included and contained names, physical addresses and amounts paid.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClickASnap.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Purchases","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClixSense","Title":"ClixSense","Domain":"clixsense.com","BreachDate":"2016-09-04","AddedDate":"2016-09-11T06:37:25Z","ModifiedDate":"2016-09-11T06:37:25Z","PwnCount":2424784,"Description":"In September 2016, the paid-to-click site \u003Ca href=\u0022http://cybercashworldwide.com/clixsense-has-been-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClixSense suffered a data breach\u003C/a\u003E which exposed 2.4 million subscriber identities. The breached data was then posted online by the attackers who claimed it was a subset of a larger data breach totalling 6.6 million records. The leaked data was extensive and included names, physical, email and IP addresses, genders and birth dates, account balances and passwords stored as plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClixSense.png","DataClasses":["Account balances","Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Payment histories","Payment methods","Physical addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CloudPets","Title":"CloudPets","Domain":"cloudpets.com","BreachDate":"2017-01-01","AddedDate":"2017-02-27T20:57:29Z","ModifiedDate":"2017-02-27T20:57:29Z","PwnCount":583503,"Description":"In January, the maker of teddy bears that record children\u0027s voices and sends them to family and friends via the internet \u003Ca href=\u0022https://www.troyhunt.com/data-from-connected-cloudpets-teddy-bears-leaked-and-ransomed-exposing-kids-voice-messages\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECloudPets left their database publicly exposed and it was subsequently downloaded by external parties\u003C/a\u003E (the data was also subject to 3 different ransom demands). 583k records were provided to HIBP via a data trader and included email addresses and bcrypt hashes, but the full extent of user data exposed by the system was over 821k records and also included children\u0027s names and references to portrait photos and voice recordings.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CloudPets.png","DataClasses":["Email addresses","Family members\u0027 names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClubPenguinRewritten","Title":"Club Penguin Rewritten (January 2018)","Domain":"cprewritten.net","BreachDate":"2018-01-21","AddedDate":"2019-04-23T05:05:16Z","ModifiedDate":"2019-07-30T14:05:55Z","PwnCount":1688176,"Description":"In January 2018, the children\u0027s gaming site \u003Ca href=\u0022https://community.cprewritten.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClub Penguin Rewritten\u003C/a\u003E (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney\u0027s Club Penguin game). The incident exposed almost 1.7 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes. When contacted, CPRewritten advised they were aware of the breach and had \u0026quot;contacted affected users\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClubPenguinRewritten.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ClubPenguinRewrittenJul2019","Title":"Club Penguin Rewritten (July 2019)","Domain":"cprewritten.net","BreachDate":"2019-07-27","AddedDate":"2019-07-30T14:05:10Z","ModifiedDate":"2019-07-30T14:05:10Z","PwnCount":4007909,"Description":"In July 2019, the children\u0027s gaming site \u003Ca href=\u0022https://community.cprewritten.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EClub Penguin Rewritten\u003C/a\u003E (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney\u0027s Club Penguin game). In addition to an earlier data breach that impacted 1.7 million accounts, the subsequent breach exposed 4 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ClubPenguinRewritten.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Coachella","Title":"Coachella","Domain":"coachella.com","BreachDate":"2017-02-22","AddedDate":"2017-06-27T10:57:03Z","ModifiedDate":"2017-06-27T10:57:03Z","PwnCount":599802,"Description":"In February 2017, \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/mgkzkp/someone-is-selling-coachella-user-accounts-on-the-dark-web\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehundreds of thousands of records from the Coachella music festival were discovered being sold online\u003C/a\u003E. Allegedly taken from a combination of the main Coachella website and their vBulletin-based message board, the data included almost 600k usernames, IP and email addresses and salted hashes of passwords (MD5 in the case of the message board).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Coachella.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Coinmama","Title":"Coinmama","Domain":"coinmama.com","BreachDate":"2017-08-03","AddedDate":"2019-08-30T20:53:29Z","ModifiedDate":"2019-08-30T20:53:29Z","PwnCount":478824,"Description":"In August 2017, the crypto coin brokerage service \u003Ca href=\u0022https://cointelegraph.com/news/major-crypto-brokerage-coinmama-reports-450-000-users-affected-by-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoinmama suffered a data breach\u003C/a\u003E that impacted 479k subscribers. The breach was discovered in February 2019 with exposed data including email addresses, usernames and passwords stored as MD5 WordPress hashes. The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Coinmama.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CoinMarketCap","Title":"CoinMarketCap","Domain":"coinmarketcap.com","BreachDate":"2021-10-12","AddedDate":"2021-10-22T20:32:53Z","ModifiedDate":"2021-10-22T20:32:53Z","PwnCount":3117548,"Description":"During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website \u003Ca href=\u0022https://coinmarketcap.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoinMarketCap\u003C/a\u003E were discovered being traded on hacking forums. Whilst the email addresses were found to correlate with CoinMarketCap accounts, it\u0027s unclear precisely how they were obtained. CoinMarketCap has provided the following statement on the data: \u0026quot;CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses (no passwords), we have found a correlation with our subscriber base. We have not found any evidence of a data leak from our own servers \u2014 we are actively investigating this issue and will update our subscribers as soon as we have any new information.\u0026quot;","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CoinMarketCap.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CoinTracker","Title":"CoinTracker","Domain":"cointracker.io","BreachDate":"2022-12-01","AddedDate":"2022-12-12T08:55:48Z","ModifiedDate":"2023-01-01T07:04:48Z","PwnCount":1557153,"Description":"In December 2022, the Crypto \u0026 NFT taxes service \u003Ca href=\u0022https://www.databreaches.net/important-cointracker-security-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoinTracker reported a data breach that impacted over 1.5M of their customers\u003C/a\u003E. The company \u003Ca href=\u0022https://www.cointracker.io/blog/sendgrid-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Elater attributed the breach to a compromise SendGrid\u003C/a\u003E in an attack that targeted multiple customers of the email provider. The breach exposed email addresses and partially redacted phone numbers, with CoinTracker advising that the later did not originate from their service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CoinTracker.png","DataClasses":["Email addresses","Partial phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Collection1","Title":"Collection #1","Domain":"","BreachDate":"2019-01-07","AddedDate":"2019-01-16T21:46:07Z","ModifiedDate":"2019-01-16T21:50:21Z","PwnCount":772904991,"Description":"In January 2019, a large collection of credential stuffing lists (combinations of email addresses and passwords used to hijack accounts on other services) was discovered being distributed on a popular hacking forum. The data contained almost 2.7 \u003Cem\u003Ebillion\u003C/em\u003E records including 773 million unique email addresses alongside passwords those addresses had used on other breached services. Full details on the incident and how to search the breached passwords are provided in the blog post \u003Ca href=\u0022https://www.troyhunt.com/the-773-million-record-collection-1-data-reach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe 773 Million Record \u0022Collection #1\u0022 Data Breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TelegramCombolists","Title":"Combolists Posted to Telegram","Domain":"","BreachDate":"2024-05-28","AddedDate":"2024-06-03T19:10:03Z","ModifiedDate":"2024-06-11T07:01:09Z","PwnCount":361468099,"Description":"In May 2024, \u003Ca href=\u0022https://troyhunt.com/telegram-combolists-and-361m-email-addresses\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2B rows of data with 361M unique email addresses were collated from malicious Telegram channels\u003C/a\u003E. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Comcast","Title":"Comcast","Domain":"comcast.net","BreachDate":"2015-11-08","AddedDate":"2016-02-08T21:41:43Z","ModifiedDate":"2016-02-08T21:41:43Z","PwnCount":616882,"Description":"In November 2015, the US internet and cable TV provider Comcast \u003Ca href=\u0022http://www.ibtimes.co.uk/comcast-data-breach-590000-customer-passwords-go-sale-dark-web-1528026\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach that exposed 590k customer email addresses and plain text passwords\u003C/a\u003E. A further 27k accounts appeared with home addresses with the entire data set being sold on underground forums.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Comcast.png","DataClasses":["Email addresses","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"COMELEC","Title":"COMELEC (Philippines Voters)","Domain":"comelec.gov.ph","BreachDate":"2016-03-27","AddedDate":"2016-04-14T02:24:32Z","ModifiedDate":"2016-04-14T02:24:32Z","PwnCount":228605,"Description":"In March 2016, \u003Ca href=\u0022http://www.comelec.gov.ph/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Philippines Commission of Elections website\u003C/a\u003E (COMELEC) was \u003Ca href=\u0022http://www.rappler.com/nation/politics/elections/2016/127256-comelec-website-hacked-anonymous-philippines\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked and defaced\u003C/a\u003E, allegedly by Anonymous Philippines. Shortly after, \u003Ca href=\u0022http://www.theregister.co.uk/2016/04/07/philippine_voter_data_breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata on 55 million Filipino voters was leaked publicly\u003C/a\u003E and included sensitive information such as genders, marital statuses, height and weight and biometric fingerprint data. The breach only included 228k email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/COMELEC.png","DataClasses":["Biometric data","Dates of birth","Email addresses","Family members\u0027 names","Genders","Job titles","Marital statuses","Names","Passport numbers","Phone numbers","Physical addresses","Physical attributes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CondoCom","Title":"Condo.com","Domain":"condo.com","BreachDate":"2019-06-01","AddedDate":"2024-07-25T04:12:07Z","ModifiedDate":"2024-07-25T04:12:07Z","PwnCount":1481555,"Description":"In June 2019, now defunct website Condo.com suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The impacted data included 1.5M email addresses alongside names, phone numbers and for a small number of records, physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CondoCom.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Convex","Title":"Convex","Domain":"convex.ru","BreachDate":"2023-02-01","AddedDate":"2023-02-26T06:51:44Z","ModifiedDate":"2023-02-26T06:51:44Z","PwnCount":150129,"Description":"In February 2023, the Russian telecommunications provider \u003Ca href=\u0022https://www.hackread.com/anonymous-data-leak-russia-isp-convex/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EConvex was hacked by \u0026quot;Anonymous\u0026quot; who subsequently released 128GB of data publicly\u003C/a\u003E, alleging it revealed illegal government surveillance. The leaked data contained 150k unique email, IP and physical addresses, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Convex.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CouponMomAndArmorGames","Title":"Coupon Mom / Armor Games","Domain":"","BreachDate":"2014-02-08","AddedDate":"2017-11-09T23:46:52Z","ModifiedDate":"2020-07-21T08:45:24Z","PwnCount":11010525,"Description":"In 2014, a file allegedly containing data hacked from \u003Ca href=\u0022https://www.couponmom.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECoupon Mom\u003C/a\u003E was created and included 11 million email addresses and plain text passwords. On further investigation, the file was also found to contain data indicating it had been sourced from \u003Ca href=\u0022https://armorgames.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EArmor Games\u003C/a\u003E. Subsequent verification with HIBP subscribers confirmed the passwords had previously been used and many subscribers had used either Coupon Mom or Armor Games in the past. On disclosure to both organisations, each found that the data did not represent their entire customer base and possibly includes records from other sources with common subscribers. The breach has subsequently been flagged as \u0026quot;unverified\u0026quot; as the source cannot be emphatically proven. In July 2020, \u003Ca href=\u0022https://www.troyhunt.com/how-beeradvocate-learned-theyd-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data was also found to contain BeerAdvocate accounts sourced from a previously unknown breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CouponMomAndArmorGames.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"db8151dd","Title":"Covve","Domain":"covve.com","BreachDate":"2020-02-20","AddedDate":"2020-05-15T08:06:11Z","ModifiedDate":"2020-05-19T20:25:18Z","PwnCount":22802117,"Description":"In February 2020, \u003Ca href=\u0022https://www.troyhunt.com/the-unattributable-db8151dd-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive trove of personal information referred to as \u0026quot;db8151dd\u0026quot;\u003C/a\u003E was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. Later identified as originating from the Covve contacts app, the exposed data included extensive personal information and interactions between Covve users and their contacts. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Covve.png","DataClasses":["Email addresses","Job titles","Names","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrackCommunity","Title":"Crack Community","Domain":"crackcommunity.com","BreachDate":"2013-09-09","AddedDate":"2015-02-03T06:30:05Z","ModifiedDate":"2015-02-03T06:30:05Z","PwnCount":19210,"Description":"In late 2013, the \u003Ca href=\u0022http://crackcommunity.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECrack Community\u003C/a\u003E forum specialising in cracks for games was compromised and over 19k accounts published online. Built on the MyBB forum platform, the compromised data included email addresses, IP addresses and salted MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrackCommunity.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrackedTO","Title":"Cracked.to","Domain":"cracked.to","BreachDate":"2019-07-21","AddedDate":"2019-08-12T11:18:56Z","ModifiedDate":"2019-08-12T11:18:56Z","PwnCount":749161,"Description":"In July 2019, the hacking website \u003Ca href=\u0022https://cracked.to\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECracked.to\u003C/a\u003E suffered a data breach. There were 749k unique email addresses spread across 321k forum users and other tables in the database. A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrackedTO.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrackingForum","Title":"CrackingForum","Domain":"crackingforum.com","BreachDate":"2016-07-01","AddedDate":"2017-12-10T20:08:30Z","ModifiedDate":"2017-12-10T20:08:30Z","PwnCount":660305,"Description":"In approximately mid-2016, the cracking community forum known as \u003Ca href=\u0022http://crackingforum.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECrackingForum\u003C/a\u003E suffered a data breach. The vBulletin based forum exposed 660k email and IP addresses, usernames and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrackingForum.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CraftRise","Title":"CraftRise","Domain":"craftrise.com.tr","BreachDate":"2022-03-05","AddedDate":"2023-08-08T07:57:30Z","ModifiedDate":"2023-08-08T08:00:39Z","PwnCount":2532527,"Description":"In May 2023, \u003Ca href=\u0022https://memoryhackers.org/konular/craftrise-verileri-sizdirilmis.270536/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a data breach of the Turkish Minecraft server known as CraftRise\u003C/a\u003E. The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords. The newest records indicate the data was obtained in March 2022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CraftRise.png","DataClasses":["Email addresses","Geographic locations","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Creative","Title":"Creative","Domain":"creative.com","BreachDate":"2018-05-01","AddedDate":"2018-06-07T21:00:31Z","ModifiedDate":"2018-06-07T21:00:31Z","PwnCount":483015,"Description":"In May 2018, \u003Ca href=\u0022http://forums.creative.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum for Singaporean hardware company Creative Technology\u003C/a\u003E suffered a data breach which resulted in the disclosure of 483k unique email addresses. Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes. After being notified of the incident, Creative permanently shut down the forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Creative.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrimeAgencyVBulletin","Title":"CrimeAgency vBulletin Hacks","Domain":"","BreachDate":"2017-01-19","AddedDate":"2017-03-21T03:12:40Z","ModifiedDate":"2017-03-21T03:12:40Z","PwnCount":942044,"Description":"In January 2016, \u003Ca href=\u0022http://news.softpedia.com/news/vbulletin-hack-exposes-820-000-accounts-from-126-forums-513416.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large number of unpatched vBulletin forums were compromised by an actor known as \u0026quot;CrimeAgency\u0026quot;\u003C/a\u003E. A total of 140 forums had data including usernames, email addresses and passwords (predominantly stored as salted MD5 hashes), extracted and then distributed. Refer to \u003Ca href=\u0022https://troyhunt.com/i-just-added-another-140-data-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe complete list of the forums\u003C/a\u003E for further information on which sites were impacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrimeAgencyVBulletin.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CrossFire","Title":"Cross Fire","Domain":"cfire.mail.ru","BreachDate":"2016-08-08","AddedDate":"2016-12-28T00:29:28Z","ModifiedDate":"2016-12-28T00:29:28Z","PwnCount":12865609,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/over-25-million-accounts-stolen-after-mail-ru-forums-raided-by-hackers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked\u003C/a\u003E along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CrossFire.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CTARS","Title":"CTARS","Domain":"ctars.com.au","BreachDate":"2021-05-21","AddedDate":"2022-05-31T22:58:15Z","ModifiedDate":"2022-05-31T23:02:54Z","PwnCount":12314,"Description":"In May 2022, the client management system for the Australian government\u0027s NDIS (National Disability Insurance Scheme) \u003Ca href=\u0022https://ctars.com.au/ctars-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach which was subsequently posted to an online hacking forum\u003C/a\u003E. The CTARS cloud platform is used by care providers to record information about NDIS participants and often contains sensitive medical information. Impacted data includes over 12k unique email addresses, physical addresses, names, dates of birth, phone numbers and data related to patient conditions and treatments.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CTARS.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Personal health data","Phone numbers","Physical addresses","Salutations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CutoutPro","Title":"Cutout.Pro","Domain":"cutout.pro","BreachDate":"2024-02-26","AddedDate":"2024-02-28T22:16:27Z","ModifiedDate":"2024-02-28T22:16:27Z","PwnCount":19972829,"Description":"In February 2024, the AI-powered visual design platform \u003Ca href=\u0022https://twitter.com/H4ckManac/status/1762387053889675658\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECutout.Pro suffered a data breach that exposed 20M records\u003C/a\u003E. The data included email and IP addresses, names and salted MD5 password hashes which were subsequently broadly distributed on a popular hacking forum and Telegram channels.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CutoutPro.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CyberServe","Title":"CyberServe","Domain":"cyberserve.co.il","BreachDate":"2021-10-29","AddedDate":"2021-11-04T09:58:03Z","ModifiedDate":"2021-11-04T10:28:56Z","PwnCount":1107034,"Description":"In October 2021, the Israeli hosting provider \u003Ca href=\u0022https://www.timesofisrael.com/black-shadow-hackers-leak-medical-records-of-290000-israeli-patients/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECyberServe was breached and ransomed before having a substantial amount of their customer data leaked publicly by a group known as \u0026quot;Black Shadow\u0026quot;\u003C/a\u003E. Amongst the data was the LGBTQ dating site Atraf and the Machon Mor medical institute. Due to multiple different sites being compromised, the impacted data is broad and ranges from relationship information to medical data to email addresses and passwords stored in plain text. The data was made available to HIBP with support from May Brooks-Kempler, founder of \u003Ca href=\u0022https://www.facebook.com/groups/Think.Safe.Cyber/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Think Safe Cyber community in Israel\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/CyberServe.png","DataClasses":["Dates of birth","Drinking habits","Email addresses","Family structure","Genders","Geographic locations","HIV statuses","IP addresses","Names","Passwords","Personal health data","Phone numbers","Physical attributes","Private messages","Profile photos","Religions","Sexual orientations","Smoking habits","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"D3scene","Title":"D3Scene","Domain":"d3scene.com","BreachDate":"2016-01-01","AddedDate":"2019-06-15T15:19:11Z","ModifiedDate":"2019-06-15T15:19:11Z","PwnCount":568827,"Description":"In January 2016, the gaming website D3Scene, suffered a data breach. The compromised vBulletin forum exposed 569k million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/D3scene.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DaFont","Title":"DaFont","Domain":"dafont.com","BreachDate":"2017-05-16","AddedDate":"2017-05-18T20:05:28Z","ModifiedDate":"2017-05-18T20:05:28Z","PwnCount":637340,"Description":"In May 2017, \u003Ca href=\u0022http://www.zdnet.com/article/font-sharing-site-dafont-hacked-thousands-of-accounts-stolen/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Efont sharing site DaFont suffered a data breach\u003C/a\u003E resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DaFont.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DailyQuiz","Title":"Daily Quiz","Domain":"dailyquiz.me","BreachDate":"2021-01-13","AddedDate":"2021-05-21T05:15:39Z","ModifiedDate":"2021-05-21T11:44:38Z","PwnCount":8032404,"Description":"In January 2021, the quiz website \u003Ca href=\u0022https://dailyquiz.me/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDaily Quiz\u003C/a\u003E suffered a data breach that exposed over 8 million unique email addresses. The data also included usernames, IP addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DailyQuiz.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dailymotion","Title":"Dailymotion","Domain":"dailymotion.com","BreachDate":"2016-10-20","AddedDate":"2017-08-07T02:51:12Z","ModifiedDate":"2017-08-07T02:51:12Z","PwnCount":85176234,"Description":"In October 2016, the video sharing platform \u003Ca href=\u0022http://thehackernews.com/2016/12/dailymotion-video-hacked.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDailymotion suffered a data breach\u003C/a\u003E. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dailymotion.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DailyObjects","Title":"DailyObjects","Domain":"dailyobjects.com","BreachDate":"2018-01-01","AddedDate":"2020-01-28T10:50:00Z","ModifiedDate":"2020-01-28T10:50:00Z","PwnCount":464260,"Description":"In approximately January 2018, a collection of more than 464k customer records from the Indian online retailer \u003Ca href=\u0022https://www.dailyobjects.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDailyObjects\u003C/a\u003E were leaked online. The data included names, physical and email addresses, phone numbers and \u0026quot;pincodes\u0026quot; stored in plain text. After multiple attempts to contact them, DailyObjects responded and received a copy of the data for verification, however failed to respond to multiple contact attempts following that.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DailyObjects.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dangdang","Title":"Dangdang","Domain":"dangdang.com","BreachDate":"2011-06-01","AddedDate":"2019-01-10T11:15:51Z","ModifiedDate":"2019-01-10T11:24:06Z","PwnCount":4848734,"Description":"In 2011, the Chinese e-commerce site \u003Ca href=\u0022https://www.marbridgeconsulting.com/marbridgedaily/2011-12-29/article/52564/rumor_dangdang_alipay_suffer_data_breaches\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDangdang suffered a data breach\u003C/a\u003E. The incident exposed over 4.8 million unique email addresses which were subsequently traded online over the ensuing years.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dangdang.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DaniWeb","Title":"DaniWeb","Domain":"daniweb.com","BreachDate":"2015-12-01","AddedDate":"2016-12-28T23:12:16Z","ModifiedDate":"2016-12-28T23:12:16Z","PwnCount":1131636,"Description":"In late 2015, the technology and social site \u003Ca href=\u0022https://www.daniweb.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDaniWeb\u003C/a\u003E suffered a data breach. The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords. However, DaniWeb have advised that \u0026quot;the breached password hashes and salts are incorrect\u0026quot; and that they have since switched to new infrastructure and software.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DaniWeb.png","DataClasses":["Email addresses","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DataAndLeads","Title":"Data \u0026 Leads","Domain":"datanleads.com","BreachDate":"2018-11-14","AddedDate":"2018-11-28T19:32:19Z","ModifiedDate":"2018-11-28T19:32:19Z","PwnCount":44320330,"Description":"In November 2018, \u003Ca href=\u0022https://blog.hackenproof.com/industry-news/new-data-breach-exposes-57-million-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified an unprotected database believed to be hosted by a data aggregator\u003C/a\u003E. Upon further investigation, the data was linked to marketing company \u003Ca href=\u0022http://web.archive.org/web/20180925092401/https://www.datanleads.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EData \u0026amp; Leads\u003C/a\u003E. The exposed Elasticsearch instance contained over 44M unique email addresses along with names, IP and physical addresses, phone numbers and employment information. No response was received from Data \u0026amp; Leads when contacted by Bob and their site subsequently went offline.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PDL","Title":"Data Enrichment Exposure From PDL Customer","Domain":"","BreachDate":"2019-10-16","AddedDate":"2019-11-22T20:13:04Z","ModifiedDate":"2019-11-22T20:13:04Z","PwnCount":622161052,"Description":"In October 2019, \u003Ca href=\u0022https://www.troyhunt.com/data-enrichment-people-data-labs-and-another-622m-email-addresses\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researchers Vinny Troia and Bob Diachenko identified an unprotected Elasticsearch server holding 1.2 billion records of personal data\u003C/a\u003E. The exposed data included an index indicating it was sourced from data enrichment company People Data Labs (PDL) and contained 622 million unique email addresses. The server was not owned by PDL and it\u0027s believed a customer failed to properly secure the database. Exposed information included email addresses, phone numbers, social media profiles and job history data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","Geographic locations","Job titles","Names","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DataEnrichment","Title":"Data Enrichment Records","Domain":"","BreachDate":"2016-12-23","AddedDate":"2017-06-08T16:23:07Z","ModifiedDate":"2017-06-08T16:23:07Z","PwnCount":8176132,"Description":"In December 2016, \u003Ca href=\u0022http://www.csoonline.com/article/3149713/security/data-enrichment-records-for-200-million-people-up-for-sale-on-the-darknet.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emore than 200 million \u0026quot;data enrichment profiles\u0026quot; were found for sale on the darknet\u003C/a\u003E. The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other legitimate locations. In total, there were more than 8 million unique email addresses in the data which also contained a raft of other personal attributes including credit ratings, home ownership status, family structure and other fields described in the story linked to above. The email addresses alone were provided to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Buying preferences","Charitable donations","Credit status information","Dates of birth","Email addresses","Family structure","Financial investments","Home ownership statuses","Income levels","Job titles","Marital statuses","Names","Net worths","Phone numbers","Physical addresses","Political donations"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DataCamp","Title":"DataCamp","Domain":"datacamp.com","BreachDate":"2017-01-30","AddedDate":"2019-04-09T04:29:55Z","ModifiedDate":"2019-04-09T21:12:53Z","PwnCount":760561,"Description":"In December 2018, the data science website \u003Ca href=\u0022https://support.datacamp.com/hc/en-us/articles/360017716074-DataCamp-Security-Update-Frequently-Asked-Questions\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDataCamp suffered a data breach\u003C/a\u003E of records dating back to January 2017. The incident exposed 760k unique email and IP addresses along with names and passwords stored as bcrypt hashes. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DataCamp.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DateHotBrunettes","Title":"Date Hot Brunettes","Domain":"datehotbrunettes.com","BreachDate":"2021-01-12","AddedDate":"2024-07-04T05:08:43Z","ModifiedDate":"2024-07-04T05:08:43Z","PwnCount":1494078,"Description":"In January 2021, the now defunct website Date Hot Brunettes which provided a service to \u0026quot;Date Neglected Women Who Can Keep a Secret\u0026quot;, suffered a data breach. The incident exposed 1.5M unique email addresses along with IP addresses, usernames, user-entered bios and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DateHotBrunettes.png","DataClasses":["Bios","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DatPiff","Title":"DatPiff","Domain":"datpiff.com","BreachDate":"2021-08-25","AddedDate":"2022-01-04T07:42:27Z","ModifiedDate":"2022-01-04T07:42:27Z","PwnCount":7476940,"Description":"In late 2021, \u003Ca href=\u0022https://www.numerama.com/cyberguerre/784965-la-plateforme-de-rap-datpiff-piratee-les-mots-de-passe-dans-la-nature.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eemail address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum\u003C/a\u003E. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M email addresses and cracked password pairs. The original data source allegedly contained usernames, security questions and answers and passwords stored as MD5 hashes with a static salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DatPiff.png","DataClasses":["Email addresses","Passwords","Security questions and answers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dave","Title":"Dave","Domain":"dave.com","BreachDate":"2020-06-28","AddedDate":"2020-07-27T02:38:41Z","ModifiedDate":"2020-07-27T02:38:41Z","PwnCount":2964182,"Description":"In June 2020, the digital banking app \u003Ca href=\u0022https://www.zdnet.com/article/tech-unicorn-dave-admits-to-security-breach-impacting-7-5-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDave suffered a data breach\u003C/a\u003E which exposed 7.5 million rows of data and subsequently appeared for public download on a hacking forum. The breach exposed extensive personal information including almost 3 million unique email addresses alongside names, dates of birth, encrypted social security numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dave.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"dBforums","Title":"dBforums","Domain":"dbforums.com","BreachDate":"2016-07-04","AddedDate":"2023-09-20T07:26:28Z","ModifiedDate":"2023-09-20T07:26:28Z","PwnCount":363468,"Description":"In July 2016, \u003Ca href=\u0022https://www.vice.com/en/article/78kwwe/hackers-allegedly-steal-14m-passwords-from-mac-forums-web-hosting-talk\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach of the now defunct database forum \u0026quot;dBforums\u0026quot; appeared for sale alongside several others hacked from the parent company, Penton\u003C/a\u003E. The breach of the vBulletin based forum contained 363k unique email addresses alongside usernames, IP addresses, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/dBforums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DCHealth","Title":"DC Health Link","Domain":"dchealthlink.com","BreachDate":"2023-03-06","AddedDate":"2023-12-14T19:11:43Z","ModifiedDate":"2023-12-14T23:34:44Z","PwnCount":48145,"Description":"In March 2023, \u003Ca href=\u0022https://cyberscoop.com/dc-health-link-breach-russia-hacker-congress/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDC Health Link discovered a data breach\u003C/a\u003E that was later publicly posted to a popular data breach forum. The impacted data included 48k unique email addresses alongside names, genders, dates of birth, home addresses, phone numbers and social security numbers. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;Aegis\u0026quot; and \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DCHealth.png","DataClasses":["Citizenship statuses","Dates of birth","Email addresses","Employers","Ethnicities","Genders","Names","Phone numbers","Physical addresses","Purchases","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Deezer","Title":"Deezer","Domain":"deezer.com","BreachDate":"2019-04-22","AddedDate":"2023-01-02T03:10:50Z","ModifiedDate":"2023-01-02T03:10:50Z","PwnCount":229037936,"Description":"In late 2022, the music streaming service \u003Ca href=\u0022https://restoreprivacy.com/music-service-deezer-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDeezer disclosed a data breach that impacted over 240M customers\u003C/a\u003E. The breach dated back to a mid-2019 backup exposed by a 3rd party partner which was subsequently sold and then broadly redistributed on a popular hacking forum. Impacted data included 229M unique email addresses, IP addresses, names, usernames, genders, DoBs and the geographic location of the customer.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Deezer.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DemandScience","Title":"DemandScience by Pure Incubation","Domain":"demandscience.com","BreachDate":"2024-02-28","AddedDate":"2024-11-13T09:53:35Z","ModifiedDate":"2024-11-13T10:00:34Z","PwnCount":121796165,"Description":"In early 2024, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-demandscience-by-pure-incubation-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large corpus of data from DemandScience (a company owned by Pure Incubation), appeared for sale on a popular hacking forum\u003C/a\u003E. Later attributed to a leak from a decommissioned legacy system, the breach contained extensive data that was largely business contact information aggregated from public sources. Specifically, the data included 122M unique corporate email addresses, physical addresses, phone numbers, employers and job titles. It also included names and for many individuals, a link to their LinkedIn profile.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DemandScience.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DemonForums","Title":"Demon Forums","Domain":"demonforums.net","BreachDate":"2019-02-20","AddedDate":"2019-04-04T07:14:34Z","ModifiedDate":"2019-04-04T07:14:34Z","PwnCount":52623,"Description":"In February 2019, the hacking forum \u003Ca href=\u0022https://demonforums.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDemon Forums\u003C/a\u003E suffered a data breach. The compromise of the vBulletin forum exposed 52k unique email addresses alongside usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DemonForums.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DennisKirk","Title":"Dennis Kirk","Domain":"denniskirk.com","BreachDate":"2021-09-04","AddedDate":"2024-11-05T22:11:58Z","ModifiedDate":"2024-11-06T04:39:38Z","PwnCount":1356026,"Description":"In October 2024, almost 20GB of data containing 1.3M unique email addresses from motorcycle supplies store Dennis Kirk was circulated. Dating back to September 2021, the data also contained purchases from the online store along with customer names, phone numbers and postcodes. Dennis Kirk did not respond to multiple attempts to make contact about the breach. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker, almighty444 \u0026 EnergyWeaponUser\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DennisKirk.png","DataClasses":["Email addresses","Geographic locations","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Descomplica","Title":"Descomplica","Domain":"descomplica.com.br","BreachDate":"2021-03-14","AddedDate":"2021-04-28T08:37:04Z","ModifiedDate":"2021-04-28T08:37:04Z","PwnCount":4845378,"Description":"In March 2021, the Brazilian EdTech company \u003Ca href=\u0022https://atendimento.descomplica.com.br/hc/pt-br/articles/1500003993042-FAQ-Ataque-cibern%C3%A9tico-14-03\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDescomplica suffered a data breach\u003C/a\u003E which was subsequently posted to a popular hacking forum. The data included almost 5 million email addresses, names, the first 6 and last 4 digits and the expiry date of credit cards, purchase histories and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Descomplica.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DevilTorrents","Title":"Devil-Torrents.pl","Domain":"devil-torrents.pl","BreachDate":"2021-01-04","AddedDate":"2022-05-01T23:56:34Z","ModifiedDate":"2022-05-01T23:56:34Z","PwnCount":63451,"Description":"In early 2021, the Polish torrents website Devil-Torrents.pl suffered a data breach. A subset of the data including 63k unique email addresses and cracked passwords were subsequently socialised on a popular data breach sharing service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DevilTorrents.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"devkitPro","Title":"devkitPro","Domain":"devkitpro.org","BreachDate":"2019-02-03","AddedDate":"2019-02-11T07:21:44Z","ModifiedDate":"2019-02-11T07:21:44Z","PwnCount":1508,"Description":"In February 2019, \u003Ca href=\u0022https://devkitpro.org/viewtopic.php?f=13\u0026t=8846\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe devkitPro forum suffered a data breach\u003C/a\u003E. The phpBB based forum had 1,508 unique email addresses exposed in the breach alongside forum posts, private messages and passwords stored as weak salted hashes. The data breach was self-submitted to HIBP by the forum operator.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/devkitPro.png","DataClasses":["Email addresses","Passwords","Private messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DietCom","Title":"diet.com","Domain":"diet.com","BreachDate":"2014-08-10","AddedDate":"2017-10-13T21:37:10Z","ModifiedDate":"2017-10-13T21:37:10Z","PwnCount":1383759,"Description":"In August 2014, the diet and nutrition website \u003Ca href=\u0022https://diet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ediet.com\u003C/a\u003E suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DietCom.png","DataClasses":["Dates of birth","Eating habits","Email addresses","IP addresses","Names","Passwords","Physical attributes","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"digiDirect","Title":"digiDirect","Domain":"digidirect.com.au","BreachDate":"2024-09-29","AddedDate":"2024-10-25T02:01:08Z","ModifiedDate":"2024-10-25T02:01:08Z","PwnCount":304337,"Description":"In September 2024, \u003Ca href=\u0022https://www.theregister.com/2024/10/01/australian_digidirect_info_leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach sourced from the Australian retailer digiDirect was published to a popular hacking forum\u003C/a\u003E. The breach exposed over 300k rows of data including email and physical address, name, phone number and date of birth. Approximately half the email addresses were on domains from external marketplaces including Amazon, eBay and Westfield.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/digiDirect.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Digimon","Title":"Digimon","Domain":"digimon.co.in","BreachDate":"2016-09-05","AddedDate":"2018-09-28T01:34:56Z","ModifiedDate":"2018-09-28T01:34:56Z","PwnCount":7687679,"Description":"In September 2016, over 16GB of logs from a service indicated to be digimon.co.in were obtained, most likely from an unprotected Mongo DB instance. The service ceased running shortly afterwards and no information remains about the precise nature of it. Based on \u003Ca href=\u0022https://twitter.com/troyhunt/status/1045178309926051840\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eenquiries made via Twitter\u003C/a\u003E, it appears to have been a mail service possibly based on PowerMTA and used for delivering spam. The logs contained information including 7.7M unique email recipients (names and addresses), mail server IP addresses, email subjects and tracking information including mail opens and clicks.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Email messages","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Disqus","Title":"Disqus","Domain":"disqus.com","BreachDate":"2012-07-01","AddedDate":"2017-10-06T23:03:51Z","ModifiedDate":"2017-10-06T23:03:51Z","PwnCount":17551044,"Description":"In October 2017, the blog commenting service \u003Ca href=\u0022https://blog.disqus.com/security-alert-user-info-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDisqus announced they\u0027d suffered a data breach\u003C/a\u003E. The breach dated back to July 2012 but wasn\u0027t identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Disqus.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DivXSubTitles","Title":"DivX SubTitles","Domain":"divxsubtitles.net","BreachDate":"2010-01-01","AddedDate":"2022-06-14T02:57:46Z","ModifiedDate":"2022-06-14T04:55:40Z","PwnCount":783058,"Description":"In approximately 2010, the now defunct website DivX SubTitles suffered a data breach that exposed 783k user accounts including email addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DivXSubTitles.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DLH","Title":"DLH.net","Domain":"dlh.net","BreachDate":"2016-07-31","AddedDate":"2016-09-07T13:29:25Z","ModifiedDate":"2016-09-07T13:29:25Z","PwnCount":3264710,"Description":"In July 2016, the gaming news site \u003Ca href=\u0022http://www.zdnet.com/article/millions-of-steam-game-keys-stolen-after-site-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDLH.net suffered a data breach\u003C/a\u003E which exposed 3.3M subscriber identities. Along with the keys used to redeem and activate games on the Steam platform, the breach also resulted in the exposure of email addresses, birth dates and salted MD5 password hashes. The data was donated to Have I Been Pwned by data breach monitoring service \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DLH.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dodonew","Title":"Dodonew.com","Domain":"dodonew.com","BreachDate":"2011-12-01","AddedDate":"2016-11-10T00:26:01Z","ModifiedDate":"2016-11-10T00:26:01Z","PwnCount":8718404,"Description":"In late 2011, data was allegedly obtained from the Chinese website known as \u003Ca href=\u0022http://dodonew.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDodonew.com\u003C/a\u003E and contained 8.7M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and user names. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dodonew.png","DataClasses":["Email addresses","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dominos","Title":"Domino\u0027s","Domain":"pizza.dominos.be","BreachDate":"2014-06-13","AddedDate":"2015-01-04T03:03:34Z","ModifiedDate":"2015-01-04T03:03:34Z","PwnCount":648231,"Description":"In June 2014, \u003Ca href=\u0022http://www.welivesecurity.com/2014/06/16/dominos-pizza-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDomino\u0027s Pizza in France and Belgium was hacked\u003C/a\u003E by a group going by the name \u0026quot;Rex Mundi\u0026quot; and their customer data held to ransom. Domino\u0027s refused to pay the ransom and six months later, the attackers \u003Ca href=\u0022http://cyberintelligence.in/rex-mundi-hackers-leaked-data-dominos-accord-easypay/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereleased the data\u003C/a\u003E along with troves of other hacked accounts. Amongst the customer data was passwords stored with a weak MD5 hashing algorithm and no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dominos.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DominosIndia","Title":"Domino\u0027s India","Domain":"dominos.co.in","BreachDate":"2021-03-24","AddedDate":"2021-06-03T02:18:39Z","ModifiedDate":"2021-06-20T03:20:56Z","PwnCount":22527655,"Description":"In April 2021, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/dominos-india-discloses-data-breach-after-hackers-sell-data-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E13TB of compromised Domino\u0027s India appeared for sale on a hacking forum\u003C/a\u003E after which the company acknowledged a major data breach they dated back to March. The compromised data included 22.5 million unique email addresses, names, phone numbers, order histories and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dominos.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Doomworld","Title":"Doomworld","Domain":"doomworld.com","BreachDate":"2022-10-12","AddedDate":"2022-10-24T06:10:24Z","ModifiedDate":"2022-10-24T06:10:24Z","PwnCount":34478,"Description":"In October 2022, \u003Ca href=\u0022https://www.doomworld.com/announcement/4-doomworld-probably-got-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Doomworld fourm suffered a data breach\u003C/a\u003E that exposed 34k member records. The data included email and IP addresses, usernames and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Doomworld.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DoorDash","Title":"DoorDash","Domain":"doordash.com","BreachDate":"2022-08-02","AddedDate":"2023-01-07T03:59:32Z","ModifiedDate":"2023-01-07T03:59:32Z","PwnCount":367476,"Description":"In August 2022, the food ordering and delivery service \u003Ca href=\u0022https://mashable.com/article/doordash-hack-customer-details-exposed\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDoorDash disclosed a data breach that impacted a portion of their customers\u003C/a\u003E. DoorDash attributed the breach to an unnamed \u0026quot;third-party vendor\u0026quot; they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DoorDash.png","DataClasses":["Email addresses","Geographic locations","Names","Partial credit card data"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dota2","Title":"Dota2","Domain":"dev.dota2.com","BreachDate":"2016-07-10","AddedDate":"2024-05-23T06:44:21Z","ModifiedDate":"2024-05-23T06:44:21Z","PwnCount":1907205,"Description":"In July 2016, \u003Ca href=\u0022https://news.softpedia.com/news/data-of-nearly-2-million-users-exposed-in-dota2-forum-hack-507162.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Dota2 official developers forum suffered a data breach that exposed almost 2 million users\u003C/a\u003E. The hack of the vBulletin forum led to the disclosure of email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dota2.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Doxbin","Title":"Doxbin","Domain":"doxbin.com","BreachDate":"2022-01-05","AddedDate":"2022-01-08T05:51:48Z","ModifiedDate":"2022-01-09T06:23:56Z","PwnCount":370794,"Description":"In January 2022, the \u0026quot;doxing\u0026quot; website designed to disclose the personal information of targeted individuals (\u0026quot;doxes\u0026quot;) \u003Ca href=\u0022https://www.flashpoint-intel.com/blog/doxbin-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDoxbin suffered a data breach\u003C/a\u003E. The breach was subsequently leaked online and included over 370k unique email addresses across user accounts and doxes. User accounts also included usernames, password hashes and browser user agents. The personal information disclosed in the doxes was often extensive including names, physical addresses, phone numbers and more.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Doxbin.png","DataClasses":["Browser user agent details","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DriveSure","Title":"DriveSure","Domain":"drivesure.com","BreachDate":"2020-12-19","AddedDate":"2021-05-10T08:02:29Z","ModifiedDate":"2021-05-10T08:02:29Z","PwnCount":3675099,"Description":"In December 2020, the car dealership service provider \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/02/01/personal-data-of-3-million-people-exposed-in-drivesure-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDriveSure suffered a data breach\u003C/a\u003E. The incident resulted in 26GB of data being downloaded and later shared on a hacking forum. Impacted personal information included 3.6 million unique email addresses, names, phone numbers and physical addresses. Vehicle data was also exposed and included makes, models, VIN numbers and odometer readings. A small number of passwords stored as bcrypt hashes were also included in the data set.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DriveSure.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Drizly","Title":"Drizly","Domain":"drizly.com","BreachDate":"2020-07-02","AddedDate":"2020-07-28T21:45:05Z","ModifiedDate":"2020-07-28T21:45:05Z","PwnCount":2479044,"Description":"In approximately July 2020, the US-based online alcohol delivery service \u003Ca href=\u0022https://techcrunch.com/2020/07/28/drizly-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDrizly suffered a data breach\u003C/a\u003E. The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses alongside names, physical and IP addresses, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Drizly.png","DataClasses":["Dates of birth","Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dropbox","Title":"Dropbox","Domain":"dropbox.com","BreachDate":"2012-07-01","AddedDate":"2016-08-31T00:19:19Z","ModifiedDate":"2016-08-31T00:19:19Z","PwnCount":68648009,"Description":"In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, \u003Ca href=\u0022https://motherboard.vice.com/read/dropbox-forces-password-resets-after-user-credentials-exposed\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethey forced password resets for customers they believed may be at risk\u003C/a\u003E. A large volume of data totalling over 68 million records \u003Ca href=\u0022https://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas subsequently traded online\u003C/a\u003E and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dropbox.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dubsmash","Title":"Dubsmash","Domain":"dubsmash.com","BreachDate":"2018-12-01","AddedDate":"2019-02-25T08:35:58Z","ModifiedDate":"2019-02-25T08:35:58Z","PwnCount":161749950,"Description":"In December 2018, the video messaging service \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDubsmash suffered a data breach\u003C/a\u003E. The incident exposed 162 million unique email addresses alongside usernames and PBKDF2 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dubsmash.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DucksUnlimited","Title":"Ducks Unlimited","Domain":"ducks.org","BreachDate":"2021-01-29","AddedDate":"2021-11-16T01:24:35Z","ModifiedDate":"2021-11-16T05:39:28Z","PwnCount":1324364,"Description":"In mid-2021, \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/06/14/dark-web-roundup-may-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERisk Based Security reported on a database sourced from Ducks Unlimited being traded online\u003C/a\u003E. The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website users. Impacted data included names, phones numbers, physical addresses, dates of birth and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DucksUnlimited.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DuelingNetwork","Title":"Dueling Network","Domain":"duelingnetwork.com","BreachDate":"2017-03-29","AddedDate":"2020-03-30T00:44:49Z","ModifiedDate":"2020-03-31T07:18:51Z","PwnCount":6486626,"Description":"In March 2017, the Flash game based on the Yu-Gi-Oh trading card game \u003Ca href=\u0022https://www.vice.com/amp/en_us/article/783dkz/hacker-steals-millions-of-accounts-from-yu-gi-oh-fan-project-dueling-network\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDueling Network suffered a data breach\u003C/a\u003E. The site itself was taken offline in 2016 due to a cease-and-desist order but the forum remained online for another year. The data breach exposed usernames, IP and email addresses and passwords stored as MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;burger vault\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DuelingNetwork.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DDO","Title":"Dungeons \u0026 Dragons Online","Domain":"ddo.com","BreachDate":"2013-04-02","AddedDate":"2016-03-12T10:59:56Z","ModifiedDate":"2016-03-12T10:59:56Z","PwnCount":1580933,"Description":"In April 2013, the interactive video game \u003Ca href=\u0022https://www.ddo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDungeons \u0026amp; Dragons Online\u003C/a\u003E suffered a data breach that exposed almost 1.6M players\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DDO.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dunzo","Title":"Dunzo","Domain":"dunzo.com","BreachDate":"2020-06-19","AddedDate":"2020-07-29T04:38:23Z","ModifiedDate":"2020-07-29T04:38:23Z","PwnCount":3465259,"Description":"In approximately June 2019, the Indian delivery service \u003Ca href=\u0022https://www.thenewsminute.com/article/dunzo-suffers-data-breach-launches-internal-investigation-128415\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDunzo suffered a data breach\u003C/a\u003E. Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking forum. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dunzo.png","DataClasses":["Device information","Email addresses","Geographic locations","IP addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Duolingo","Title":"Duolingo","Domain":"duolingo.com","BreachDate":"2023-01-24","AddedDate":"2023-08-23T04:31:08Z","ModifiedDate":"2023-08-23T04:31:08Z","PwnCount":2676696,"Description":"In August 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/scraped-data-of-26-million-duolingo-users-released-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum\u003C/a\u003E. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Duolingo.png","DataClasses":["Email addresses","Names","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Duowan","Title":"Duowan.com","Domain":"duowan.com","BreachDate":"2011-01-01","AddedDate":"2016-11-07T12:53:19Z","ModifiedDate":"2016-11-07T12:53:19Z","PwnCount":2639894,"Description":"In approximately 2011, data was allegedly obtained from the Chinese gaming website known as \u003Ca href=\u0022http://www.duowan.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDuowan.com\u003C/a\u003E and contained 2.6M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses, user names and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Duowan.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DVDShopCH","Title":"dvd-shop.ch","Domain":"dvd-shop.ch","BreachDate":"2017-12-05","AddedDate":"2017-12-10T04:58:09Z","ModifiedDate":"2017-12-10T04:58:09Z","PwnCount":67973,"Description":"In December 2017, the online Swiss DVD store known as \u003Ca href=\u0022https://www.melani.admin.ch/melani/de/home/dokumentation/newsletter/passwoerter-von-70000-e-mail-konten-im-umlauf.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edvd-shop.ch suffered a data breach\u003C/a\u003E. The incident led to the exposure of 68k email addresses and plain text passwords. The site has since been updated to indicate that it is currently closed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DVDShopCH.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Dymocks","Title":"Dymocks","Domain":"dymocks.com.au","BreachDate":"2023-06-20","AddedDate":"2023-09-08T07:35:22Z","ModifiedDate":"2023-09-08T07:46:30Z","PwnCount":836120,"Description":"In September 2023, the Australian book retailer \u003Ca href=\u0022https://www.abc.net.au/news/2023-09-08/dymocks-warns-customers-after-information-leaked-to-dark-web/102833430\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EDymocks announced a data breach\u003C/a\u003E. The data dated back to June 2023 and contained 1.2M records with 836k unique email addresses. The breach also exposed names, dates of birth, genders, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Dymocks.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Earth2","Title":"Earth 2","Domain":"earth2.io","BreachDate":"2024-10-16","AddedDate":"2024-11-07T04:49:02Z","ModifiedDate":"2024-11-07T04:49:02Z","PwnCount":420961,"Description":"In October 2024, 421k unique email addresses from the virtual earth game Earth 2 were derived from embedded Gravatar images. Appearing alongside player usernames, the root cause was related to how Gravatar presents links to avatars as MD5 hashes within consuming services, a feature Earth 2 advised has now been disabled on their platform. This incident did not expose any further personal information, passwords or financial data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Earth2.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eatigo","Title":"Eatigo","Domain":"eatigo.com","BreachDate":"2018-10-16","AddedDate":"2021-08-25T03:42:31Z","ModifiedDate":"2021-08-25T03:42:31Z","PwnCount":2789609,"Description":"In October 2018, the restaurant reservation service \u003Ca href=\u0022https://www.channelnewsasia.com/singapore/eatigo-data-breach-personal-information-millions-account-1307916\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEatigo suffered a data breach that exposed 2.8 million accounts\u003C/a\u003E. The data included email addresses, names, phone numbers, social media profiles, genders and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eatigo.png","DataClasses":["Email addresses","Genders","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EatStreet","Title":"EatStreet","Domain":"eatstreet.com","BreachDate":"2019-05-03","AddedDate":"2019-07-19T11:29:35Z","ModifiedDate":"2019-07-19T11:29:35Z","PwnCount":6353564,"Description":"In May 2019, the online food ordering service \u003Ca href=\u0022https://www.zdnet.com/article/eatstreet-food-ordering-service-discloses-security-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEatStreet suffered a data breach affecting 6.4 million customers\u003C/a\u003E. An extensive amount of personal data was obtained including names, phone numbers, addresses, partial credit card data and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EatStreet.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ECCIE","Title":"ECCIE","Domain":"eccie.net","BreachDate":"2021-07-01","AddedDate":"2023-08-21T23:19:18Z","ModifiedDate":"2023-08-21T23:19:18Z","PwnCount":536923,"Description":"In January 2021, the adult escort forum \u003Ca href=\u0022https://www.eccie.net/showthread.php?p=1062479958\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EECCIE suffered a data breach\u003C/a\u003E which was later posted to a popular hacking forum. The data included 536k user records with email and IP addresses, usernames, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ECCIE.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Edmodo","Title":"Edmodo","Domain":"edmodo.com","BreachDate":"2017-05-11","AddedDate":"2017-06-01T05:59:24Z","ModifiedDate":"2017-06-01T05:59:24Z","PwnCount":43423561,"Description":"In May 2017, the education platform \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/hacker-steals-millions-of-user-account-details-from-education-platform-edmodo\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEdmodo was hacked\u003C/a\u003E resulting in the exposure of 77 million records comprised of over 43 million unique customer email addresses. The data was consequently published to a popular hacking forum and made freely available. The records in the breach included usernames, email addresses and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Edmodo.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Elance","Title":"Elance","Domain":"elance.com","BreachDate":"2009-01-01","AddedDate":"2017-02-18T02:54:48Z","ModifiedDate":"2017-02-18T02:54:48Z","PwnCount":1291178,"Description":"Sometime in 2009, staffing platform \u003Ca href=\u0022http://www.ibtimes.co.uk/elance-data-breach-hacker-leaks-1-3-million-accounts-staffing-platform-1605368\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EElance suffered a data breach that impacted 1.3 million accounts\u003C/a\u003E. Appearing online 8 years later, the data contained usernames, email addresses, phone numbers and SHA1 hashes of passwords, amongst other personal data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Elance.png","DataClasses":["Email addresses","Employers","Geographic locations","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Elanic","Title":"Elanic","Domain":"elanic.in","BreachDate":"2018-01-01","AddedDate":"2020-05-04T23:25:28Z","ModifiedDate":"2020-05-04T23:25:28Z","PwnCount":2325283,"Description":"In January 2020, the Indian fashion marketplace \u003Ca href=\u0022https://elanic.in/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EElanic\u003C/a\u003E had 2.8M records with 2.3M unique email addresses posted publicly to a popular hacking forum. Elanic confirmed that they had \u0026quot;verified the data and it was pulled from one of our test servers where this data was exposed publicly\u0026quot; and that the data was \u0026quot;old\u0026quot; (the hacking forum reported it as being from 2016-2018). When asked about disclosure to impacted customers, Elanic advised that they had \u0026quot;decided to not have as such any communication and public disclosure\u0026quot;. ","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Elanic.png","DataClasses":["Email addresses","Geographic locations","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ElasticsearchSalesLeads","Title":"Elasticsearch Instance of Sales Leads on AWS","Domain":"","BreachDate":"2018-10-29","AddedDate":"2018-11-17T09:04:54Z","ModifiedDate":"2018-11-18T03:30:53Z","PwnCount":5788169,"Description":"In October 2018, \u003Ca href=\u0022https://blog.hacken.io/how-sensitive-is-your-non-sensitive-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified multiple exposed databases with hundreds of millions of records\u003C/a\u003E. One of those datasets was an Elasticsearch instance on AWS containing sales lead data and 5.8M unique email addresses. The data contained information relating to individuals and the companies they worked for including their names, email addresses and company name and contact information. Despite best efforts, it was not possible to identify the owner of the data hence this breach as been titled \u0026quot;Elasticsearch Sales Leads\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Emotet","Title":"Emotet","Domain":"","BreachDate":"2021-01-27","AddedDate":"2021-04-26T22:25:15Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":4324770,"Description":"In January 2021, \u003Ca href=\u0022https://www.troyhunt.com/data-from-the-emotet-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-nhtcu\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe FBI in partnership with the Dutch NHTCU, German BKA and other international law enforcement agencies brought down the world\u0027s most dangerous malware: Emotet\u003C/a\u003E. The agencies obtained data collected by the malware and provided impacted email addresses to HIBP so that impacted individuals and domain owners could assess their exposure. \u003Ca href=\u0022https://www.troyhunt.com/data-from-the-emotet-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-nhtcu\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about the takedown and recommended actions\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":true},{"Name":"Emuparadise","Title":"Emuparadise","Domain":"emuparadise.me","BreachDate":"2018-04-01","AddedDate":"2019-06-09T06:23:35Z","ModifiedDate":"2019-06-15T15:19:53Z","PwnCount":1131229,"Description":"In April 2018, the self-proclaimed \u0026quot;biggest retro gaming website on earth\u0026quot;, Emuparadise, suffered a data breach. The compromised vBulletin forum exposed 1.1 million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Emuparadise.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ECB","Title":"England Cricket","Domain":"ecb.co.uk","BreachDate":"2024-03-23","AddedDate":"2024-03-29T01:10:19Z","ModifiedDate":"2024-03-29T01:15:59Z","PwnCount":43299,"Description":"In March 2024, \u003Ca href=\u0022https://www.thecricketer.com/Topics/grassroots/ecb_issue_warning_to_users_of_online_coaching_platform_following_data_breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEnglish Cricket\u0027s icoachcricket website suffered a data breach that exposed over 40k records\u003C/a\u003E. The data included email addresses and passwords stored as either bcrypt hashes, salted MD5 hashes or both. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ECB.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EPal","Title":"E-Pal","Domain":"epal.gg","BreachDate":"2022-04-15","AddedDate":"2022-10-24T04:54:30Z","ModifiedDate":"2022-10-24T04:56:02Z","PwnCount":108887,"Description":"In October 2022, the service dedicated to finding friends on Discord known as \u003Ca href=\u0022https://twitter.com/PogoWasRight/status/1578496290534539264\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EE-Pal disclosed a data breach\u003C/a\u003E. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EPal.png","DataClasses":["Email addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EpicGames","Title":"Epic Games","Domain":"epicgames.com","BreachDate":"2016-08-11","AddedDate":"2016-11-07T10:19:34Z","ModifiedDate":"2016-11-07T10:19:34Z","PwnCount":251661,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/epic-games-unreal-engine-forums-hacked-in-latest-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Epic Games forum suffered a data breach\u003C/a\u003E, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 252k accounts including usernames, email addresses and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EpicGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EpicBot","Title":"EpicBot","Domain":"epicbot.com","BreachDate":"2019-09-01","AddedDate":"2019-11-19T23:29:42Z","ModifiedDate":"2019-11-19T23:33:02Z","PwnCount":816662,"Description":"In September 2019, the RuneScape bot provider \u003Ca href=\u0022https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEpicBot suffered a data breach that impacted 817k subscribers\u003C/a\u003E. Data from the breach was subsequently shared on a popular hacking forum and included usernames, email and IP addresses and passwords stored as either salted MD5 or bcrypt hashes. EpicBot did not respond when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EpicBot.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EpicNPC","Title":"EpicNPC","Domain":"epicnpc.com","BreachDate":"2016-01-02","AddedDate":"2019-07-27T23:11:30Z","ModifiedDate":"2019-07-27T23:20:02Z","PwnCount":408795,"Description":"In January 2016, the hacked account reseller \u003Ca href=\u0022https://www.epicnpc.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEpicNPC\u003C/a\u003E suffered a data breach that impacted 409k subscribers. The impacted data included usernames, IP and email addresses and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EpicNPC.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Epik","Title":"Epik","Domain":"epik.com","BreachDate":"2021-09-13","AddedDate":"2021-09-19T21:27:17Z","ModifiedDate":"2021-09-19T21:27:17Z","PwnCount":15003961,"Description":"In September 2021, \u003Ca href=\u0022https://arstechnica.com/information-technology/2021/09/anonymous-leaks-gigabytes-of-data-from-epik-web-host-of-gab-and-parler/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe domain registrar and web host Epik suffered a significant data breach\u003C/a\u003E, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Epik.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eroticy","Title":"Eroticy","Domain":"eroticy.com","BreachDate":"2015-06-01","AddedDate":"2017-01-10T02:19:56Z","ModifiedDate":"2017-01-10T02:19:56Z","PwnCount":1370175,"Description":"In mid-2016, it\u0027s alleged that the adult website known as \u003Ca href=\u0022http://eroticy.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEroticy\u003C/a\u003E was hacked. Almost 1.4 million unique accounts were found circulating in late 2016 which contained a raft of personal information ranging from email addresses to phone numbers to plain text passwords. Whilst many HIBP subscribers confirmed their data was legitimate, the actual source of the breach remains inconclusive. \u003Ca href=\u0022https://www.troyhunt.com/a-data-breach-investigation-blow-by-blow\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EA detailed account of the data has been published\u003C/a\u003E in the hope of identifying the origin of the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eroticy.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Payment histories","Phone numbers","Physical addresses","Usernames","Website activity"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eskimi","Title":"Eskimi","Domain":"eskimi.com","BreachDate":"2020-09-25","AddedDate":"2022-07-16T07:51:26Z","ModifiedDate":"2022-07-16T07:51:26Z","PwnCount":1197620,"Description":"In late 2020, the AdTech platform \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/01/25/shinyhunters-wave-3-one-hacker-exposes-over-125-million-credentials/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEskimi suffered a data breach that exposed 26M records with 1.2M unique email addresses\u003C/a\u003E. The data included usernames, dates of birth, genders and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eskimi.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EstanteVirtual","Title":"Estante Virtual","Domain":"estantevirtual.com.br","BreachDate":"2019-02-28","AddedDate":"2023-11-29T22:13:34Z","ModifiedDate":"2023-11-29T22:13:34Z","PwnCount":5412603,"Description":"In February 2019, the Brazilian book store \u003Ca href=\u0022https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEstante Virtual suffered a data breach that impacted 5.4M customers\u003C/a\u003E. The exposed data included names, usernames, email and physical addresses, phone numbers, dates of birth and unsalted SHA-1 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EstanteVirtual.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Estonia","Title":"Estonian Citizens (via Estonian Cybercrime Bureau)","Domain":"","BreachDate":"2018-06-07","AddedDate":"2018-06-11T09:41:17Z","ModifiedDate":"2018-06-11T09:41:17Z","PwnCount":655161,"Description":"In June 2018, \u003Ca href=\u0022https://www.troyhunt.com/data-provided-by-the-estonian-central-criminal-police-is-now-searchable-on-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Cybercrime Bureau of the Estonian Central Criminal Police contacted HIBP\u003C/a\u003E and asked for assistance in making a data set of 655k email addresses searchable. The Estonian police suspected the email addresses and passwords they obtained were being used to access mailboxes, cryptocurrency exchanges, cloud service accounts and other similar online assets. They\u0027ve requested that individuals who find themselves in the data set \u003Cb\u003E\u003Ci\u003Eand also identify that cryptocurrency has been stolen\u003C/i\u003E\u003C/b\u003E contact them at \u003Ca href=\u0022mailto:cybercrime@politsei.ee\u0022\u003Ecybercrime@politsei.ee\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Estonia.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"eThekwiniMunicipality","Title":"eThekwini Municipality","Domain":"eservices.durban.gov.za","BreachDate":"2016-09-07","AddedDate":"2016-09-15T00:01:47Z","ModifiedDate":"2016-09-15T00:01:47Z","PwnCount":81830,"Description":"In September 2016, \u003Ca href=\u0022http://eservices.durban.gov.za\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe new eThekwini eServices website\u003C/a\u003E in South Africa was launched with a number of security holes that lead to \u003Ca href=\u0022http://mybroadband.co.za/news/security/179064-ethekwini-municipality-leaking-private-details-of-over-300000-residents.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe leak of over 98k residents\u0027 personal information and utility bills\u003C/a\u003E across 82k unique email addresses. Emails were sent prior to launch containing passwords in plain text and the site allowed anyone to download utility bills without sufficient authentication. Various methods of customer data enumeration was possible and phishing attacks began appearing the day after launch.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/eThekwiniMunicipality.png","DataClasses":["Dates of birth","Deceased date","Email addresses","Genders","Government issued IDs","Names","Passport numbers","Passwords","Phone numbers","Physical addresses","Utility bills"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ethereum","Title":"Ethereum","Domain":"ethereum.org","BreachDate":"2016-12-16","AddedDate":"2016-12-20T23:56:26Z","ModifiedDate":"2016-12-20T23:56:26Z","PwnCount":16431,"Description":"In December 2016, the forum for the public blockchain-based distributed computing platform \u003Ca href=\u0022https://blog.ethereum.org/2016/12/19/security-alert-12192016-ethereum-org-forums-database-compromised/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEthereum suffered a data breach\u003C/a\u003E. The database contained over 16k unique email addresses along with IP addresses, private forum messages and (mostly) bcrypt hashed passwords. \u003Ca href=\u0022https://www.troyhunt.com/the-ethereum-forum-was-hacked-and-theyve-voluntarily-submitted-the-data-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEthereum elected to self-submit the data to HIBP\u003C/a\u003E, providing the service with a list of email addresses impacted by the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ethereum.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EuropaJobs","Title":"europa.jobs","Domain":"europa.jobs","BreachDate":"2019-08-11","AddedDate":"2020-01-15T08:51:05Z","ModifiedDate":"2020-01-15T08:51:05Z","PwnCount":226095,"Description":"In August 2019, the now defunct European jobs website \u003Ca href=\u0022https://webcache.googleusercontent.com/search?q=cache:Qk_zaGEqx70J:https://en.europa.jobs/\u002B\u0026cd=1\u0026hl=en\u0026ct=clnk\u0026gl=au\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eeuropa.jobs\u003C/a\u003E (Google cache link) suffered a data breach. The incident exposed 226k unique email addresses alongside extensive personal information including names, dates of birth, job applications and passwords. The data was subsequently redistributed on a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EuropaJobs.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Job applications","Names","Passwords","Phone numbers","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Evermotion","Title":"Evermotion","Domain":"evermotion.org","BreachDate":"2015-05-07","AddedDate":"2017-07-02T13:49:09Z","ModifiedDate":"2017-07-02T13:49:09Z","PwnCount":435510,"Description":"In May 2015, the Polish 3D modelling website known as \u003Ca href=\u0022https://evermotion.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEvermotion\u003C/a\u003E suffered a data breach resulting in the exposure of 435k unique user records. The data was sourced from a vBulletin forum and contained email addresses, usernames, dates of birth and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Evermotion.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EverybodyEdits","Title":"Everybody Edits","Domain":"everybodyedits.com","BreachDate":"2019-03-23","AddedDate":"2019-04-03T10:50:16Z","ModifiedDate":"2019-04-03T10:55:58Z","PwnCount":871190,"Description":"In March 2019, the multiplayer platform game \u003Ca href=\u0022https://everybodyedits.wordpress.com/2019/03/28/everybody-edits-data-security-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEverybody Edits suffered a data breach\u003C/a\u003E. The incident exposed 871k unique email addresses alongside usernames and IP addresses. The data was subsequently distributed online across a collection of files.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EverybodyEdits.png","DataClasses":["Email addresses","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Evite","Title":"Evite","Domain":"evite.com","BreachDate":"2013-08-11","AddedDate":"2019-07-14T14:51:51Z","ModifiedDate":"2019-07-14T14:51:51Z","PwnCount":100985047,"Description":"In April 2019, the social planning website for managing online invitations \u003Ca href=\u0022https://www.evite.com/security/update?usource=lc\u0026lctid=1800182\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEvite identified a data breach of their systems\u003C/a\u003E. Upon investigation, they found unauthorised access to a database archive dating back to 2013. The exposed data included a total of 101 million unique email addresses, most belonging to recipients of invitations. Members of the service also had names, phone numbers, physical addresses, dates of birth, genders and passwords stored in plain text exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Evite.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Evony","Title":"Evony","Domain":"evony.com","BreachDate":"2016-06-01","AddedDate":"2017-03-25T23:43:45Z","ModifiedDate":"2017-03-25T23:43:45Z","PwnCount":29396116,"Description":"In June 2016, the online multiplayer game \u003Ca href=\u0022http://securityaffairs.co/wordpress/52260/data-breach/evony-data-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEvony was hacked\u003C/a\u003E and over 29 million unique accounts were exposed. The attack led to the exposure of usernames, email and IP addresses and MD5 hashes of passwords (without salt).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Evony.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Exactis","Title":"Exactis","Domain":"exactis.com","BreachDate":"2018-06-01","AddedDate":"2018-07-25T20:00:44Z","ModifiedDate":"2018-07-25T20:00:44Z","PwnCount":131577763,"Description":"In June 2018, \u003Ca href=\u0022https://www.wired.com/story/exactis-database-leak-340-million-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe marketing firm Exactis inadvertently publicly leaked 340 million records of personal data\u003C/a\u003E. Security researcher \u003Ca href=\u0022https://www.nightlionsecurity.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVinny Troia of Night Lion Security\u003C/a\u003E discovered the leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data. The data was collected as part of Exactis\u0027 service as a \u0026quot;compiler and aggregator of premium business \u0026amp; consumer data\u0026quot; which they then sell for profiling and marketing purposes. A small subset of the exposed fields were provided to Have I Been Pwned and contained 132 million unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Exactis.png","DataClasses":["Credit status information","Dates of birth","Education levels","Email addresses","Ethnicities","Family structure","Financial investments","Genders","Home ownership statuses","Income levels","IP addresses","Marital statuses","Names","Net worths","Occupations","Personal interests","Phone numbers","Physical addresses","Religions","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Experian","Title":"Experian (2015)","Domain":"experian.com","BreachDate":"2015-09-16","AddedDate":"2016-09-06T23:49:00Z","ModifiedDate":"2020-11-22T05:42:00Z","PwnCount":7196890,"Description":"In September 2015, the US based credit bureau and consumer data broker \u003Ca href=\u0022http://krebsonsecurity.com/2015/10/experian-breach-affects-15-million-consumers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EExperian suffered a data breach\u003C/a\u003E that impacted 15 million customers who had applied for financing from T-Mobile. An alleged data breach was subsequently circulated containing personal information including names, physical and email addresses, birth dates and various other personal attributes. Multiple Have I Been Pwned subscribers verified portions of the data as being accurate, but the actual source of it was inconclusive therefor this breach has been flagged as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Experian.png","DataClasses":["Credit status information","Dates of birth","Email addresses","Ethnicities","Family structure","Genders","Home ownership statuses","Income levels","IP addresses","Names","Phone numbers","Physical addresses","Purchasing habits"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Experian2020","Title":"Experian (South Africa)","Domain":"","BreachDate":"2020-08-19","AddedDate":"2020-09-01T23:39:52Z","ModifiedDate":"2020-09-02T00:00:41Z","PwnCount":1284637,"Description":"In August 2020, \u003Ca href=\u0022https://www.iafrikan.com/2020/09/01/experian-data-breach-database-public-data-information-south-africa/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EExperian South Africa suffered a data breach\u003C/a\u003E which exposed the personal information of tens of millions of individuals. Only 1.3M of the records contained email addresses, whilst most contained government issued identity numbers, names, addresses, occupations and employers, amongst other person information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Experian.png","DataClasses":["Email addresses","Employers","Government issued IDs","Names","Occupations","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ExploitIn","Title":"Exploit.In","Domain":"","BreachDate":"2016-10-13","AddedDate":"2017-05-06T07:03:18Z","ModifiedDate":"2017-05-06T07:03:18Z","PwnCount":593427119,"Description":"In late 2016, a huge list of email address and password pairs appeared in a \u0026quot;combo list\u0026quot; referred to as \u0026quot;Exploit.In\u0026quot;. The list contained 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for \u0026quot;credential stuffing\u0026quot;, that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read \u003Ca href=\u0022https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-billion-records-in-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPassword reuse, credential stuffing and another billion records in Have I Been Pwned\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ExploreTalentAug2024","Title":"Explore Talent (August 2024)","Domain":"exploretalent.com","BreachDate":"2024-08-15","AddedDate":"2024-08-19T05:52:35Z","ModifiedDate":"2024-08-19T05:52:35Z","PwnCount":8929384,"Description":"In August 2024, \u003Ca href=\u0022https://maia.crimew.gay/posts/gps-track-deez-nuts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent\u003C/a\u003E. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach which occurred in 2022 and was loaded into HIBP in July 2024.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ExploreTalent.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ExploreTalent","Title":"Explore Talent (July 2024)","Domain":"exploretalent.com","BreachDate":"2022-02-28","AddedDate":"2024-07-25T03:21:40Z","ModifiedDate":"2024-08-19T05:52:35Z","PwnCount":5371574,"Description":"In July 2024, \u003Ca href=\u0022https://x.com/H4ckManac/status/1813528139881988225\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach attributed to Explore Talent was publicly posted to a popular hacking forum\u003C/a\u003E. Containing 5.7M rows with 5.4M unique email addresses, the incident has been described by various sources as occurring between early 2022 to 2023 and also contains names, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ExploreTalent.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VINs","Title":"Exposed VINs","Domain":"","BreachDate":"2017-06-05","AddedDate":"2017-06-09T05:35:19Z","ModifiedDate":"2017-06-09T05:35:19Z","PwnCount":396650,"Description":"In June 2017, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/car-thieves-everywhere-rejoice-as-unsecured-database-exposes-10-million-car-vins/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean unsecured database with more than 10 million VINs (vehicle identification numbers) was discovered by researchers\u003C/a\u003E. Believed to be sourced from US car dealerships, the data included a raft of personal information and vehicle data along with 397k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Family structure","Genders","Names","Phone numbers","Physical addresses","Vehicle details"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Exvagos","Title":"Exvagos","Domain":"exvagos.org","BreachDate":"2022-07-21","AddedDate":"2024-03-28T06:28:55Z","ModifiedDate":"2024-03-28T06:28:55Z","PwnCount":2121789,"Description":"In July 2022, the direct download website Exvagos suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Exvagos.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Eye4Fraud","Title":"Eye4Fraud","Domain":"eye4fraud.com","BreachDate":"2023-01-25","AddedDate":"2023-03-06T04:46:58Z","ModifiedDate":"2023-03-06T06:04:28Z","PwnCount":16000591,"Description":"In February 2023, \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1622838659689988098\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum\u003C/a\u003E. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who\u0027d placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Eye4Fraud.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"EyeEm","Title":"EyeEm","Domain":"eyeem.com","BreachDate":"2018-02-28","AddedDate":"2019-02-16T07:17:45Z","ModifiedDate":"2019-02-16T07:17:45Z","PwnCount":19611022,"Description":"In February 2018, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ephotography website EyeEm suffered a data breach\u003C/a\u003E. The breach was identified among a collection of other large incidents and exposed almost 20M unique email addresses, names, usernames, bios and password hashes. The data was provided to HIBP by a source who asked for it to be attributed to \u0026quot;Kuroi\u0027sh or Gabriel Kimiaie-Asadi Bildstein\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/EyeEm.png","DataClasses":["Bios","Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Facebook","Title":"Facebook","Domain":"facebook.com","BreachDate":"2019-08-01","AddedDate":"2021-04-04T03:20:45Z","ModifiedDate":"2021-04-06T09:09:21Z","PwnCount":509458528,"Description":"In April 2021, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/533-million-facebook-users-phone-numbers-leaked-on-hacker-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large data set of over 500 million Facebook users was made freely available for download\u003C/a\u003E. Encompassing approximately 20% of Facebook\u0027s subscribers, the data was allegedly obtained by exploiting a vulnerability Facebook advises they rectified in August 2019. The primary value of the data is the association of phone numbers to identities; whilst each record included phone, only 2.5 million contained an email address. Most records contained names and genders with many also including dates of birth, location, relationship status and employer.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Facebook.png","DataClasses":["Dates of birth","Email addresses","Employers","Genders","Geographic locations","Names","Phone numbers","Relationship statuses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FacebookMarketplace","Title":"Facebook Marketplace","Domain":"facebook.com","BreachDate":"2023-10-01","AddedDate":"2024-02-22T00:53:37Z","ModifiedDate":"2024-02-22T00:55:02Z","PwnCount":77267,"Description":"In February 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/200-000-facebook-marketplace-user-records-leaked-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum\u003C/a\u003E. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations. The data also contained bcrypt password hashes, although there is no indication these belong to the corresponding Facebook accounts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Facebook.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Facepunch","Title":"Facepunch","Domain":"facepunch.com","BreachDate":"2016-06-03","AddedDate":"2018-10-17T13:15:39Z","ModifiedDate":"2018-10-17T13:31:23Z","PwnCount":342913,"Description":"In June 2016, the game development studio \u003Ca href=\u0022https://facepunch.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFacepunch\u003C/a\u003E suffered a data breach that exposed 343k users. The breached data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes. Facepunch advised they were aware of the incident and had notified people at the time. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Facepunch.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FaceUP","Title":"FaceUP","Domain":"faceup.dk","BreachDate":"2013-01-01","AddedDate":"2019-01-13T09:50:41Z","ModifiedDate":"2019-01-13T09:50:41Z","PwnCount":87633,"Description":"In 2013, the Danish social media site \u003Ca href=\u0022https://faceup.dk/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFaceUP\u003C/a\u003E suffered a data breach. The incident exposed 87k unique email addresses alongside genders, dates of birth, names, phone numbers and passwords stored as unsalted MD5 hashes. When notified of the incident, FaceUP advised they had identified a SQL injection vulnerability at the time and forced password resets on impacted customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FaceUP.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Factual","Title":"Factual","Domain":"factual.com","BreachDate":"2017-03-22","AddedDate":"2019-12-24T10:56:18Z","ModifiedDate":"2019-12-24T10:56:18Z","PwnCount":2461696,"Description":"In March 2017, a file containing 8M rows of data \u003Ca href=\u0022https://www.troyhunt.com/when-is-data-public-and-2-5m-public-factual-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eallegedly sourced from data aggregator Factual\u003C/a\u003E was compiled and later exchanged on the premise it was a \u0026quot;breach\u0026quot;. The data contained 2.5M unique email addresses alongside business names, addresses and phone numbers. After consultation with Factual, they advised the data was \u0026quot;publicly available information about businesses and other points of interest that Factual makes available on its website and to customers\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Factual.png","DataClasses":["Email addresses","Employers","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FairVoteCanada","Title":"Fair Vote Canada","Domain":"fairvote.ca","BreachDate":"2024-03-02","AddedDate":"2024-10-21T05:04:21Z","ModifiedDate":"2024-10-21T05:06:43Z","PwnCount":134336,"Description":"In March 2024, the Canadian national citizens\u0027 campaign for proportional representation \u003Ca href=\u0022https://secure.fairvote.ca/en/civicrm/mailing/view?reset=1\u0026id=6424\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFair Vote Canada suffered a data breach\u003C/a\u003E. The incident was attributed to \u0026quot;a well-meaning volunteer\u0026quot; who inadvertently exposed data from 2020 which included 134k unique email addresses, names, physical addresses, phone numbers and, for some individuals, date and amount of a donation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FairVoteCanada.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Political donations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Famm","Title":"Famm","Domain":"famm.us","BreachDate":"2020-10-08","AddedDate":"2022-07-16T09:57:48Z","ModifiedDate":"2022-07-16T09:57:48Z","PwnCount":535240,"Description":"In late 2020, the Japanese family photos website \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/01/25/shinyhunters-wave-3-one-hacker-exposes-over-125-million-credentials/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFamm suffered a data breach that subsequently exposed 1.3M customer records\u003C/a\u003E, including 535k unique email addresses. Impacted data also included names, dates of birth, genders and passwords stored as SHA-256 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Famm.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fanpass","Title":"Fanpass","Domain":"fanpass.co.uk","BreachDate":"2022-04-30","AddedDate":"2022-05-24T03:55:30Z","ModifiedDate":"2022-05-24T23:28:33Z","PwnCount":112251,"Description":"In April 2022, the UK based website for buying and selling soccer tickets \u003Ca href=\u0022https://milled.com/fanpass/fanpass-incident-notification-V6odeYPOxOTPZFq-\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFanpass suffered a data breach\u003C/a\u003E which exposed 112k customer records. Impacted data includes names, phone numbers, physical addresses, purchase histories and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;\u003Ca href=\u0022https://breaches.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreaches.net\u003C/a\u003E\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fanpass.png","DataClasses":["Email addresses","Genders","Names","Partial dates of birth","Passwords","Phone numbers","Physical addresses","Purchases","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FantasyFootballHub","Title":"Fantasy Football Hub","Domain":"fantasyfootballhub.co.uk","BreachDate":"2021-10-02","AddedDate":"2021-10-07T06:32:57Z","ModifiedDate":"2021-10-07T06:32:57Z","PwnCount":66479,"Description":"In October 2021, the fantasy premier league (soccer) website \u003Ca href=\u0022https://fantasyfootballhub.co.uk/we-have-suffered-a-cyber-attack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFantasy Football Hub suffered a data breach that exposed 66 thousand unique email addresses\u003C/a\u003E. The data included names, usernames, IP addresses, transactions and passwords stored as WordPress MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FantasyFootballHub.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WhiteRoom","Title":"Fashion Nexus","Domain":"fashionnexus.co.uk","BreachDate":"2018-07-09","AddedDate":"2018-07-31T08:20:54Z","ModifiedDate":"2018-07-31T08:20:54Z","PwnCount":1279263,"Description":"In July 2018, UK-based ecommerce company \u003Ca href=\u0022https://www.grahamcluley.com/online-fashion-shoppers-exposed-ecommerce-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFashion Nexus suffered a data breach which exposed 1.4 million records\u003C/a\u003E. Multiple websites developed by sister company White Room Solutions were impacted in the breach amongst which were sites including \u003Ca href=\u0022https://jadedldn.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJaded London\u003C/a\u003E and \u003Ca href=\u0022http://axparis.co.uk\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAX Paris\u003C/a\u003E. The various sites exposed in the incident included a range of different data types including names, phone numbers, addresses and passwords stored as a mix of salted MD5 and SHA-1 as well as unsalted MD5 passwords. When asked by reporter Graham Cluley if a public statement on the incident was available, a one-word response of \u0026quot;No\u0026quot; was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WhiteRoom.png","DataClasses":["Browser user agent details","Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FashionFantasyGame","Title":"FashionFantasyGame","Domain":"fashionfantasygame.com","BreachDate":"2016-12-01","AddedDate":"2017-04-20T10:33:38Z","ModifiedDate":"2017-04-20T10:33:38Z","PwnCount":2357872,"Description":"In late 2016, the fashion gaming website \u003Ca href=\u0022http://www.zdnet.com/article/amid-data-breach-responsibility-thrown-to-the-wind/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFashion Fantasy Game suffered a data breach\u003C/a\u003E. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FashionFantasyGame.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FilmaiIn","Title":"Filmai.in","Domain":"filmai.in","BreachDate":"2020-01-01","AddedDate":"2021-02-23T08:52:26Z","ModifiedDate":"2021-02-23T08:52:26Z","PwnCount":645786,"Description":"In approximately 2019 or 2020, the Lithuanian movie streaming service \u003Ca href=\u0022http://filmai.in/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFilmai.in\u003C/a\u003E suffered a data breach exposing 645k email addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FilmaiIn.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FFShrine","Title":"Final Fantasy Shrine","Domain":"ffshrine.org","BreachDate":"2015-09-18","AddedDate":"2015-10-31T12:43:58Z","ModifiedDate":"2015-10-31T12:43:58Z","PwnCount":620677,"Description":"In September 2015, \u003Ca href=\u0022http://ffshrine.org\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Final Fantasy discussion forum known as FFShrine\u003C/a\u003E was breached and the data dumped publicly. Approximately 620k records were released containing email addresses, IP addresses and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FFShrine.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Finsure","Title":"Finsure","Domain":"finsure.com.au","BreachDate":"2024-10-15","AddedDate":"2024-11-19T04:25:18Z","ModifiedDate":"2024-11-19T04:25:18Z","PwnCount":296124,"Description":"In October 2024, almost 300k unique email addresses from Australian mortgage broking group Finsure were obtained from the ActivePipe real estate marketing platform. The impacted data also included names, phone numbers and physical addresses. The incident did not directly affect any of Finsure\u0027s systems or expose any passwords or financial data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Finsure.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fitmart","Title":"Fitmart","Domain":"fitmart.de","BreachDate":"2021-10-01","AddedDate":"2023-11-03T05:57:10Z","ModifiedDate":"2023-11-03T05:57:10Z","PwnCount":214492,"Description":"In October 2021, \u003Ca href=\u0022https://www.mydealz.de/diskussion/datenleck-bei-fitmart-2214625\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the German fitness supplies store Fitmart was obtained and later redistributed online\u003C/a\u003E. The data included 214k unique email addresses accompanied by plain text passwords, allegedly \u0026quot;dehashed\u0026quot; from the original stored version.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fitmart.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlashFlashRevolution","Title":"Flash Flash Revolution (2016 breach)","Domain":"flashflashrevolution.com","BreachDate":"2016-02-01","AddedDate":"2016-09-06T08:08:29Z","ModifiedDate":"2019-07-21T16:28:59Z","PwnCount":1771845,"Description":"In February 2016, the music-based rhythm game known as \u003Ca href=\u0022http://www.flashflashrevolution.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlash Flash Revolution\u003C/a\u003E was hacked and 1.8M accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlashFlashRevolution.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlashFlashRevolution2019","Title":"Flash Flash Revolution (2019 breach)","Domain":"flashflashrevolution.com","BreachDate":"2019-07-16","AddedDate":"2019-07-21T20:31:54Z","ModifiedDate":"2019-07-21T20:31:54Z","PwnCount":1858124,"Description":"In July 2019, the music-based rhythm game \u003Ca href=\u0022http://www.flashflashrevolution.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlash Flash Revolution\u003C/a\u003E suffered a data breach. The 2019 breach imapcted almost 1.9 million members and is \u003Cem\u003Ein addition to\u003C/em\u003E \u003Ca href=\u0022http://www.flashflashrevolution.com/ffr/information-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe 2016 data breach of the same service\u003C/a\u003E. Email and IP addesses, usernames, dates of birth and salted MD5 hashes were all exposed in the breach. The data was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlashFlashRevolution.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Flashback","Title":"Flashback","Domain":"flashback.se","BreachDate":"2015-02-11","AddedDate":"2015-02-12T05:42:12Z","ModifiedDate":"2015-02-12T05:42:12Z","PwnCount":40256,"Description":"In February 2015, \u003Ca href=\u0022http://www.flashback.se/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Swedish forum known as Flashback\u003C/a\u003E had sensitive internal data on 40k members published via the tabloid newspaper \u003Ca href=\u0022http://www.aftonbladet.se/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAftonbladet\u003C/a\u003E. The data was \u003Ca href=\u0022http://swedishsurveyor.com/2015/02/11/the-inquisition/\u0022\u003Eallegedly sold to them via Researchgruppen\u003C/a\u003E (The Research Group) \u003Ca href=\u0022http://www.technologyreview.com/photoessay/533426/the-troll-hunters/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewho have a history of exposing otherwise anonymous users\u003C/a\u003E, primarily those who they believe participate in \u0026quot;troll like\u0026quot; behaviour. The compromised data includes social security numbers, home and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Flashback.png","DataClasses":["Email addresses","Government issued IDs","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlexBooker","Title":"FlexBooker","Domain":"flexbooker.com","BreachDate":"2021-12-23","AddedDate":"2022-01-06T06:11:10Z","ModifiedDate":"2022-01-06T06:34:26Z","PwnCount":3756794,"Description":"In December 2021, the online booking service \u003Ca href=\u0022https://www.flexbooker.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlexBooker\u003C/a\u003E suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. FlexBooker has identified the breach as originating from a compromised account within their AWS infrastructure. The data was found being actively traded on a popular hacking forum and was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlexBooker.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fling","Title":"Fling","Domain":"fling.com","BreachDate":"2011-03-10","AddedDate":"2016-05-28T23:08:07Z","ModifiedDate":"2016-05-28T23:08:07Z","PwnCount":40767652,"Description":"In 2011, the self-proclaimed \u0026quot;World\u0027s Best Adult Social Network\u0026quot; website known as Fling \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-passwords-and-sexual-desires-for-dating-site-fling\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and more than 40 million accounts obtained by the attacker\u003C/a\u003E. The breached data included highly sensitive personal attributes such as sexual orientation and sexual interests as well as email addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fling.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Phone numbers","Sexual fetishes","Sexual orientations","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FlipaClip","Title":"FlipaClip","Domain":"flipaclip.com","BreachDate":"2024-11-18","AddedDate":"2024-11-20T22:37:58Z","ModifiedDate":"2024-11-20T22:42:16Z","PwnCount":892854,"Description":"In November 2024, the animation app \u003Ca href=\u0022https://x.com/RhinozzCode/status/1859291987360321631\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFlipaClip suffered a data breach that exposed almost 900k records due to an exposed Firebase server\u003C/a\u003E. The impacted data included name, email address, country and date of birth. FlipaClip advised the issue has since been rectified.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FlipaClip.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FLVS","Title":"Florida Virtual School","Domain":"flvs.net","BreachDate":"2018-02-12","AddedDate":"2018-03-18T01:40:31Z","ModifiedDate":"2018-03-18T01:40:31Z","PwnCount":542902,"Description":"In March 2018, the Florida Virtual School (FLVS) \u003Ca href=\u0022https://www.flvs.net/notices?source=homepage\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eposted a data breach notification to their website\u003C/a\u003E. The school had identified a data breach which had occurred sometime between 6 May 2016 and 12 Feb 2018 and an XML file containing 368k student records was subsequently found circulating. Each record contained student name, date of birth, password, grade, email \u003Cem\u003Eand\u003C/em\u003E parent email resulting in a total of 543k unique email addresses. Due to the prevalence of email addresses belonging to individuals who are still legally children, the data breach has been flagged as \u0026quot;sensitive\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FLVS.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","School grades (class levels)","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RobloxDeveloperConference2024","Title":"FNTECH","Domain":"fntech.com","BreachDate":"2024-07-04","AddedDate":"2024-07-06T01:21:29Z","ModifiedDate":"2024-07-10T06:59:15Z","PwnCount":10386,"Description":"In July 2024, the events management platform FNTECH suffered a data breach that exposed 10k unique email addresses. The data contained registrants from various events, \u003Ca href=\u0022https://x.com/Roblox_RTC/status/1809300821701427220\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eincluding participants of the Roblox Developer Conference registration list\u003C/a\u003E. The data also included names and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FNTECH.png","DataClasses":["Email addresses","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Foodora","Title":"Foodora","Domain":"foodora.com","BreachDate":"2016-04-22","AddedDate":"2020-06-16T02:09:33Z","ModifiedDate":"2020-06-16T02:09:33Z","PwnCount":582578,"Description":"In April 2016, the online food delivery service \u003Ca href=\u0022https://www.databreachtoday.com/delivery-hero-confirms-foodora-data-breach-a-14435\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFoodora suffered a data breach\u003C/a\u003E which was then extensively redistributed online. The breach included the personal information of hundreds of thousands of customers from multiple countries including their names, delivery addresses, phone numbers and passwords stored as either a salted MD5 or a bcrypt hash.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Foodora.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Forbes","Title":"Forbes","Domain":"forbes.com","BreachDate":"2014-02-15","AddedDate":"2014-02-15T11:24:42Z","ModifiedDate":"2014-02-15T11:24:42Z","PwnCount":1057819,"Description":"In February 2014, the Forbes website \u003Ca href=\u0022http://news.cnet.com/8301-1009_3-57618945-83/syrian-electronic-army-hacks-forbes-steals-user-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuccumbed to an attack that leaked over 1 million user accounts\u003C/a\u003E. The attack was attributed to the Syrian Electronic Army, allegedly as retribution for a perceived \u0022Hate of Syria\u0022. The attack not only leaked user credentials, but also resulted in the posting of fake news stories to forbes.com.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Forbes.png","DataClasses":["Email addresses","Passwords","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ForumCommunity","Title":"ForumCommunity","Domain":"forumcommunity.net","BreachDate":"2016-06-01","AddedDate":"2018-12-05T05:04:45Z","ModifiedDate":"2018-12-05T07:29:20Z","PwnCount":776648,"Description":"In approximately mid-2016, the Italian-based service for creating forums known as \u003Ca href=\u0022https://www.forumcommunity.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EForumCommunity\u003C/a\u003E suffered a data breach. The incident impacted over 776k unique email addresses along with usernames and unsalted MD5 password hashes. No response was received from ForumCommunity when contacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ForumCommunity.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fotolog","Title":"Fotolog","Domain":"fotolog.com","BreachDate":"2018-12-01","AddedDate":"2021-06-15T03:20:43Z","ModifiedDate":"2021-06-15T03:20:43Z","PwnCount":16717854,"Description":"In December 2018, the photo sharing social network \u003Ca href=\u0022https://www.theregister.com/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFotolog suffered a data breach\u003C/a\u003E that exposed 16.7 million unique email addresses. The data also included usernames and unsalted SHA-256 password hashes. The site was dissolved the following year and repurposed as a news website based in Brcko, Bosnia and Herzegovina.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fotolog.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FoxyBingo","Title":"Foxy Bingo","Domain":"foxybingo.com","BreachDate":"2008-04-04","AddedDate":"2015-11-22T01:05:05Z","ModifiedDate":"2015-11-22T01:05:05Z","PwnCount":252216,"Description":"In April 2007, the online gambling site \u003Ca href=\u0022https://www.foxybingo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFoxy Bingo\u003C/a\u003E was hacked and 252,000 accounts were obtained by the hackers. The breached records \u003Ca href=\u0022http://www.itpro.co.uk/637279/gambler-busted-flogging-stolen-data-to-gaming-firms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewere subsequently sold and traded\u003C/a\u003E and included personal information data such as plain text passwords, birth dates and home addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FoxyBingo.png","DataClasses":["Account balances","Browser user agent details","Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FreedomHostingII","Title":"Freedom Hosting II","Domain":"fhostingesps6bly.onion","BreachDate":"2017-01-31","AddedDate":"2017-02-05T10:06:58Z","ModifiedDate":"2017-02-05T10:06:58Z","PwnCount":380830,"Description":"In January 2017, the free hidden service host \u003Ca href=\u0022http://www.theverge.com/2017/2/3/14497992/freedom-hosting-ii-hacked-anonymous-dark-web-tor\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFreedom Hosting II suffered a data breach\u003C/a\u003E. The attack allegedly took down 20% of dark web sites running behind Tor hidden services with the attacker claiming that of the 10,613 impacted sites, more than 50% of the content was child pornography. The hack led to the exposure of MySQL databases for the sites which included a vast amount of information on the hidden services Freedom Hosting II was managing. The impacted data classes far exceeds those listed for the breach and differ between the thousands of impacted sites.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FreedomHostingII.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FreshMenu","Title":"FreshMenu","Domain":"freshmenu.com","BreachDate":"2016-07-01","AddedDate":"2018-09-10T12:27:19Z","ModifiedDate":"2018-09-10T12:27:19Z","PwnCount":110355,"Description":"In July 2016, the India-based food delivery service \u003Ca href=\u0022https://www.freshmenu.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFreshMenu\u003C/a\u003E suffered a data breach. The incident exposed the personal data of over 110k customers and included their names, email addresses, phone numbers, home addresses and order histories. When advised of the incident, FreshMenu acknowledged being already aware of the breach but stated they had decided not to notify impacted customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FreshMenu.png","DataClasses":["Device information","Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Fridae","Title":"Fridae","Domain":"fridae.asia","BreachDate":"2014-05-02","AddedDate":"2014-05-06T02:48:35Z","ModifiedDate":"2014-05-06T02:48:35Z","PwnCount":35368,"Description":"In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as \u0022Fridae\u0022. The attack which was \u003Ca href=\u0022https://twitter.com/Survela/status/463327706361659392\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eannounced on Twitter\u003C/a\u003E appears to have been \u003Ca href=\u0022http://pastebin.com/ipFKjv6z\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eorchestrated by Deletesec\u003C/a\u003E who claim that \u0022Digital weapons shall annihilate all secrecy within governments and corporations\u0022. The exposed data included password stored in plain text. ","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Fridae.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Funimation","Title":"Funimation","Domain":"funimation.com","BreachDate":"2016-07-01","AddedDate":"2017-02-20T00:43:26Z","ModifiedDate":"2017-02-20T00:43:26Z","PwnCount":2491103,"Description":"In July 2016, the anime site \u003Ca href=\u0022https://www.funimation.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFunimation\u003C/a\u003E suffered a data breach that impacted 2.5 million accounts. The data contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Funimation.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FunnyGames","Title":"Funny Games","Domain":"funny-games.biz","BreachDate":"2018-04-28","AddedDate":"2018-07-24T03:01:35Z","ModifiedDate":"2018-07-24T03:01:35Z","PwnCount":764357,"Description":"In April 2018, the online entertainment site \u003Ca href=\u0022https://www.funny-games.biz/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFunny Games\u003C/a\u003E suffered a data breach that disclosed 764k records including usernames, email and IP addresses and salted MD5 password hashes. The incident was disclosed to Funny Games in July who acknowledged the breach and identified it had been caused by legacy code no longer in use. The record count in the breach constitute approximately half of the user base.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FunnyGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"FurAffinity","Title":"Fur Affinity","Domain":"furaffinity.net","BreachDate":"2016-05-17","AddedDate":"2016-05-27T09:36:18Z","ModifiedDate":"2016-05-27T09:36:18Z","PwnCount":1270564,"Description":"In May 2016, the Fur Affinity website for people with an interest in anthropomorphic animal characters (also known as \u0022furries\u0022) \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-furry-site-hacked-content-deleted\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E. The attack exposed 1.2M email addresses (many accounts had a different \u0022first\u0022 and \u0022last\u0022 email against them) and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/FurAffinity.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gaadi","Title":"Gaadi","Domain":"gaadi.com","BreachDate":"2015-05-14","AddedDate":"2018-07-01T07:17:02Z","ModifiedDate":"2018-07-01T07:17:02Z","PwnCount":4261179,"Description":"In May 2015, the Indian motoring website known as \u003Ca href=\u0022https://www.gaadi.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGaadi\u003C/a\u003E had 4.3 million records exposed in a data breach. The data contained usernames, email and IP addresses, genders, the city of users as well as passwords stored in both plain text and as MD5 hashes. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gaadi.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gab","Title":"Gab","Domain":"gab.com","BreachDate":"2021-02-26","AddedDate":"2021-03-03T23:03:30Z","ModifiedDate":"2021-03-03T23:03:30Z","PwnCount":66521,"Description":"In February 2021, the alt-tech social network service \u003Ca href=\u0022https://www.troyhunt.com/gab-has-been-breached/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGab suffered a data breach\u003C/a\u003E. The incident exposed almost 70GB of data including 4M user accounts, a small number of private chat logs and a list of public groups and public posts made to the service. Only a small number of accounts included email addresses and / or passwords stored as bcrypt hashes with a total of 66.5k unique email addresses being exposed across the corpus of data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gab.png","DataClasses":["Avatars","Email addresses","Names","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GamerzPlanet","Title":"Gamerzplanet","Domain":"gamerzplanet.net","BreachDate":"2015-10-23","AddedDate":"2016-02-05T20:12:26Z","ModifiedDate":"2016-02-05T20:12:26Z","PwnCount":1217166,"Description":"In approximately October 2015, the online gaming forum known as \u003Ca href=\u0022http://gamerzplanet.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGamerzplanet\u003C/a\u003E was hacked and more than 1.2M accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GamerzPlanet.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GamesBox","Title":"Games Box","Domain":"gamesbox.com","BreachDate":"2020-09-21","AddedDate":"2024-09-15T02:41:52Z","ModifiedDate":"2024-09-15T02:41:52Z","PwnCount":1439354,"Description":"In September 2020, now defunct website Games Box suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The impacted data included 1.4M email addresses alongside usernames, genders, ages and passwords stored as either a hash or plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GamesBox.png","DataClasses":["Ages","Email addresses","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameSalad","Title":"GameSalad","Domain":"gamesalad.com","BreachDate":"2019-02-24","AddedDate":"2019-07-21T14:18:46Z","ModifiedDate":"2019-07-21T14:23:46Z","PwnCount":1506242,"Description":"In February 2019, the education and game creation website \u003Ca href=\u0022https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGame Salad suffered a data breach\u003C/a\u003E. The incident impacted 1.5M accounts and exposed email addresses, usernames, IP addresses and passwords stored as SHA-256 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameSalad.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameSprite","Title":"GameSprite","Domain":"gamesprite.me","BreachDate":"2019-12-17","AddedDate":"2023-10-30T02:32:54Z","ModifiedDate":"2023-10-30T07:06:29Z","PwnCount":6164643,"Description":"In December 2019, the now defunct gaming platform \u003Ca href=\u0022https://gamesprite.me\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGameSprite\u003C/a\u003E suffered a data breach that exposed over 6M unique email addresses. The impacted data also included usernames, IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameSprite.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameTuts","Title":"GameTuts","Domain":"game-tuts.com","BreachDate":"2015-03-01","AddedDate":"2016-09-23T23:59:38Z","ModifiedDate":"2016-09-23T23:59:38Z","PwnCount":2064274,"Description":"Likely in early 2015, the video game website GameTuts suffered a data breach and over 2 million user accounts were exposed. The site later \u003Ca href=\u0022https://twitter.com/TeamModio/status/756705841168916486\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eshut down in July 2016\u003C/a\u003E but was identified as having been hosted on a vBulletin forum. The exposed data included usernames, email and IP addresses and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameTuts.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GameVN","Title":"GameVN","Domain":"gamevn.com","BreachDate":"2016-05-01","AddedDate":"2024-09-23T01:39:12Z","ModifiedDate":"2024-09-23T01:39:12Z","PwnCount":1369485,"Description":"In May 2016, the Vietnamese gaming forum GameVN suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. Data breached from the XenForo-based forum included 1.4M unique email addresses, usernames, IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GameVN.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gamigo","Title":"Gamigo","Domain":"gamigo.com","BreachDate":"2012-03-01","AddedDate":"2016-01-18T16:26:24Z","ModifiedDate":"2016-01-18T16:26:24Z","PwnCount":8243604,"Description":"In March 2012, the German online game publisher Gamigo \u003Ca href=\u0022http://www.zdnet.com/article/8-24-million-gamigo-passwords-leaked-after-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E and more than 8 million accounts publicly leaked. The breach included email addresses and passwords stored as weak MD5 hashes with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gamigo.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GamingMonk","Title":"GamingMonk","Domain":"gamingmonk.com","BreachDate":"2020-12-02","AddedDate":"2023-11-05T23:05:37Z","ModifiedDate":"2023-11-05T23:05:37Z","PwnCount":654510,"Description":"In December 2020, India\u0027s \u0026quot;largest esports community\u0026quot; \u003Ca href=\u0022http://gamingmonk.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGamingMonk\u003C/a\u003E (since acquired by and redirected to MPL Esports), suffered a data breach. The incident exposed 655k unique email addresses along with names, usernames, phone numbers, dates of birth and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GamingMonk.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GateHub","Title":"GateHub","Domain":"gatehub.net","BreachDate":"2019-06-04","AddedDate":"2019-11-20T00:29:29Z","ModifiedDate":"2019-12-24T13:09:23Z","PwnCount":1408078,"Description":"In October 2019, \u003Ca href=\u0022https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E1.4M accounts from the cryptocurrency wallet service GateHub were posted to a popular hacking forum\u003C/a\u003E. GateHub had \u003Ca href=\u0022https://gatehub.net/blog/gatehub-update-investigation-continues/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epreviously acknowledged a data breach in June\u003C/a\u003E, albeit with a smaller number of impacted accounts. Data from the breach included email addresses, mnemonic phrases, encrypted master keys, encrypted recovery keys and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GateHub.png","DataClasses":["Email addresses","Encrypted keys","Mnemonic phrases","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gawker","Title":"Gawker","Domain":"gawker.com","BreachDate":"2010-12-11","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":1247574,"Description":"In December 2010, Gawker was attacked by the hacker collective \u0026quot;Gnosis\u0026quot; in retaliation for what was reported to be a feud between Gawker and 4Chan. Information about Gawkers 1.3M users was published along with the data from Gawker\u0027s other web presences including Gizmodo and Lifehacker. Due to the prevalence of password reuse, many victims of the breach \u003Ca href=\u0022http://www.troyhunt.com/2011/01/why-your-apps-security-design-could.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethen had their Twitter accounts compromised to send Acai berry spam\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gawker.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gett","Title":"Ge.tt","Domain":"ge.tt","BreachDate":"2017-05-04","AddedDate":"2021-02-16T06:22:20Z","ModifiedDate":"2021-02-22T12:16:44Z","PwnCount":2481121,"Description":"In May 2017, the file sharing platform \u003Ca href=\u0022https://www.zdnet.com/article/127-million-user-records-from-8-companies-put-up-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGe.tt suffered a data breach\u003C/a\u003E. The data was subsequently put up for sale on a dark web marketplace in February 2019 alongside a raft of other breaches. The Ge.tt breach included names, social media profile identifiers, SHA256 password hashes and almost 2.5M unique email addresses. The data was provided to HIBP by a source who requested it be attributed to \u003Ca href=\u0022https://www.linkedin.com/company/breachdirectory/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBreachDirectory\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gett.png","DataClasses":["Email addresses","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GeekedIn","Title":"GeekedIn","Domain":"geekedin.net","BreachDate":"2016-08-15","AddedDate":"2016-11-17T19:44:24Z","ModifiedDate":"2022-03-06T05:21:27Z","PwnCount":1073164,"Description":"In August 2016, the technology recruitment site GeekedIn left a MongoDB database exposed and over 8M records were extracted by an unknown third party. The breached data was originally scraped from GitHub in violation of their terms of use and contained information exposed in public profiles, including over 1 million members\u0027 email addresses. Full details on the incident (including how impacted members can see their leaked data) are covered in the blog post on \u003Ca href=\u0022https://www.troyhunt.com/8-million-github-profiles-were-leaked-from-geekedins-mongodb-heres-how-to-see-yours\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E8 million GitHub profiles were leaked from GeekedIn\u0027s MongoDB - here\u0027s how to see yours\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GeekedIn.png","DataClasses":["Email addresses","Geographic locations","Names","Professional skills","Usernames","Years of professional experience"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gemini","Title":"Gemini","Domain":"gemini.com","BreachDate":"2022-12-13","AddedDate":"2022-12-16T16:47:43Z","ModifiedDate":"2024-04-23T19:32:40Z","PwnCount":5274214,"Description":"In late 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hackers-leak-personal-info-allegedly-stolen-from-57m-gemini-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata allegedly taken from the Gemini crypto exchange was posted to a public hacking forum\u003C/a\u003E. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to \u003Ca href=\u0022https://www.gemini.com/blog/protecting-our-customers-from-phishing-campaigns\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean incident at a third-party vendor\u003C/a\u003E (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to \u0026quot;ZAN @ BF\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Partial phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gemplex","Title":"Gemplex","Domain":"gemplex.tv","BreachDate":"2021-02-18","AddedDate":"2023-12-09T02:19:40Z","ModifiedDate":"2023-12-09T02:19:40Z","PwnCount":4563166,"Description":"In February 2021, the Indian streaming platform Gemplex suffered a data breach that exposed 4.6M user accounts. The impacted data included device information, names, phone numbers, email addresses and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gemplex.png","DataClasses":["Device information","Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GenesisMarket","Title":"Genesis Market","Domain":"genesis.market","BreachDate":"2023-04-05","AddedDate":"2023-04-05T12:00:00Z","ModifiedDate":"2023-04-05T12:00:00Z","PwnCount":8000000,"Description":"In April 2023, the stolen identity marketplace \u003Ca href=\u0022https://www.troyhunt.com/seized-genesis-market-data-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi-and-operation-cookie-monster/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGenesis Market was shut down by the FBI and a coalition of law enforcement agencies across the globe in \u0026quot;Operation Cookie Monster\u0026quot;\u003C/a\u003E. The service traded in \u0026quot;browser fingerprints\u0026quot; which enabled criminals to impersonate victims and access their online services. As many of the impacted accounts did not include email addresses, \u0026quot;8M\u0026quot; is merely an approximation intended to indicate scale. Other personal data compromised by the service included names, addresses and credit card information, although not all individuals had each of these fields exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GenesisMarket.png","DataClasses":["Browser user agent details","Credit card CVV","Credit cards","Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"GeniusU","Title":"GeniusU","Domain":"geniusu.com","BreachDate":"2020-10-02","AddedDate":"2021-01-08T21:49:21Z","ModifiedDate":"2021-01-10T00:45:52Z","PwnCount":1301460,"Description":"In November 2020, \u003Ca href=\u0022https://www.databreaches.net/more-drama-on-a-forum-and-a-slew-of-new-databases-dumped/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea collection of data breaches were made public including the \u0026quot;Entrepreneur Success Platform\u0026quot;, GeniusU\u003C/a\u003E. Dating back to the previous month, the data included 1.3M names, email and IP addresses, genders, links to social media profiles and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GeniusU.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GetRevengeOnYourEx","Title":"Get Revenge On Your Ex","Domain":"getrevengeonyourex.com","BreachDate":"2022-09-09","AddedDate":"2022-11-15T01:57:17Z","ModifiedDate":"2022-12-11T12:24:54Z","PwnCount":79195,"Description":"In September 2022, the revenge website \u003Ca href=\u0022https://getrevengeonyourex.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGet Revenge On Your Ex\u003C/a\u003E suffered a data breach that exposed almost 80k unique email addresses. The data spanned both customers and victims including names, IP and physical addresses, phone numbers, purchase histories and plain text passwords. The data was subsequently shared on a public hacking forum, Get Revenge On Your Ex did not reply when contacted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GetRevengeOnYourEx.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GFAN","Title":"GFAN","Domain":"gfan.com","BreachDate":"2016-10-10","AddedDate":"2016-10-10T16:32:34Z","ModifiedDate":"2016-10-10T16:32:34Z","PwnCount":22526334,"Description":"In October 2016, data surfaced that was allegedly obtained from the Chinese website known as \u003Ca href=\u0022http://www.gfan.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGFAN\u003C/a\u003E and contained 22.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email and IP addresses, user names and salted and hashed passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GFAN.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GGCorp","Title":"GGCorp","Domain":"ggcorp.me","BreachDate":"2022-08-11","AddedDate":"2022-11-08T07:35:13Z","ModifiedDate":"2022-11-08T07:35:13Z","PwnCount":2376330,"Description":"In August 2022, the MMORPG website \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1558362615067250688\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGGCorp suffered a data breach that exposed almost 2.4M unique email addresses\u003C/a\u003E. The data also included IP addresses, usernames and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GGCorp.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GiantTiger","Title":"Giant Tiger","Domain":"gianttiger.com","BreachDate":"2024-03-04","AddedDate":"2024-04-12T22:31:29Z","ModifiedDate":"2024-04-12T22:57:56Z","PwnCount":2842669,"Description":"In March 2024, \u003Ca href=\u0022https://cybernews.com/news/giant-tiger-customers-exposed/#google_vignette\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECanadian discount store Giant Tiger suffered a data breach that exposed 2.8M customer records\u003C/a\u003E. Attributed to a vendor of the retailer, the breach included physical and email addresses, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GiantTiger.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GiveSendGo","Title":"GiveSendGo","Domain":"givesendgo.com","BreachDate":"2022-02-07","AddedDate":"2022-02-15T00:01:14Z","ModifiedDate":"2022-02-15T00:01:14Z","PwnCount":89966,"Description":"In February 2022, the Christian fundraising service \u003Ca href=\u0022https://techcrunch.com/2022/02/14/freedom-convoy-donor-leak-givesendgo/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGiveSendGo suffered a data breach which exposed the personal data of 90k donors to the Canadian \u0026quot;Freedom Convoy\u0026quot; protest against vaccine mandates\u003C/a\u003E. The breach exposed names, email addresses, post codes, donation amount and comments left at the time of donation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GiveSendGo.png","DataClasses":["Email addresses","Geographic locations","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Glofox","Title":"Glofox","Domain":"glofox.com","BreachDate":"2020-03-27","AddedDate":"2021-01-10T01:30:48Z","ModifiedDate":"2021-01-10T01:30:48Z","PwnCount":2330735,"Description":"In March 2020, the Irish gym management software company \u003Ca href=\u0022https://www.irishtimes.com/business/technology/irish-start-up-glofox-investigates-possible-data-breach-1.4414837\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGlofox suffered a data breach which exposed 2.3M membership records\u003C/a\u003E. The data included email addresses, names, phone numbers, genders, dates of birth and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Glofox.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GoGames","Title":"Go Games","Domain":"gogames.me","BreachDate":"2015-10-24","AddedDate":"2020-01-11T00:06:33Z","ModifiedDate":"2020-01-11T00:06:33Z","PwnCount":3430083,"Description":"In approximately October 2015, the manga website \u003Ca href=\u0022http://gogames.me\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGo Games\u003C/a\u003E suffered a data breach. The exposed data included 3.4M customer records including email and IP addresses, usernames and passwords stored as salted MD5 hashes. Go Games did not respond when contacted about the incident. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GoGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GoNinja","Title":"Go Ninja","Domain":"goninja.de","BreachDate":"2019-12-17","AddedDate":"2023-11-30T07:18:59Z","ModifiedDate":"2023-11-30T07:18:59Z","PwnCount":4999001,"Description":"In December 2019, the now defunct German gaming website Go Ninja suffered a data breach that exposed 5M unique email addresses. The impacted data included usernames, email and IP addresses and salted MD5 password hashes. More than 4M of the email addresses appeared to have been generated as opposed to organically provided by the user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GoNinja.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GoldSilver","Title":"GoldSilver","Domain":"goldsilver.com","BreachDate":"2018-10-21","AddedDate":"2018-12-27T08:49:18Z","ModifiedDate":"2018-12-27T08:51:50Z","PwnCount":242715,"Description":"In October 2018, the bullion education and dealer services site \u003Ca href=\u0022https://goldsilver.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGoldSilver\u003C/a\u003E suffered a data breach that exposed 243k unique email addresses spanning customers and mailing list subscribers. An extensive amount of personal information on customers was obtained including names, addresses, phone numbers, purchases and passwords and answers to security questions stored as MD5 hashes. In a small number of cases, passport, social security numbers and partial credit card data was also exposed. The data breach and source code belonging to GoldSilver was publicly posted on a dark web service where it remained months later. When notified about the incident, GoldSilver advised that \u0026quot;all affected customers have been directly notified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GoldSilver.png","DataClasses":["Bank account numbers","Email addresses","IP addresses","Names","Partial credit card data","Passport numbers","Phone numbers","Physical addresses","Purchases","Security questions and answers","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"gPotato","Title":"gPotato","Domain":"gpotato.com","BreachDate":"2007-07-12","AddedDate":"2016-09-24T21:37:43Z","ModifiedDate":"2016-09-24T21:37:43Z","PwnCount":2136520,"Description":"In July 2007, the multiplayer game portal known as \u003Ca href=\u0022https://web.archive.org/web/20070710161412/http://gpotato.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EgPotato\u003C/a\u003E (link to archive of the site at that time) suffered a data breach and over 2 million user accounts were exposed. The site later merged into the \u003Ca href=\u0022http://www.webzen.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWebzen portal\u003C/a\u003E where the original accounts still exist today. The exposed data included usernames, email and IP addresses, MD5 hashes and personal attributes such as gender, birth date, physical address and security questions and answers stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/gPotato.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GPSUnderground","Title":"GPS Underground","Domain":"gpsunderground.com","BreachDate":"2016-07-01","AddedDate":"2019-11-19T06:13:42Z","ModifiedDate":"2019-11-19T06:13:42Z","PwnCount":669584,"Description":"In early 2017, \u003Ca href=\u0022https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGPS Underground was amongst a collection of compromised vBulletin websites that were found being sold online\u003C/a\u003E. The breach dated back to mid-2016 and included 670k records with usernames, email and IP addresses, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GPSUnderground.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Gravatar","Title":"Gravatar","Domain":"gravatar.com","BreachDate":"2020-10-03","AddedDate":"2021-12-05T22:45:58Z","ModifiedDate":"2021-12-08T01:47:02Z","PwnCount":113990759,"Description":"In October 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/online-avatar-service-gravatar-allows-mass-collection-of-user-info/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars \u003C/a\u003E. 167 million names, usernames and MD5 hashes of email addresses used to reference users\u0027 avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, \u003Ca href=\u0022https://en.gravatar.com/support/data-privacy\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGravatar release an FAQ detailing the incident\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Gravatar.png","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GSMHosting","Title":"GSM Hosting","Domain":"gsmhosting.com","BreachDate":"2016-08-01","AddedDate":"2024-03-27T06:23:58Z","ModifiedDate":"2024-03-27T06:29:15Z","PwnCount":2607440,"Description":"In August 2016, \u003Ca href=\u0022https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreached data from the vBulletin forum for GSM-Hosting appeared for sale alongside dozens of other hacked services\u003C/a\u003E. The breach impacted 2.6M users of the service and included email and IP addresses, usernames and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GSMHosting.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GTAGaming","Title":"GTAGaming","Domain":"gtagaming.com","BreachDate":"2016-08-01","AddedDate":"2016-08-23T20:41:17Z","ModifiedDate":"2016-08-23T20:41:17Z","PwnCount":197184,"Description":"In August 2016, the Grand Theft Auto forum \u003Ca href=\u0022https://motherboard.vice.com/read/grand-theft-auto-fan-site-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGTAGaming was hacked and nearly 200k user accounts were leaked\u003C/a\u003E. The vBulletin based forum included usernames, email addresses and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GTAGaming.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GunAuction","Title":"GunAuction.com","Domain":"gunauction.com","BreachDate":"2022-12-03","AddedDate":"2023-03-02T19:43:51Z","ModifiedDate":"2023-03-05T03:13:20Z","PwnCount":565470,"Description":"In December 2022, the online firearms auction website \u003Ca href=\u0022https://techcrunch.com/2023/03/02/hackers-steal-gun-owners-data-from-firearm-auction-website/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGunAuction.com suffered a data breach which was later discovered left unprotected on the hacker\u0027s server\u003C/a\u003E. The data included over 565k user records with extensive personal data including email, IP and physical addresses, names, phone numbers, genders, years of birth, credit card type and passwords stored in plain text. The leaked identities could subsequently be matched to firearms listed for sale on the website.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GunAuction.png","DataClasses":["Browser user agent details","Email addresses","Genders","IP addresses","Partial credit card data","Partial dates of birth","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Playgar","Title":"Guns and Robots","Domain":"play-gar.com","BreachDate":"2016-04-01","AddedDate":"2018-02-14T22:32:25Z","ModifiedDate":"2018-02-14T22:32:25Z","PwnCount":143569,"Description":"In approximately April 2016, the gaming website \u003Ca href=\u0022https://www.play-gar.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGuns and Robots\u003C/a\u003E suffered a data breach resulting in the exposure of 143k unique records. The data contained email and IP addresses, usernames and SHA-1 password hashes. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Playgar.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"GunsDotCom","Title":"Guns.com","Domain":"guns.com","BreachDate":"2021-01-12","AddedDate":"2022-01-13T05:14:53Z","ModifiedDate":"2022-01-13T06:32:48Z","PwnCount":375928,"Description":"In January 2021, the firearms website \u003Ca href=\u0022https://gizmodo.com/guns-com-gets-hacked-spilling-gun-owner-information-al-1846544734\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eguns.com suffered a data breach\u003C/a\u003E. The breach exposed 376k unique email addresses along with names, phone numbers, physical addresses, gun purchases, partial credit card data, dates of birth and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/GunsDotCom.png","DataClasses":["Dates of birth","Email addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Guntrader","Title":"Guntrader","Domain":"guntrader.uk","BreachDate":"2021-07-17","AddedDate":"2021-07-21T20:24:24Z","ModifiedDate":"2021-07-21T20:24:24Z","PwnCount":112031,"Description":"In July 2021, the United Kingdom based website \u003Ca href=\u0022https://www.fieldsportschannel.tv/guntrader-co-uk-hacked-not-much-lost/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGuntrader suffered a data breach that exposed 112k unique email addresses\u003C/a\u003E. Extensive personal information was also exposed including names, phone numbers, geolocation data, IP addresses and various physical address attributes (cities for all users, complete addresses for some). Passwords stored as bcrypt hashes were also exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Guntrader.png","DataClasses":["Browser user agent details","Email addresses","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HackForums","Title":"hackforums.net","Domain":"hackforums.net","BreachDate":"2011-06-25","AddedDate":"2014-05-11T10:30:43Z","ModifiedDate":"2014-05-11T10:30:43Z","PwnCount":191540,"Description":"In June 2011, the hacktivist group known as \u0022LulzSec\u0022 leaked \u003Ca href=\u0022http://www.forbes.com/sites/andygreenberg/2011/06/25/lulzsec-says-goodbye-dumping-nato-att-gamer-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eone final large data breach they titled \u002250 days of lulz\u0022\u003C/a\u003E. The compromised data came from sources such as AT\u0026T, Battlefield Heroes and the \u003Ca href=\u0022http://hackforums.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackforums.net website\u003C/a\u003E. The leaked Hack Forums data included credentials and personal information of nearly 200,000 registered forum users.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HackForums.png","DataClasses":["Dates of birth","Email addresses","Instant messenger identities","IP addresses","Passwords","Social connections","Spoken languages","Time zones","User website URLs","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HackingTeam","Title":"Hacking Team","Domain":"hackingteam.com","BreachDate":"2015-07-06","AddedDate":"2015-07-12T23:52:27Z","ModifiedDate":"2015-07-12T23:52:27Z","PwnCount":32310,"Description":"In July 2015, the Italian security firm \u003Ca href=\u0022http://hackingteam.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHacking Team\u003C/a\u003E suffered a major data breach that resulted in over 400GB of their data being \u003Ca href=\u0022http://www.techtimes.com/articles/68204/20150711/hacking-team-hacked-400gb-data-dump-state-surveillance-exposes-dirty.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eposted online via a torrent\u003C/a\u003E. The data searchable on \u0026quot;Have I Been Pwned?\u0026quot; is from 189GB worth of PST mail folders in the dump. The contents of the PST files is \u003Ca href=\u0022https://wikileaks.org/hackingteam/emails\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esearchable on Wikileaks\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HackingTeam.png","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hathway","Title":"Hathway","Domain":"hathway.com","BreachDate":"2023-12-17","AddedDate":"2024-01-12T09:34:25Z","ModifiedDate":"2024-01-12T09:34:25Z","PwnCount":4670080,"Description":"In December 2023, \u003Ca href=\u0022https://restoreprivacy.com/hacker-allegedly-holds-data-of-41-million-hathway-customers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehundreds of gigabytes of data allegedly taken from Indian ISP and digital TV provider Hathway appeared on a popular hacking website\u003C/a\u003E. The incident exposed extensive personal information including 4.7M unique email addresses along with names, physical and IP addresses, phone numbers, password hashes and support ticket logs.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hathway.png","DataClasses":["Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations","Support tickets"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HauteLook","Title":"HauteLook","Domain":"hautelook.com","BreachDate":"2018-08-07","AddedDate":"2019-03-21T21:57:32Z","ModifiedDate":"2019-03-21T21:57:32Z","PwnCount":28510459,"Description":"In mid-2018, the fashion shopping site \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHauteLook was among a raft of sites that were breached and their data then sold in early-2019\u003C/a\u003E. The data included over 28 million unique email addresses alongside names, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HauteLook.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Havenly","Title":"Havenly","Domain":"havenly.com","BreachDate":"2020-06-25","AddedDate":"2020-08-01T01:53:40Z","ModifiedDate":"2020-08-01T01:53:40Z","PwnCount":1369180,"Description":"In June 2020, the interior design website \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHavenly suffered a data breach\u003C/a\u003E which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Havenly.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HDBFinancialServices","Title":"HDB Financial Services","Domain":"hdbfs.com","BreachDate":"2023-02-22","AddedDate":"2023-03-11T03:00:06Z","ModifiedDate":"2023-03-11T03:04:29Z","PwnCount":1658750,"Description":"In March 2023, the Indian non-bank lending unit \u003Ca href=\u0022https://economictimes.indiatimes.com/industry/banking/finance/banking/hdb-financial-services-flags-data-breach-at-service-provider/articleshow/98483482.cms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHDB Financial Services suffered a data breach that disclosed over 70M customer records\u003C/a\u003E. Containing 1.6M unique email addresses, the breach also disclosed names, dates of birth, phone numbers, genders, post codes and loan information belonging to the customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HDBFinancialServices.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Loan information","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HealthNowNetworks","Title":"Health Now Networks","Domain":"healthnow.co","BreachDate":"2017-03-25","AddedDate":"2017-04-07T18:37:15Z","ModifiedDate":"2017-04-07T18:37:15Z","PwnCount":321920,"Description":"In March 2017, the telemarketing service \u003Ca href=\u0022https://www.databreaches.net/leak-of-diabetic-patients-data-highlights-risks-of-giving-info-to-telemarketers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHealth Now Networks left a database containing hundreds of thousands of medical records exposed\u003C/a\u003E. There were over 900,000 records in total containing significant volumes of personal information including names, dates of birth, various medical conditions and operator notes on the individuals\u0027 health. The data included over 320k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HealthNowNetworks.png","DataClasses":["Dates of birth","Email addresses","Genders","Health insurance information","IP addresses","Names","Personal health data","Phone numbers","Physical addresses","Security questions and answers","Social connections"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hemmakvall","Title":"Hemmakv\u00E4ll","Domain":"hemmakvall.se","BreachDate":"2015-07-08","AddedDate":"2015-07-09T09:23:52Z","ModifiedDate":"2015-07-09T09:23:52Z","PwnCount":47297,"Description":"In July 2015, the Swedish video store chain \u003Ca href=\u0022http://www.hemmakvall.se/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHemmakv\u00E4ll\u003C/a\u003E \u003Ca href=\u0022http://www.dn.se/ekonomi/hemmakvall-hackat-50000-kunders-uppgifter-pa-vift/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked\u003C/a\u003E and nearly 50k records dumped publicly. The disclosed data included various attributes of their customers including email and physical addresses, names and phone numbers. Passwords were also leaked, stored with a weak MD5 hashing algorithm.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hemmakvall.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hemmelig","Title":"hemmelig.com","Domain":"hemmelig.com","BreachDate":"2011-12-21","AddedDate":"2014-03-25T07:23:52Z","ModifiedDate":"2014-03-25T07:23:52Z","PwnCount":28641,"Description":"In December 2011, Norway\u0027s largest online sex shop hemmelig.com was \u003Ca href=\u0022http://www.dazzlepod.com/hemmelig/?page=93\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by a collective calling themselves \u0026quot;Team Appunity\u0026quot;\u003C/a\u003E. The attack exposed over 28,000 usernames and email addresses along with nicknames, gender, year of birth and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hemmelig.png","DataClasses":["Email addresses","Genders","Nicknames","Partial dates of birth","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HeroesOfGaia","Title":"Heroes of Gaia","Domain":"heroesofgaia.com","BreachDate":"2013-01-04","AddedDate":"2016-11-07T08:11:03Z","ModifiedDate":"2016-11-07T08:11:03Z","PwnCount":179967,"Description":"In early 2013, the online fantasy multiplayer game \u003Ca href=\u0022http://hog.playsnail.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHeroes of Gaia\u003C/a\u003E suffered a data breach. The newest records in the data set indicate a breach date of 4 January 2013 and include usernames, IP and email addresses but no passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HeroesOfGaia.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HeroesOfNewerth","Title":"Heroes of Newerth","Domain":"heroesofnewerth.com","BreachDate":"2012-12-17","AddedDate":"2016-01-24T16:27:23Z","ModifiedDate":"2016-01-24T16:27:23Z","PwnCount":8089103,"Description":"In December 2012, the multiplayer online battle arena game known as \u003Ca href=\u0022http://www.heroesofnewerth.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHeroes of Newerth\u003C/a\u003E \u003Ca href=\u0022https://www.reddit.com/r/HeroesofNewerth/comments/14zj2p/i_am_the_guy_who_hacked_hon/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E was hacked\u003C/a\u003E and over 8 million accounts extracted from the system. The compromised data included usernames, email addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HeroesOfNewerth.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HIAPK","Title":"HiAPK","Domain":"hiapk.com","BreachDate":"2014-01-01","AddedDate":"2018-04-01T07:13:44Z","ModifiedDate":"2018-04-01T07:13:44Z","PwnCount":13873674,"Description":"In approximately 2014, it\u0027s alleged that the Chinese Android store known as \u003Ca href=\u0022http://hiapk.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHIAPK\u003C/a\u003E suffered a data breach that impacted 13.8 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided to HIBP by white hat security researcher and data analyst Adam Davies. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HIAPK.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hjedd","Title":"Hjedd","Domain":"hjedd.com","BreachDate":"2022-07-18","AddedDate":"2023-10-05T03:41:42Z","ModifiedDate":"2023-10-05T03:41:42Z","PwnCount":13204029,"Description":"In July 2022, the Chinese adult website \u003Ca href=\u0022https://www.bitdefender.com.au/blog/hotforsecurity/leaky-platform-at-chinese-adult-platform-exposed-sensitive-info-of-14-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHjedd was found to be leaking more than 13M customer records which subsequently appeared on a popular hacking forum\u003C/a\u003E. The exposed data included email and IP addresses, usernames and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hjedd.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HLTV","Title":"HLTV","Domain":"hltv.org","BreachDate":"2016-06-19","AddedDate":"2017-03-22T08:58:10Z","ModifiedDate":"2017-03-22T08:58:10Z","PwnCount":611070,"Description":"In June 2016, the \u0026quot;home of competitive Counter Strike\u0026quot; website \u003Ca href=\u0022http://www.hltv.org/news/18087-security-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHLTV was hacked\u003C/a\u003E and 611k accounts were exposed. The attack led to the exposure of names, usernames, email addresses and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HLTV.png","DataClasses":["Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HomeChef","Title":"Home Chef","Domain":"homechef.com","BreachDate":"2020-02-10","AddedDate":"2020-11-13T03:41:24Z","ModifiedDate":"2020-11-13T03:41:24Z","PwnCount":8815692,"Description":"In early 2020, the food delivery service \u003Ca href=\u0022https://techcrunch.com/2020/05/20/home-chef-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHome Chef suffered a data breach\u003C/a\u003E which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including names, IP addresses, post codes, the last 4 digits of credit card numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HomeChef.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Partial credit card data","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HongFire","Title":"HongFire","Domain":"hongfire.com","BreachDate":"2015-03-01","AddedDate":"2017-02-05T20:36:21Z","ModifiedDate":"2017-02-05T20:36:21Z","PwnCount":999991,"Description":"In March 2015, the anime and manga forum \u003Ca href=\u0022http://www.hongfire.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHongFire\u003C/a\u003E suffered a data breach. The hack of their vBulletin forum led to the exposure of 1 million accounts along with email and IP addresses, usernames, dates of birth and salted MD5 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HongFire.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HookersNL","Title":"Hookers.nl","Domain":"hookers.nl","BreachDate":"2019-10-10","AddedDate":"2019-10-23T09:51:59Z","ModifiedDate":"2019-10-23T09:56:08Z","PwnCount":290955,"Description":"In October 2019, the Dutch prostitution forum \u003Ca href=\u0022https://www.forbes.com/sites/thomasbrewster/2019/10/10/dutch-prostitution-site-hookersnl-hacked--250000-users-data-leaked/#3e3f231522f8\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHookers.nl suffered a data breach\u003C/a\u003E which exposed the personal information of sex workers and their customers. The IP and email addresses, usernames and either bcrypt or salted MD5 password hashes of 291k members were accessed via an unpatched vulnerability in the vBulletin forum software.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HookersNL.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HorseIsle","Title":"Horse Isle","Domain":"horseisle.com","BreachDate":"2020-09-19","AddedDate":"2023-10-02T06:47:11Z","ModifiedDate":"2023-10-02T06:48:42Z","PwnCount":27786,"Description":"In June 2020 then again in September that same year, \u003Ca href=\u0022https://hi1.horseisle.com/web/news.php\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHorse Isle \u0026quot;The Secrent Land of Horses\u0026quot; suffered a data breach\u003C/a\u003E. The incident exposed 28k unique email addresses along with names, usernames, IP addresses, genders, purchases and plain text passwords. The system also stored and exposed failed password attempts for each user with the password retained in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HorseIsle.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HotTopic","Title":"Hot Topic","Domain":"hottopic.com","BreachDate":"2024-10-19","AddedDate":"2024-11-11T07:50:58Z","ModifiedDate":"2024-11-11T07:50:58Z","PwnCount":56904909,"Description":"In October 2024, \u003Ca href=\u0022https://au.pcmag.com/security/107921/hacker-may-have-breached-hot-topic-stolen-data-on-millions\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eretailer Hot Topic suffered a data breach that exposed 57 million unique email addresses\u003C/a\u003E. The impacted data also included physical addresses, phone numbers, purchases, genders, dates of birth and partial credit data containing card type, expiry and last 4 digits.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HotTopic.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HoundDawgs","Title":"HoundDawgs","Domain":"hounddawgs.org","BreachDate":"2017-12-30","AddedDate":"2018-01-03T12:48:10Z","ModifiedDate":"2018-01-03T12:48:10Z","PwnCount":45701,"Description":"In December 2017, the Danish torrent tracker known as \u003Ca href=\u0022https://torrentfreak.com/popular-danish-torrent-tracker-shuts-down-after-hack-180102/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHoundDawgs suffered a data breach\u003C/a\u003E. More than 55GB of data was dumped publicly and whilst \u003Ca href=\u0022https://www.flashback.org/p62770812\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethere was initially contention as to the severity of the incident\u003C/a\u003E, the data did indeed contain more than 45k unique email addresses complete extensive logs of torrenting activity, IP addresses and SHA1 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HoundDawgs.png","DataClasses":["Email addresses","IP addresses","Passwords","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Houzz","Title":"Houzz","Domain":"houzz.com","BreachDate":"2018-05-23","AddedDate":"2019-03-12T20:57:35Z","ModifiedDate":"2019-03-12T20:57:35Z","PwnCount":48881308,"Description":"In mid-2018, the housing design website \u003Ca href=\u0022https://help.houzz.com/s/article/security-update?language=en_US\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHouzz suffered a data breach\u003C/a\u003E. The company learned of the incident later that year then disclosed it to impacted members in February 2019. Almost 49 million unique email addresses were in the breach alongside names, IP addresses, geographic locations and either salted hashes of passwords or links to social media profiles used to authenticate to the service. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Houzz.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Names","Passwords","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HTCMania","Title":"HTC Mania","Domain":"htcmania.com","BreachDate":"2020-01-04","AddedDate":"2020-04-06T04:16:53Z","ModifiedDate":"2020-04-06T04:25:18Z","PwnCount":1488089,"Description":"In January 2020, the Spanish mobile phone forum \u003Ca href=\u0022https://www.htcmania.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHTC Mania\u003C/a\u003E suffered a data breach of the vBulletin based site. The incident exposed 1.5M member email addresses, usernames, IP addresses, dates of birth and salted MD5 password hashes and password histories. Data from the breach was subsequently redistributed on popular hacking websites.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HTCMania.png","DataClasses":["Dates of birth","Email addresses","Historical passwords","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HTHStudios","Title":"HTH Studios","Domain":"hthstudios.com","BreachDate":"2018-08-24","AddedDate":"2018-11-20T21:22:09Z","ModifiedDate":"2020-08-07T03:20:56Z","PwnCount":411755,"Description":"In August 2018, the adult furry interactive game creator \u003Ca href=\u0022https://hthstudios.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHTH Studios\u003C/a\u003E suffered a data breach impacting multiple repositories of customer data. Several months later, the data surfaced on a popular hacking forum and included 411k unique email addresses along with physical and IP addresses, names, orders, salted SHA-1 and salted MD5 hashes. HTH Studios is aware of the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HTHStudios.png","DataClasses":["Browser user agent details","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hub4Tech","Title":"Hub4Tech","Domain":"hub4tech.com","BreachDate":"2017-01-01","AddedDate":"2018-12-09T22:40:51Z","ModifiedDate":"2018-12-09T22:43:38Z","PwnCount":36916,"Description":"On an unknown date in approximately 2017, the Indian training and assessment service known as \u003Ca href=\u0022https://www.forumcommunity.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHub4Tech\u003C/a\u003E suffered a data breach via a SQL injection attack. The incident exposed almost 37k unique email addresses and passwords stored as unsalted MD5 hashes. No response was received from Hub4Tech when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hub4Tech.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HuntStand","Title":"HuntStand","Domain":"huntstand.com","BreachDate":"2024-03-08","AddedDate":"2024-09-19T07:31:13Z","ModifiedDate":"2024-09-19T07:31:13Z","PwnCount":2795947,"Description":"In March 2024, \u003Ca href=\u0022https://dailydarkweb.net/alleged-database-leak-over-2-9-million-scrapped-huntstand-user-records-reportedly-compromised/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emillions of records scraped from the hunting and land management service HuntStand were publicly posted to a popular hacking forum\u003C/a\u003E. The data included 2.8M unique email addresses with many records also containing name, date of birth and country.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HuntStand.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Hurb","Title":"Hurb","Domain":"hurb.com","BreachDate":"2019-03-14","AddedDate":"2020-07-27T21:46:20Z","ModifiedDate":"2020-07-27T21:46:20Z","PwnCount":20727771,"Description":"In approximately March 2019, the online Brazilian travel agency \u003Ca href=\u0022https://cybleinc.com/2020/07/24/around-43-million-user-records-belonging-to-two-online-platforms-leaked-on-darknet-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EHurb (formerly Hotel Urbano) suffered a data breach\u003C/a\u003E. The data subsequently appeared online for download the following year and included over 20 million customer records with email and IP addresses, names, dates of birth, phone numbers and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Hurb.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HuskyOwners","Title":"Husky Owners","Domain":"husky-owners.com","BreachDate":"2024-07-04","AddedDate":"2024-07-07T20:40:12Z","ModifiedDate":"2024-07-07T20:40:12Z","PwnCount":16502,"Description":"In July 2024, \u003Ca href=\u0022https://archive.is/lFPTL\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Husky Owners forum website was defaced\u003C/a\u003E and linked to a breach of user data containing 16k records. The exposed data included usernames, email addresses, dates of birth and time zones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HuskyOwners.png","DataClasses":["Dates of birth","Email addresses","Time zones","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iDTech","Title":"iD Tech","Domain":"idtech.com","BreachDate":"2023-01-03","AddedDate":"2023-03-06T02:31:18Z","ModifiedDate":"2023-03-06T02:31:18Z","PwnCount":415121,"Description":"In February 2023, the tech camps for kids service \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1629340450149498881\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EiD Tech had almost 1M records posted to a popular hacking forum\u003C/a\u003E. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iDTech.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IDCGames","Title":"IDC Games","Domain":"idcgames.com","BreachDate":"2021-03-15","AddedDate":"2021-11-17T06:41:24Z","ModifiedDate":"2021-11-17T06:55:42Z","PwnCount":3966871,"Description":"In March 2021, \u003Ca href=\u0022https://socradar.io/the-week-in-dark-web-19-march-2021-us-law-firms-on-target/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E4 million records sourced from IDC Games were shared on a public hacking forum\u003C/a\u003E. The data included usernames, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IDCGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iDressup","Title":"i-Dressup","Domain":"i-dressup.com","BreachDate":"2016-07-15","AddedDate":"2016-09-26T20:14:51Z","ModifiedDate":"2016-09-26T20:14:51Z","PwnCount":2191565,"Description":"In June 2016, the teen social site known as \u003Ca href=\u0022http://arstechnica.com/security/2016/09/social-hangout-site-for-teens-leaks-millions-of-plaintext-passwords/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ei-Dressup was hacked\u003C/a\u003E and over 2 million user accounts were exposed. At the time the hack was reported, the i-Dressup operators were not contactable and the underlying SQL injection flaw remained open, allegedly exposing a total of 5.5 million accounts. The breach included email addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iDressup.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IIMJobs","Title":"IIMJobs","Domain":"iimjobs.com","BreachDate":"2018-12-31","AddedDate":"2021-05-21T04:44:18Z","ModifiedDate":"2021-05-21T04:45:09Z","PwnCount":4216063,"Description":"In December 2018, the Indian job portal \u003Ca href=\u0022https://www.hackread.com/indian-job-portal-iimjobs-hacked-database-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EIIMJobs suffered a data breach that exposed 4.1 million unique email addresses\u003C/a\u003E. The data also included names, phone numbers, geographic locations, dates of birth, job titles, job applications and cover letters plus passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IIMJobs.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Job applications","Job titles","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ILikeCheats","Title":"ILikeCheats","Domain":"ilikecheats.net","BreachDate":"2014-10-18","AddedDate":"2018-04-22T08:18:28Z","ModifiedDate":"2018-04-22T08:27:56Z","PwnCount":188847,"Description":"In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts. The vBulletin based forum leaked usernames, IP and email addresses and weak MD5 hashes of passwords. The data was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ILikeCheats.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Imavex","Title":"Imavex","Domain":"imavex.com","BreachDate":"2021-08-20","AddedDate":"2021-08-26T05:48:29Z","ModifiedDate":"2024-10-23T22:06:40Z","PwnCount":878209,"Description":"In August 2021, the website development company \u003Ca href=\u0022https://www.imavex.com/breach-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EImavex suffered a data breach that exposed 878 thousand unique email addresses\u003C/a\u003E. The data included user records containing names, usernames and password material with some records also containing genders and partial credit card data, including the last 4 digits of the card and expiry date. Hundreds of thousands of form submissions and orders via Imavex customers were also exposed and contained further personal information of submitters and the contents of the form. The compromised system was subsequently sunset in January 2024 and all customer data impacted by the incident was permanently deleted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Imavex.png","DataClasses":["Email addresses","Genders","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iMenu360","Title":"iMenu360","Domain":"imenu360.com","BreachDate":"2022-08-11","AddedDate":"2023-08-17T20:55:07Z","ModifiedDate":"2023-08-17T20:55:07Z","PwnCount":3425860,"Description":"In approximately late 2022, 3.4M customer records from iMenu360 (\u0026quot;The world\u0027s #1 most trusted online ordering platform\u0026quot;) were exposed. The data appeared to be from ordering systems using the platform and contained email and physical addresses, latitudes and longitudes, names and phone numbers. Numerous attempts were made to contact iMenu360 about the incident between April and August 2023, but no response was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iMenu360.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iMesh","Title":"iMesh","Domain":"imesh.com","BreachDate":"2013-09-22","AddedDate":"2016-07-02T05:42:13Z","ModifiedDate":"2016-07-02T05:42:13Z","PwnCount":49467477,"Description":"In September 2013, the media and file sharing client known as \u003Ca href=\u0022http://www.ibtimes.co.uk/imesh-hack-more-51-million-user-records-former-filesharing-site-sale-dark-web-1565185\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EiMesh was hacked and approximately 50M accounts were exposed\u003C/a\u003E. The data was later put up for sale on a dark market website in mid-2016 and included email and IP addresses, usernames and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iMesh.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"imgur","Title":"imgur","Domain":"imgur.com","BreachDate":"2013-09-01","AddedDate":"2017-11-25T00:00:33Z","ModifiedDate":"2017-11-25T00:00:33Z","PwnCount":1749806,"Description":"In September 2013, the online image sharing community \u003Ca href=\u0022http://www.zdnet.com/article/imgur-reveals-hackers-stole-login-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eimgur suffered a data breach\u003C/a\u003E. A selection of the data containing 1.7 million email addresses and passwords surfaced more than 4 years later in November 2017. Although imgur stored passwords as SHA-256 hashes, the data in the breach contained plain text passwords suggesting that many of the original hashes had been cracked. imgur advises that they rolled over to bcrypt hashes in 2016.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/imgur.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IndiaMART","Title":"IndiaMART","Domain":"indiamart.com","BreachDate":"2021-05-23","AddedDate":"2021-08-27T05:33:29Z","ModifiedDate":"2021-08-27T05:33:29Z","PwnCount":20154583,"Description":"In August 2021, \u003Ca href=\u0022https://economictimes.indiatimes.com/industry/services/retail/data-breach-or-data-scraping-with-over-38-million-records-up-for-grabs-indiamart-has-some-answering-to-do/articleshow/85563628.cms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E38 million records from Indian e-commerce company IndiaMART were found being traded on a popular hacking forum\u003C/a\u003E. Dated several months earlier, the data included over 20 million unique email addresses alongside names, phone numbers and physical addresses. It\u0027s unclear whether IndiaMART intentionally exposed the data attributes as part of the intended design of the platform or whether the data was obtained by exploiting a vulnerability in the service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IndiaMART.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IndianRailways","Title":"Indian Railways","Domain":"indianrails.in","BreachDate":"2019-10-28","AddedDate":"2020-01-10T19:13:39Z","ModifiedDate":"2020-01-10T19:13:39Z","PwnCount":583377,"Description":"In November 2019, \u003Ca href=\u0022https://medium.com/dvuln/why-you-should-choo-choo-choose-to-have-a-vulnerability-disclosure-policy-2m-accounts-exposed-7cd7eaec4da5\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe website for Indian Rail left more than 2M records exposed on an unprotected Firebase database instance\u003C/a\u003E. The exposed data included 583k unique email addresses alongside usernames and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IndianRailways.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IndiHome","Title":"IndiHome","Domain":"indihome.co.id","BreachDate":"2019-11-01","AddedDate":"2023-11-27T07:02:10Z","ModifiedDate":"2023-11-27T21:36:59Z","PwnCount":12629245,"Description":"In mid-2021, \u003Ca href=\u0022https://en.antaranews.com/news/245609/communication-ministry-studying-report-of-indihome-data-leak\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereports emerged of a data breach of Indonesia\u0027s telecommunications company, IndiHome\u003C/a\u003E. Over 26M rows of data alleged to have been sourced from the company was posted to a popular hacking forum and contained 12.6M unique email addresses alongside names, IP addresses, genders and geographic locations. The most recent data was stamped as being recorded in November 2019.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IndiHome.png","DataClasses":["Device information","Email addresses","Genders","Geographic locations","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InflateVids","Title":"InflateVids","Domain":"tube.inflatevids.xyz","BreachDate":"2023-12-12","AddedDate":"2023-12-12T00:13:41Z","ModifiedDate":"2023-12-12T00:13:41Z","PwnCount":13405,"Description":"In December 2023, the inflatable and balloon fetish videos website \u003Ca href=\u0022https://twitter.com/InflateVids/status/1734114873317925294\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInflateVids suffered a data breach\u003C/a\u003E. The incident exposed over 13k unique email addresses alongside usernames, IP addresses, genders and SHA-1 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InflateVids.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Insanelyi","Title":"Insanelyi","Domain":"insanelyi.com","BreachDate":"2014-07-22","AddedDate":"2014-07-22T22:56:15Z","ModifiedDate":"2014-07-22T22:56:15Z","PwnCount":104097,"Description":"In July 2014, the iOS forum \u003Ca href=\u0022http://insanelyi.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInsanelyi\u003C/a\u003E was \u003Ca href=\u0022http://securityaffairs.co/wordpress/26835/hacking/hacked-bigboss-cydia.html?utm_content=bufferc7e16\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacked by an attacker known as Kim Jong-Cracks\u003C/a\u003E. A popular source of information for users of jailbroken iOS devices running Cydia, the Insanelyi breach disclosed over 104k users\u0027 emails addresses, user names and weakly hashed passwords (salted MD5).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Insanelyi.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InstantCheckmate","Title":"Instant Checkmate","Domain":"instantcheckmate.com","BreachDate":"2019-04-12","AddedDate":"2023-02-04T00:26:28Z","ModifiedDate":"2023-02-04T00:26:28Z","PwnCount":11943887,"Description":"In 2019, the public records search service \u003Ca href=\u0022https://www.instantcheckmate.com/security-incident-alert/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInstant Checkmate suffered a data breach that later came to light in early 2023\u003C/a\u003E. The data included almost 12M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InstantCheckmate.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InstitutoNacionalDeDeportesDeChile","Title":"Instituto Nacional de Deportes de Chile","Domain":"ind.cl","BreachDate":"2024-09-12","AddedDate":"2024-09-16T22:04:06Z","ModifiedDate":"2024-09-16T22:04:06Z","PwnCount":319613,"Description":"In September 2024, \u003Ca href=\u0022https://doingfedtime.com/1-7-million-users-affected-in-massive-data-breach-at-chiles-national-sports-institute/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Instituto Nacional de Deportes de Chile (Chile\u0027s National Sports Institute) suffered a data breach\u003C/a\u003E. The incident exposed 1.7M rows of data with 320k unique email addresses alongside names, dates of birth, genders and bcrypt password hashes. The newest records in the data date back to August 2022, suggesting the breach may be of an older data set.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InstitutoNacionalDeDeportesDeChile.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Intelimost","Title":"Intelimost","Domain":"intelimost.com","BreachDate":"2019-03-10","AddedDate":"2019-04-02T20:52:19Z","ModifiedDate":"2019-04-02T20:52:19Z","PwnCount":3073409,"Description":"In March 2019, \u003Ca href=\u0022https://techcrunch.com/2019/04/02/inside-a-spam-operation/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea spam operation known as \u0026quot;Intelimost\u0026quot; sent millions of emails appearing to come from people the recipients knew\u003C/a\u003E. Security researcher \u003Ca href=\u0022https://securitydiscovery.com/massive-spam-operation-uncovered-in-a-database-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBob Diachenko found over 3 million unique email addresses in an exposed Elasticsearch database\u003C/a\u003E, alongside plain text passwords used to access the victim\u0027s mailbox and customise the spam.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"InternetArchive","Title":"Internet Archive","Domain":"archive.org","BreachDate":"2024-09-28","AddedDate":"2024-10-09T22:31:53Z","ModifiedDate":"2024-10-09T22:31:53Z","PwnCount":31081179,"Description":"In September 2024, the digital library of internet sites \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInternet Archive suffered a data breach that exposed 31M records\u003C/a\u003E. The breach exposed user records including email addresses, screen names and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/InternetArchive.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Interpals","Title":"InterPals","Domain":"interpals.net","BreachDate":"2015-11-04","AddedDate":"2016-08-30T11:22:42Z","ModifiedDate":"2016-08-30T11:22:42Z","PwnCount":3439414,"Description":"In late 2015, the online penpal site InterPals had their website hacked and 3.4 million accounts exposed. The compromised data included email addresses, geographical locations, birthdates and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Interpals.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"iPmart","Title":"iPmart","Domain":"ipmart-forum.com","BreachDate":"2015-07-01","AddedDate":"2016-02-23T10:13:22Z","ModifiedDate":"2016-02-23T10:13:22Z","PwnCount":2460787,"Description":"During 2015, the \u003Ca href=\u0022http://ipmart-forum.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EiPmart forum\u003C/a\u003E (now known as Mobi NUKE) was hacked and over 2 million forum members\u0027 details were exposed. The vBulletin forum included IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 368k accounts were added to \u0026quot;Have I Been Pwned\u0026quot; in March 2016 bringing the total to over 2.4M.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/iPmart.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ixigo","Title":"ixigo","Domain":"ixigo.com","BreachDate":"2019-01-03","AddedDate":"2019-03-17T13:27:11Z","ModifiedDate":"2019-03-17T13:27:11Z","PwnCount":17204697,"Description":"In January 2019, the travel and hotel booking site \u003Ca href=\u0022https://techcrunch.com/2019/02/14/hacker-strikes-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eixigo suffered a data breach\u003C/a\u003E. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers, connections to Facebook profiles and passwords stored as MD5 hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ixigo.png","DataClasses":["Auth tokens","Device information","Email addresses","Genders","Names","Passwords","Phone numbers","Salutations","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JamTangan","Title":"Jam Tangan","Domain":"jamtangan.com","BreachDate":"2021-07-06","AddedDate":"2023-11-27T03:49:33Z","ModifiedDate":"2023-11-27T03:49:33Z","PwnCount":434784,"Description":"In July 2021, the online Indonesian watch store, Jam Tangan (AKA Machtwatch), suffered a data breach that exposed over 400k customer records which were subsequently posted to a popular hacking forum. The data included email and IP addresses, names, phone numbers, physical addresses and passwords stored as either unsalted MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JamTangan.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"James","Title":"James","Domain":"jamesdelivery.com.br","BreachDate":"2020-03-25","AddedDate":"2020-11-05T04:34:51Z","ModifiedDate":"2020-11-05T04:34:51Z","PwnCount":1541284,"Description":"In June 2020, \u003Ca href=\u0022https://www.binarydefense.com/threat_watch/seller-floods-forums-with-stolen-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E14 previously undisclosed data breaches appeared for sale\u003C/a\u003E including the Brazilian delivery service, \u0026quot;James\u0026quot;. The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations expressed in longitude and latitude and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/James.png","DataClasses":["Email addresses","Geographic locations","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JD","Title":"JD","Domain":"jd.com","BreachDate":"2013-01-01","AddedDate":"2021-06-02T07:06:02Z","ModifiedDate":"2021-06-02T07:06:02Z","PwnCount":77449341,"Description":"In 2013 (exact date unknown), the Chinese e-commerce service \u003Ca href=\u0022https://ecommercechinaagency.com/jd-ecommerce-giant-made-apology-user-data-leakage/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJD suffered a data breach\u003C/a\u003E that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JD.png","DataClasses":["Email addresses","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JDGroup","Title":"JD Group","Domain":"jdgroup.co.za","BreachDate":"2023-05-31","AddedDate":"2023-06-05T19:47:51Z","ModifiedDate":"2023-06-05T19:47:51Z","PwnCount":521878,"Description":"In May 2023, the South African retailer \u003Ca href=\u0022https://mybroadband.co.za/news/security/494239-half-a-million-customers-hit-by-incredible-hifi-corp-and-everyshop-data-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJD Group announced a data breach affecting a number of their online assets\u003C/a\u003E including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records including names, email and physical addresses, phone numbers and South African ID numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JDGroup.png","DataClasses":["Email addresses","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Jefit","Title":"Jefit","Domain":"jefit.com","BreachDate":"2020-08-11","AddedDate":"2021-04-27T23:29:31Z","ModifiedDate":"2021-04-27T23:29:31Z","PwnCount":9052457,"Description":"In August 2020, the workout tracking app \u003Ca href=\u0022https://www.jefit.com/jefit-news-product-updates/jefit-data-incident-public-announcement\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJefit suffered a data breach\u003C/a\u003E. The data was subsequently sold within the hacking community and included over 9 million email and IP addresses, usernames and passwords stored as either vBulletin or argon2 hashes. Several million cracked passwords later appeared in broad circulation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Jefit.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JobAndTalent","Title":"Jobandtalent","Domain":"jobandtalent.com","BreachDate":"2018-02-01","AddedDate":"2021-01-17T22:31:00Z","ModifiedDate":"2021-01-17T22:31:00Z","PwnCount":10981207,"Description":"In approximately February 2018, \u003Ca href=\u0022https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe employment website Jobandtalent suffered a data breach which then appeared for sale alongside other breaches a year later\u003C/a\u003E. The incident impacted 11 million subscribers and exposed their names, email and IP addresses and passwords stored as salted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JobAndTalent.png","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JobStreet","Title":"JobStreet","Domain":"jobstreet.com","BreachDate":"2012-03-07","AddedDate":"2017-10-30T01:12:14Z","ModifiedDate":"2017-10-30T01:12:14Z","PwnCount":3883455,"Description":"In October 2017, the Malaysian website \u003Ca href=\u0022https://www.lowyat.net/2017/145654/personal-data-millions-malaysians-sale-source-breach-still-unknown/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Elowyat.net ran a story on a massive set of breached data affecting millions of Malaysians\u003C/a\u003E after someone posted it for sale on their forums. The data spanned multiple separate breaches including \u003Ca href=\u0022https://www.jobstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe JobStreet jobs website\u003C/a\u003E which contained almost 4 million unique email addresses. The dates in the breach indicate the incident occurred in March 2012. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers including names, genders, birth dates, phone numbers, physical addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JobStreet.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Government issued IDs","Marital statuses","Names","Nationalities","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Jobzone","Title":"Jobzone","Domain":"jobzone.co.il","BreachDate":"2023-04-15","AddedDate":"2023-08-15T02:43:10Z","ModifiedDate":"2023-08-15T02:43:10Z","PwnCount":29708,"Description":"In April 2023, \u003Ca href=\u0022https://twitter.com/PalCyberNews/status/1647208008806461440\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the Israeli jobs website Jobzone was posted online\u003C/a\u003E. The data included 30k records of email addresses, names, social security numbers, genders, dates of birth, fathers\u0027 names and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Jobzone.png","DataClasses":["Dates of birth","Email addresses","Family members\u0027 names","Genders","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JoomlArt","Title":"JoomlArt","Domain":"joomlart.com","BreachDate":"2018-01-30","AddedDate":"2018-11-01T03:27:26Z","ModifiedDate":"2020-08-07T03:20:30Z","PwnCount":22477,"Description":"In January 2018, the Joomla template website \u003Ca href=\u0022https://www.joomlart.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJoomlArt\u003C/a\u003E inadvertently exposed more than 22k unique customer records in a Jira ticket. The exposed data was from iJoomla and JomSocial, both services that \u003Ca href=\u0022https://www.joomlart.com/blog/joomlart-acquires-ijoomla-and-jomsocial\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJoomlArt acquired the previous year\u003C/a\u003E. The data included usernames, email addresses, purchases and passwords stored as MD5 hashes. When contacted, JoomlArt advised they were aware of the incident and had previously notified impacted parties.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JoomlArt.png","DataClasses":["Email addresses","Names","Passwords","Payment histories","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JoyGames","Title":"JoyGames","Domain":"joygames.me","BreachDate":"2019-12-14","AddedDate":"2023-12-07T05:52:24Z","ModifiedDate":"2023-12-07T05:52:24Z","PwnCount":4461787,"Description":"In December 2019, the forum for the JoyGames website suffered a data breach that exposed 4.5M unique email addresses. The impacted data also included usernames, IP addresses and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JoyGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JukinMedia","Title":"JukinMedia","Domain":"jukinmedia.com","BreachDate":"2021-10-28","AddedDate":"2022-07-17T04:50:13Z","ModifiedDate":"2022-07-17T04:55:21Z","PwnCount":314290,"Description":"In October 2021, the \u0026quot;global leader in user-generated entertainment\u0026quot; \u003Ca href=\u0022https://www.databreaches.net/jukin-media-hacked-and-data-dumped-while-company-claims-a-password-reset-is-required-due-to-a-security-upgrade/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJukin Media suffered a data breach\u003C/a\u003E. The breach exposed 13GB of code, configuration and data consisting of 314k unique email addresses along with names, phone numbers, IP addresses and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JukinMedia.png","DataClasses":["Email addresses","Employers","IP addresses","Names","Occupations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"JustDate","Title":"Justdate.com","Domain":"justdate.com","BreachDate":"2016-09-29","AddedDate":"2017-02-07T01:28:41Z","ModifiedDate":"2017-02-07T01:28:41Z","PwnCount":24451312,"Description":"An alleged breach of the dating website \u003Ca href=\u0022http://www.justdate.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EJustdate.com\u003C/a\u003E began circulating in approximately September 2016. Comprised of over 24 million records, the data contained various personal attributes such as email addresses, dates of birth and physical locations. However, upon verification with HIBP subscribers, only a fraction of the data was found to be accurate and no account owners recalled using the Justdate.com service. This breach has consequently been flagged as \u003Ca href=\u0022https://www.troyhunt.com/introducing-fabricated-data-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Efabricated\u003C/a\u003E; it\u0027s highly unlikely the data was sourced from Justdate.com.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/JustDate.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names"],"IsVerified":false,"IsFabricated":true,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kaneva","Title":"Kaneva","Domain":"kaneva.com","BreachDate":"2016-07-01","AddedDate":"2023-12-09T07:00:29Z","ModifiedDate":"2023-12-09T07:00:29Z","PwnCount":3901179,"Description":"In July 2016, now defunct website Kaneva, the service to \u0026quot;build and explore virtual worlds\u0026quot;, suffered a data breach that exposed 3.9M user records. The data included email addresses, usernames, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kaneva.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KasperskyClub","Title":"Kaspersky Club","Domain":"kasperskyclub.ru","BreachDate":"2024-03-24","AddedDate":"2024-04-09T06:22:14Z","ModifiedDate":"2024-04-09T06:22:14Z","PwnCount":55971,"Description":"In March 2024, the independent fan forum \u003Ca href=\u0022https://www.hackread.com/57000-kaspersky-fan-club-forum-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKaspersky Club suffered a data breach\u003C/a\u003E. The incident exposed 56k unique email addresses alongside usernames, IP addresses and passwords stored as either MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KasperskyClub.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KayoMoe","Title":"Kayo.moe Credential Stuffing List","Domain":"","BreachDate":"2018-09-11","AddedDate":"2018-09-13T09:37:49Z","ModifiedDate":"2018-09-13T20:12:18Z","PwnCount":41826763,"Description":"In September 2018, a collection of almost 42 million email address and plain text password pairs was uploaded to the anonymous file sharing service \u003Ca href=\u0022https://kayo.moe/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ekayo.moe\u003C/a\u003E. The operator of the service contacted HIBP to report the data which, upon further investigation, turned out to be a large credential stuffing list. For more information, read about \u003Ca href=\u0022https://www.troyhunt.com/the-42m-record-kayo-moe-credential-stuffing-data\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe 42M Record kayo.moe Credential Stuffing Data\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kickstarter","Title":"Kickstarter","Domain":"kickstarter.com","BreachDate":"2014-02-16","AddedDate":"2017-10-06T07:29:07Z","ModifiedDate":"2017-10-06T07:29:07Z","PwnCount":5176463,"Description":"In February 2014, the crowdfunding platform \u003Ca href=\u0022https://www.kickstarter.com/blog/important-kickstarter-security-notice\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKickstarter announced they\u0027d suffered a data breach\u003C/a\u003E. The breach contained almost 5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kickstarter.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kimsufi","Title":"Kimsufi","Domain":"kimsufi.com","BreachDate":"2015-05-01","AddedDate":"2016-12-27T07:05:43Z","ModifiedDate":"2016-12-27T07:05:43Z","PwnCount":504565,"Description":"In mid-2015, the forum for the providers of affordable dedicated servers known as \u003Ca href=\u0022https://www.kimsufi.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKimsufi\u003C/a\u003E suffered a data breach. The vBulletin forum contained over half a million accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kimsufi.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KitchenPal","Title":"KitchenPal","Domain":"kitchenpalapp.com","BreachDate":"2023-11-14","AddedDate":"2023-11-24T20:42:36Z","ModifiedDate":"2023-11-24T20:42:36Z","PwnCount":98726,"Description":"In November 2023, the kitchen management application \u003Ca href=\u0022https://restoreprivacy.com/hackers-claim-attack-on-general-electric-leak-data-samples/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKitchenPal suffered a data breach that exposed 146k lines of data\u003C/a\u003E. When contacted about the incident, KitchenPal advised the corpus of data came from a staging environment, although acknowledged it contained a small number of users for debugging purposes and included passwords that could not be used. Impacted data included almost 100k email addresses, names, geolocations and incomplete data on dates of birth, genders, height and weight, social media profile identifiers and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KitchenPal.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Physical attributes","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KiwiFarms","Title":"KiwiFarms","Domain":"kiwifarms.net","BreachDate":"2019-09-10","AddedDate":"2019-09-17T09:48:25Z","ModifiedDate":"2019-09-17T09:54:23Z","PwnCount":4606,"Description":"In September 2019, the forum for discussing \u0026quot;lolcows\u0026quot; (people who can be milked for laughs) \u003Ca href=\u0022https://kiwifarms.net/threads/dealing-with-the-compromise.60767/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKiwi Farms suffered a data breach\u003C/a\u003E. The disclosure notice advised that email and IP addresses, dates of birth and content created by members were all exposed in the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KiwiFarms.png","DataClasses":["Avatars","Dates of birth","Email addresses","IP addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KMRU","Title":"KM.RU","Domain":"km.ru","BreachDate":"2016-02-29","AddedDate":"2016-03-03T06:12:04Z","ModifiedDate":"2016-03-03T06:12:04Z","PwnCount":1476783,"Description":"In February 2016, the Russian portal and email service \u003Ca href=\u0022http://km.ru\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKM.RU\u003C/a\u003E was the target of an attack which was consequently \u003Ca href=\u0022https://www.reddit.com/r/pwned/comments/47u1bf/operation_wrath_of_anakin_evolved\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edetailed on Reddit\u003C/a\u003E. Allegedly protesting \u0026quot;the foreign policy of Russia in regards to Ukraine\u0026quot;, KM.RU was one of several Russian sites in the breach and impacted almost 1.5M accounts including sensitive personal information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KMRU.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Recovery email addresses","Security questions and answers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KnownCircle","Title":"KnownCircle","Domain":"knowncircle.com","BreachDate":"2016-04-12","AddedDate":"2018-11-17T02:33:54Z","ModifiedDate":"2018-11-17T02:38:15Z","PwnCount":1957600,"Description":"In approximately April 2016, the \u0026quot;marketing automation for agents and professional service providers\u0026quot; company \u003Ca href=\u0022https://web.archive.org/web/20171020171534/https://knowncircle.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKnownCircle\u003C/a\u003E had a large volume of data obtained by an external party. The data belonging to the now defunct service appeared in JSON format and contained gigabytes of data related to the real estate and insurance sectors. The personal data in the breach appears to have primarily been used for marketing purposes, including logs of emails sent and tracking of gift cards. A small number of passwords for KnownCircle staff were also present and were stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KnownCircle.png","DataClasses":["Email addresses","Email messages","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Knuddels","Title":"Knuddels","Domain":"knuddels.de","BreachDate":"2018-09-05","AddedDate":"2019-04-08T21:11:56Z","ModifiedDate":"2019-04-08T21:11:56Z","PwnCount":808330,"Description":"In September 2018, the German social media website \u003Ca href=\u0022https://forum.knuddels.de/ubbthreads.php?ubb=showflat\u0026Number=2916081\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKnuddels suffered a data breach\u003C/a\u003E. The incident exposed 808k unique email addresses alongside usernames, real names, the city of the person and their password in plain text. Knuddels was \u003Ca href=\u0022https://blog.avira.com/german-flirting-network-gets-fined-20000e-for-leaking-user-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esubsequently fined \u20AC20k for the breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Knuddels.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KomplettFritid","Title":"KomplettFritid","Domain":"komplettfritid.no","BreachDate":"2021-02-01","AddedDate":"2023-01-23T22:24:47Z","ModifiedDate":"2023-01-23T22:24:47Z","PwnCount":139401,"Description":"In January 2023, \u003Ca href=\u0022https://www.digi.no/artikler/selger-datalekkasje-med-140-000-berorte-kunder-fra-lars-monsens-nettbutikk/525070\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe online Norwegian store KomplettFritid was reported as having had a data breach dating back to February 2021\u003C/a\u003E. The incident exposed 140k customer records including physical, email and IP addresses, names, phone numbers and passwords. Most passwords were stored as bcrypt hashes with a small number appearing in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KomplettFritid.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Kreditplus","Title":"Kreditplus","Domain":"kreditplus.com","BreachDate":"2020-06-23","AddedDate":"2020-08-03T03:52:51Z","ModifiedDate":"2020-08-07T03:47:45Z","PwnCount":768890,"Description":"In June 2020, the Indonesian credit service \u003Ca href=\u0022https://nakedsecurity.sophos.com/2020/07/02/133m-records-for-sale-as-fruits-of-data-breach-spree-keep-raining-down/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EKreditplus suffered a data breach\u003C/a\u003E which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup, information on spouses, income and expenses, religions and employment information. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Kreditplus.png","DataClasses":["Dates of birth","Email addresses","Employers","Family structure","Genders","Income levels","Living costs","Marital statuses","Mothers maiden names","Names","Phone numbers","Physical addresses","Places of birth","Religions","Spouses names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LaPosteMobile","Title":"La Poste Mobile","Domain":"lapostemobile.fr","BreachDate":"2022-07-04","AddedDate":"2022-07-14T00:29:21Z","ModifiedDate":"2022-07-14T00:57:52Z","PwnCount":533886,"Description":"In July 2022, the French telecommunications company \u003Ca href=\u0022https://securityaffairs.co/wordpress/133080/cyber-crime/la-poste-mobile-ransomware.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELa Poste Mobile was the target of an attack by the LockBit ransomware\u003C/a\u003E which resulted in company data being published publicly. The impacted data included 533k unique email addresses along with names, physical addresses, phone numbers, dates of births, genders and banking information. 10 days after the attack, the La Poste Mobile website remained offline.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LaPosteMobile.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lanwar","Title":"Lanwar","Domain":"lanwar.com","BreachDate":"2018-07-28","AddedDate":"2018-08-08T02:57:06Z","ModifiedDate":"2018-08-08T02:57:06Z","PwnCount":45120,"Description":"In July 2018, staff of \u003Ca href=\u0022https://lanwar.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Lanwar gaming site\u003C/a\u003E discovered a data breach they believe dates back to sometime over the previous several months. The data contained 45k names, email addresses, usernames and plain text passwords. A Lanwar staff member self-submitted the breach to HIBP and has also contacted the relevant authorities about the incident after identifying a phishing attempt to extort Bitcoin from a user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lanwar.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lastfm","Title":"Last.fm","Domain":"last.fm","BreachDate":"2012-03-22","AddedDate":"2016-09-20T20:00:49Z","ModifiedDate":"2016-09-20T20:00:49Z","PwnCount":37217682,"Description":"In March 2012, the music website \u003Ca href=\u0022https://techcrunch.com/2016/09/01/43-million-passwords-hacked-in-last-fm-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELast.fm was hacked\u003C/a\u003E and 43 million user accounts were exposed. Whilst \u003Ca href=\u0022http://www.last.fm/passwordsecurity\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELast.fm knew of an incident back in 2012\u003C/a\u003E, the scale of the hack was not known until the data was released publicly in September 2016. The breach included 37 million unique email addresses, usernames and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lastfm.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lazada","Title":"Lazada RedMart","Domain":"redmart.lazada.sg","BreachDate":"2020-07-30","AddedDate":"2020-11-10T00:58:49Z","ModifiedDate":"2020-11-10T01:01:56Z","PwnCount":1107789,"Description":"In October 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/over-1m-lazada-redmart-accounts-sold-online-after-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of Lazada RedMart data breach\u003C/a\u003E containing records as recent as July 2020 and being sold via an online marketplace. In all, the data contained 1.1 million customer email addresses alongside names, phone numbers, physical addresses, partial credit card numbers and passwords stored as SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lazada.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LBB","Title":"LBB","Domain":"lbb.in","BreachDate":"2019-02-14","AddedDate":"2023-03-05T07:35:48Z","ModifiedDate":"2023-03-05T07:35:48Z","PwnCount":39288,"Description":"In August 2022, customer data of \u003Ca href=\u0022https://lbb.in/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Indian shopping site \u0026quot;LBB\u0026quot; (Little Black Book)\u003C/a\u003E was posted to a popular hacking forum. The data contained over 3M records with 39k unique email addresses alongside IP and physical addresses, names and device information with the most recent data dating back to early 2019. LBB advised they believe the data was exposed by a third party service and whilst it contained information they retain on their customers, it had also been enriched with additional data attributes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LBB.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LDLC","Title":"LDLC","Domain":"ldlc.com","BreachDate":"2024-02-28","AddedDate":"2024-08-13T21:05:38Z","ModifiedDate":"2024-08-13T21:23:54Z","PwnCount":1266026,"Description":"In March 2024, \u003Ca href=\u0022https://www.groupe-ldlc.com/information-relative-a-un-incident-de-cybersecurite-2/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EFrench retailer LDLC disclosed a data breach that impacted customers of their physical stores\u003C/a\u003E. The data was \u003Ca href=\u0022https://x.com/H4ckManac/status/1763100569810420017\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epreviously listed for sale on a popular hacking forum\u003C/a\u003E and contained 1.26M unique email addresses along with names, phone numbers and physical addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LDLC.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeSlipFrancais","Title":"Le Slip Fran\u00E7ais","Domain":"leslipfrancais.fr","BreachDate":"2024-04-13","AddedDate":"2024-04-18T07:44:32Z","ModifiedDate":"2024-04-18T07:44:32Z","PwnCount":1495127,"Description":"In April 2024, the French underwear maker \u003Ca href=\u0022https://twitter.com/troyhunt/status/1780856574787064075\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELe Slip Fran\u00E7ais suffered a data breach\u003C/a\u003E. The breach included 1.5M email addresses, physical addresses, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LeSlipFrancais.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeadHunter","Title":"Lead Hunter","Domain":"","BreachDate":"2020-03-04","AddedDate":"2020-06-03T10:55:31Z","ModifiedDate":"2020-06-03T10:55:31Z","PwnCount":68693853,"Description":"In March 2020, \u003Ca href=\u0022https://www.troyhunt.com/the-unattributable-lead-hunter-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive trove of personal information referred to as \u0026quot;Lead Hunter\u0026quot;\u003C/a\u003E was provided to HIBP after being found left exposed on a publicly facing Elasticsearch server. The data contained 69 million unique email addresses across 110 million rows of data accompanied by additional personal information including names, phone numbers, genders and physical addresses. At the time of publishing, the breach could not be attributed to those responsible for obtaining and exposing it. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeagueOfLegends","Title":"League of Legends","Domain":"leagueoflegends.com","BreachDate":"2012-06-11","AddedDate":"2018-07-28T21:52:12Z","ModifiedDate":"2018-07-28T21:52:12Z","PwnCount":339487,"Description":"In June 2012, the multiplayer online game \u003Ca href=\u0022https://www.cio.com/article/2395205/security0/european-league-of-legends-game-players-have-their-account-data-compromised.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELeague of Legends suffered a data breach\u003C/a\u003E. At the time, the service had more than 32 million registered accounts and the breach affected various personal data attributes including \u0026quot;encrypted\u0026quot; passwords. In 2018, a 339k record subset of the data emerged with email addresses, usernames and plain text passwords, likely cracked from the original cryptographically protected ones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LeagueOfLegends.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LeakedReality","Title":"Leaked Reality","Domain":"leakedreality.com","BreachDate":"2022-01-31","AddedDate":"2023-03-31T01:38:59Z","ModifiedDate":"2023-03-31T01:38:59Z","PwnCount":114907,"Description":"In January 2022, \u003Ca href=\u0022https://twitter.com/LeakedReality/status/1531953947216338945\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe now defunct uncensored video website Leaked Reality\u003C/a\u003E suffered a data breach that exposed 115k unique email addresses. The data also included usernames, IP addresses and passwords stored as either MD5 or phpass hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LeakedReality.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ledger","Title":"Ledger","Domain":"ledger.com","BreachDate":"2020-06-25","AddedDate":"2020-12-20T21:14:56Z","ModifiedDate":"2020-12-20T21:14:56Z","PwnCount":1075241,"Description":"In June 2020, the hardware crypto wallet manufacturer \u003Ca href=\u0022https://www.ledger.com/addressing-the-july-2020-e-commerce-and-marketing-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELedger suffered a data breach that exposed over 1 million email addresses\u003C/a\u003E. The data was initially sold before being dumped publicly in December 2020 and included names, physical addresses and phone numbers. The data was provided to HIBP by \u003Ca href=\u0022https://twitter.com/UnderTheBreach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAlon Gal, CTO of cybercrime intelligence firm Hudson Rock\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ledger.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Leet","Title":"Leet","Domain":"leet.cc","BreachDate":"2016-09-10","AddedDate":"2016-09-30T22:00:48Z","ModifiedDate":"2016-09-30T22:00:48Z","PwnCount":5081689,"Description":"In August 2016, the service for creating and running Pocket Minecraft edition servers known as \u003Ca href=\u0022http://news.softpedia.com/news/data-for-6-million-minecraft-gamers-stolen-from-leet-cc-servers-507445.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELeet was reported as having suffered a data breach that impacted 6 million subscribers\u003C/a\u003E. The incident reported by Softpedia had allegedly taken place earlier in the year, although the data set sent to HIBP was dated as recently as early September but contained only 2 million subscribers. The data included usernames, email and IP addresses and SHA512 hashes. A further 3 million accounts were obtained and added to HIBP several days after the initial data was loaded bringing the total to over 5 million.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Leet.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LegendasTV","Title":"Legendas.TV","Domain":"legendas.tv","BreachDate":"2017-10-01","AddedDate":"2024-01-04T17:10:04Z","ModifiedDate":"2024-01-04T17:10:04Z","PwnCount":3869181,"Description":"In October 2017, the now defunct Brazilian service for retrieving subtitles in Portuguese \u003Ca href=\u0022https://www.hackread.com/dark-web-hacker-selling-accounts-on-dream-market/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELegendas.TV suffered a data breach that exposed nearly 4M customer records\u003C/a\u003E. The impacted data included names, usernames, email and IP addresses and unsalted SHA-1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LegendasTV.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Life360","Title":"Life360","Domain":"life360.com","BreachDate":"2024-03-01","AddedDate":"2024-07-20T21:40:31Z","ModifiedDate":"2024-07-22T20:46:04Z","PwnCount":442519,"Description":"In July 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata scraped from a misconfigured Life360 API was posted online after being obtained several months earlier\u003C/a\u003E. The records included 443k unique email addresses and in most cases, corresponding names and phone numbers (some records were null or obfuscated). Life360 promptly notified impacted users after the incident was discovered.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Life360.png","DataClasses":["Email addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lifebear","Title":"Lifebear","Domain":"lifebear.com","BreachDate":"2019-02-28","AddedDate":"2020-05-25T04:02:18Z","ModifiedDate":"2020-05-25T04:02:18Z","PwnCount":3670561,"Description":"In early 2019, the Japanese schedule app \u003Ca href=\u0022https://www.zdnet.com/article/round-4-hacker-returns-and-puts-26mil-user-records-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELifebear appeared for sale on a dark web marketplace amongst a raft of other hacked websites\u003C/a\u003E. The breach exposed almost 3.7M unique email addresses, usernames and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lifebear.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lifeboat","Title":"Lifeboat","Domain":"lbsg.net","BreachDate":"2016-01-01","AddedDate":"2016-04-25T21:51:50Z","ModifiedDate":"2016-04-25T21:51:50Z","PwnCount":7089395,"Description":"In January 2016, the Minecraft community known as Lifeboat \u003Ca href=\u0022https://motherboard.vice.com/read/another-day-another-hack-7-million-emails-and-hashed-passwords-for-minecraft\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and more than 7 million accounts leaked\u003C/a\u003E. Lifeboat knew of the incident for three months before the breach was made public but elected not to advise customers. The leaked data included usernames, email addresses and passwords stored as straight MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lifeboat.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LightsHope","Title":"Light\u0027s Hope","Domain":"lightshope.org","BreachDate":"2018-06-25","AddedDate":"2018-07-04T13:32:01Z","ModifiedDate":"2018-07-04T13:32:01Z","PwnCount":30484,"Description":"In June 2018, the World of Warcraft service \u003Ca href=\u0022https://lightshope.org/news/forum-breach-summary-of-investigation-and-final-report\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELight\u0027s Hope suffered a data breach\u003C/a\u003E which they subsequently self-submitted to HIBP. Over 30K unique users were impacted and their exposed data included email addresses, dates of birth, private messages and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LightsHope.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Liker","Title":"Liker","Domain":"liker.com","BreachDate":"2021-03-08","AddedDate":"2021-03-13T04:15:16Z","ModifiedDate":"2021-03-24T01:57:46Z","PwnCount":465141,"Description":"In March 2021, the self-proclaimed \u0026quot;kinder, smarter social network\u0026quot; \u003Ca href=\u0022https://liker.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELiker\u003C/a\u003E suffered a data breach, allegedly in retaliation for the Gab data breach and scraping of data from Parler. The site remained offline after the breach which exposed 465k email addresses in addition to names, dates of birth, education levels, private messages, security questions and answers in plain text, passwords stored as bcrypt hashes and other personal data attributes. Liker did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Liker.png","DataClasses":["Auth tokens","Dates of birth","Education levels","Email addresses","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Private messages","Security questions and answers","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LimeVPN","Title":"LimeVPN","Domain":"limevpn.com","BreachDate":"2020-10-08","AddedDate":"2023-02-06T21:42:01Z","ModifiedDate":"2023-02-06T21:42:01Z","PwnCount":23348,"Description":"In October 2020, the VPN provider \u003Ca href=\u0022https://threatpost.com/hacked-data-limevpn-dark-web/167492/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELimeVPN suffered a data breach that exposed the personal information of tens of thousands of customers\u003C/a\u003E. The data included email, IP and physical addresses, names, phone numbers, purchase histories and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LimeVPN.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinkedIn","Title":"LinkedIn","Domain":"linkedin.com","BreachDate":"2012-05-05","AddedDate":"2016-05-21T21:35:40Z","ModifiedDate":"2016-05-21T21:35:40Z","PwnCount":164611595,"Description":"In May 2016, \u003Ca href=\u0022https://www.troyhunt.com/observations-and-thoughts-on-the-linkedin-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELinkedIn had 164 million email addresses and passwords exposed\u003C/a\u003E. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinkedIn.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinkedInScrape2023","Title":"LinkedIn Scraped and Faked Data (2023)","Domain":"linkedin.com","BreachDate":"2023-11-04","AddedDate":"2023-11-07T07:12:02Z","ModifiedDate":"2024-06-04T19:46:37Z","PwnCount":19788753,"Description":"In November 2023, \u003Ca href=\u0022https://troyhunt.com/hackers-scrapers-fakers-whats-really-inside-the-latest-linkedin-dataset\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea post to a popular hacking forum alleged that millions of LinkedIn records had been scraped and leaked\u003C/a\u003E. On investigation, the data turned out to be a combination of legitimate data scraped from LinkedIn and email addresses constructed from impacted individuals\u0027 names.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinkedIn.png","DataClasses":["Email addresses","Genders","Geographic locations","Job titles","Names","Professional skills","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinkedInScrape","Title":"LinkedIn Scraped Data (2021)","Domain":"linkedin.com","BreachDate":"2021-04-08","AddedDate":"2021-10-02T21:39:21Z","ModifiedDate":"2023-11-07T06:51:33Z","PwnCount":125698496,"Description":"During the first half of 2021, \u003Ca href=\u0022https://www.businessinsider.com.au/linkedin-data-scraped-500-million-users-for-sale-online-2021-4\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELinkedIn was targeted by attackers who scraped data from hundreds of millions of public profiles and later sold them online\u003C/a\u003E. Whilst the scraping did not constitute a data breach nor did it access any personal data not intended to be publicly accessible, the data was still monetised and later broadly circulated in hacking circles. The scraped data contains approximately 400M records with 125M unique email addresses, as well as names, geographic locations, genders and job titles. LinkedIn specifically addresses the incident in their post on \u003Ca href=\u0022https://news.linkedin.com/2021/june/an-update-from-linkedin\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EAn update on report of scraped data\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinkedIn.png","DataClasses":["Education levels","Email addresses","Genders","Geographic locations","Job titles","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinuxForums","Title":"Linux Forums","Domain":"linuxforums.org","BreachDate":"2018-05-01","AddedDate":"2018-06-07T12:55:25Z","ModifiedDate":"2024-09-04T23:38:20Z","PwnCount":275785,"Description":"In May 2018, \u003Ca href=\u0022https://web.archive.org/web/20180502093437/http://www.linuxforums.org/forum\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Linux Forums website\u003C/a\u003E suffered a data breach which resulted in the disclosure of 276k unique email addresses. Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes. Linux Forums did not respond to multiple attempts to contact them about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinuxForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LinuxMint","Title":"Linux Mint","Domain":"linuxmint.com","BreachDate":"2016-02-21","AddedDate":"2016-02-22T01:28:08Z","ModifiedDate":"2016-02-22T01:28:08Z","PwnCount":144989,"Description":"In February 2016, the website for the Linux distro known as Linux Mint \u003Ca href=\u0022http://thehackernews.com/2016/02/linux-mint-hack.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and the ISO infected with a backdoor\u003C/a\u003E. The site also ran a phpBB forum which was subsequently put up for sale complete with almost 145k email addresses, passwords and other personal subscriber information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LinuxMint.png","DataClasses":["Avatars","Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Time zones","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LittleMonsters","Title":"Little Monsters","Domain":"littlemonsters.com","BreachDate":"2017-01-01","AddedDate":"2017-03-07T20:39:08Z","ModifiedDate":"2017-03-07T20:39:08Z","PwnCount":995698,"Description":"In approximately January 2017, \u003Ca href=\u0022https://www.heise.de/security/meldung/Little-Monsters-Nutzerdaten-aus-Lady-Gagas-Social-Network-sollen-geleakt-sein-3646447.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Lady Gaga fan site known as \u0026quot;Little Monsters\u0026quot; suffered a data breach that impacted 1 million accounts\u003C/a\u003E. The data contained usernames, email addresses, dates of birth and bcrypt hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LittleMonsters.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LiveAuctioneers","Title":"LiveAuctioneers","Domain":"liveauctioneers.com","BreachDate":"2020-06-19","AddedDate":"2020-08-22T04:38:40Z","ModifiedDate":"2020-08-22T04:54:52Z","PwnCount":3385862,"Description":"In June 2020, the online antiques marketplace \u003Ca href=\u0022https://portswigger.net/daily-swig/liveauctioneers-data-breach-millions-of-cracked-passwords-for-sale-say-researchers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELiveAuctioneers suffered a data breach\u003C/a\u003E which was subsequently sold online then extensively redistributed in the hacking community. The data contained 3.4 million records including names, email and IP addresses, physical addresses, phones numbers and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LiveAuctioneers.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LiveJournal","Title":"LiveJournal","Domain":"livejournal.com","BreachDate":"2017-01-01","AddedDate":"2020-05-26T22:05:10Z","ModifiedDate":"2020-05-26T23:08:58Z","PwnCount":26372781,"Description":"In mid-2019, \u003Ca href=\u0022https://news.ycombinator.com/item?id=20426997\u0026fbclid=IwAR22KoBod2B44XzYbPziwh1RoT_M8ll3Uf8Ods7TpF8mPdSGo3PKYQEx9_k\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of an alleged LiveJournal data breach\u003C/a\u003E. This followed \u003Ca href=\u0022https://twitter.com/rahaeli/status/1265316773508927488\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emultiple reports of credential abuse against Dreamwidth beginning in 2018\u003C/a\u003E, a fork of LiveJournal with a significant crossover in user base. The breach allegedly dates back to 2017 and contains 26M unique usernames and email addresses (both of which have been confirmed to exist on LiveJournal) alongside plain text passwords. An archive of the data was subsequently shared on a popular hacking forum in May 2020 and redistributed broadly. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LiveJournal.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Livpure","Title":"Livpure","Domain":"livpure.com","BreachDate":"2020-08-29","AddedDate":"2021-05-22T01:46:59Z","ModifiedDate":"2021-05-23T00:18:00Z","PwnCount":269552,"Description":"In August 2020, the Indian retailer \u003Ca href=\u0022https://cloudsek.com/threatintelligence/over-a-million-pii-of-livpure-customers-leak-on-cybercrime-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELivpure suffered a data breach\u003C/a\u003E which exposed over 1 million customer purchases with 270 thousand unique email addresses. The data also included names, phone numbers, physical addresses and details of purchased items. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Livpure.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LizardSquad","Title":"Lizard Squad","Domain":"lizardstresser.su","BreachDate":"2015-01-16","AddedDate":"2015-01-18T01:24:24Z","ModifiedDate":"2015-01-18T01:24:24Z","PwnCount":13451,"Description":"In January 2015, the hacker collective known as \u0026quot;Lizard Squad\u0026quot; created a DDoS service by the name of \u0026quot;Lizard Stresser\u0026quot; which could be procured to mount attacks against online targets. Shortly thereafter, the service \u003Ca href=\u0022https://krebsonsecurity.com/2015/01/another-lizard-arrested-lizard-lair-hacked/\u0022\u003Esuffered a data breach\u003C/a\u003E which resulted in the public disclosure of over 13k user accounts including passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LizardSquad.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Locally","Title":"Locally","Domain":"locally.com","BreachDate":"2022-10-01","AddedDate":"2023-07-10T11:09:43Z","ModifiedDate":"2023-07-10T11:12:48Z","PwnCount":362619,"Description":"In October 2022, \u0026quot;The Industry\u0027s Leading Online-to-Offline Shopping Solution\u0026quot; \u003Ca href=\u0022https://twitter.com/troyhunt/status/1677855117960441858\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELocally suffered a data breach\u003C/a\u003E. Whilst Locally acknowledged the breach privately, it\u0027s unknown whether impacted customers were subsequently notified of the incident which exposed over 362k names, phone numbers, email and physical addresses, purchases, credit card type and last four digits and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Locally.png","DataClasses":["Email addresses","Partial credit card data","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lolzteam","Title":"Lolzteam","Domain":"lolzteam.net","BreachDate":"2018-05-13","AddedDate":"2022-11-06T02:58:23Z","ModifiedDate":"2022-11-06T02:58:23Z","PwnCount":398011,"Description":"In May 2018, the Russian hacking forum \u003Ca href=\u0022https://medium.com/breach-report/data-hacking-news-over-405-000-hackers-from-lolzteam-net-exposed-3121555080cc\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELolzteam suffered a data breach that exposed 400k members\u003C/a\u003E. The impacted data included usernames and email addresses which were later redistributed via another hacking forum. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;ZAN @ BF\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lolzteam.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lookbook","Title":"Lookbook","Domain":"lookbook.nu","BreachDate":"2012-08-24","AddedDate":"2016-11-08T09:03:44Z","ModifiedDate":"2016-11-08T09:03:44Z","PwnCount":1074948,"Description":"In August 2012, the fashion site \u003Ca href=\u0022https://www.hackread.com/hacker-selling-million-lookbook-accounts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELookbook suffered a data breach\u003C/a\u003E. The data later appeared listed for sale in June 2016 and included 1.1 million usernames, email and IP addresses, birth dates and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lookbook.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Lookiero","Title":"Lookiero","Domain":"lookiero.com","BreachDate":"2024-03-27","AddedDate":"2024-08-30T05:23:12Z","ModifiedDate":"2024-08-30T05:23:12Z","PwnCount":4981760,"Description":"In August 2024, \u003Ca href=\u0022https://x.com/DailyDarkWeb/status/1825895814385856678\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach from the online styling service Lookiero was posted to a popular hacking forum\u003C/a\u003E. Dating back to March 2024, the data included 5M unique email addresses, with many of the records also including name, phone number and physical address. When contacted about the incident, Lookiero advised that they would \u0026quot;look into it and get back to you if necessary\u0026quot;. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Lookiero.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LOTR","Title":"Lord of the Rings Online","Domain":"lotro.com","BreachDate":"2013-08-01","AddedDate":"2016-03-12T12:46:03Z","ModifiedDate":"2016-03-12T12:46:03Z","PwnCount":1141278,"Description":"In August 2013, the interactive video game \u003Ca href=\u0022https://www.lotro.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELord of the Rings Online\u003C/a\u003E suffered a data breach that exposed over 1.1M players\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LOTR.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LoungeBoard","Title":"Lounge Board","Domain":"loungeboard.net","BreachDate":"2013-08-01","AddedDate":"2014-07-06T10:22:01Z","ModifiedDate":"2014-07-06T10:22:01Z","PwnCount":45018,"Description":"At some point in 2013, 45k accounts were \u003Ca href=\u0022http://leak.sx/thread-186921\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreached from the Lounge Board \u0022General Discussion Forum\u0022 and then dumped publicly\u003C/a\u003E. Lounge Board was a MyBB forum launched in 2012 and discontinued in mid 2013 (the last activity in the logs was from August 2013).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LoungeBoard.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LuLu","Title":"LuLu","Domain":"luluhypermarket.com","BreachDate":"2024-07-06","AddedDate":"2024-08-02T02:59:07Z","ModifiedDate":"2024-08-10T07:06:17Z","PwnCount":2796835,"Description":"In July 2024, \u003Ca href=\u0022https://www.csoonline.com/article/2516119/hackers-steal-data-of-200k-lulu-customers-in-an-alleged-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Emirati-based LuLu retail store suffered a data breach\u003C/a\u003E. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;. The following month, the threat of leaking the full database was carried out and a backup from October 2022 with a further 2.6M unique email addresses appeared. This data also included names, physical addresses, orders and PBKDF2 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LuLu.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LuminPDF","Title":"Lumin PDF","Domain":"luminpdf.com","BreachDate":"2019-04-01","AddedDate":"2019-09-18T05:00:15Z","ModifiedDate":"2019-09-18T05:00:15Z","PwnCount":15453048,"Description":"In April 2019, the PDF management service \u003Ca href=\u0022https://www.zdnet.com/article/data-of-24-3-million-lumin-pdf-users-shared-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELumin PDF suffered a data breach\u003C/a\u003E. The breach wasn\u0027t publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a MongoDB instance after which Lumin PDF was allegedly been \u0026quot;contacted multiple times, but ignored all the queries\u0026quot;. The exposed data included names, email addresses, genders, spoken language and either a bcrypt password hash or Google auth token. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LuminPDF.png","DataClasses":["Auth tokens","Email addresses","Genders","Names","Passwords","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Luxottica","Title":"Luxottica","Domain":"luxottica.com","BreachDate":"2021-03-16","AddedDate":"2023-05-19T20:24:45Z","ModifiedDate":"2023-05-19T20:24:45Z","PwnCount":77093812,"Description":"In March 2021, the world\u0027s largest eyewear company \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/luxottica-confirms-2021-data-breach-after-info-of-70m-leaks-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELuxoticca suffered a data breach via one of their partners that exposed the personal information of more than 70M people\u003C/a\u003E. The data was subsequently sold via a popular hacking forum in late 2022 and included email and physical addresses, names, genders, dates of birth and phone numbers. In a statement from Luxottica, they advised they were aware of the incident and are currently \u0026quot;considering other notification obligations\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Luxottica.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"LyricsMania","Title":"Lyrics Mania","Domain":"lyricsmania.com","BreachDate":"2017-12-21","AddedDate":"2018-01-15T06:32:46Z","ModifiedDate":"2018-01-15T06:32:46Z","PwnCount":109202,"Description":"In December 2017, the song lyrics website known as \u003Ca href=\u0022https://www.lyricsmania.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ELyrics Mania\u003C/a\u003E suffered a data breach. The data in the breach included 109k usernames, email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/streamlining-data-breach-disclosure-a-step-by-step-process\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENumerous attempts were made to contact Lyrics Mania about the incident\u003C/a\u003E, however no responses were received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/LyricsMania.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MacForums","Title":"Mac Forums","Domain":"mac-forums.com","BreachDate":"2016-07-03","AddedDate":"2018-10-29T23:47:44Z","ModifiedDate":"2018-10-29T23:50:37Z","PwnCount":326714,"Description":"In July 2016, the self-proclaimed \u0026quot;Ultimate Source For Your Mac\u0026quot; website \u003Ca href=\u0022https://www.mac-forums.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMac Forums\u003C/a\u003E suffered a data breach. The vBulletin-based system exposed over 326k usernames, email and IP addresses, dates of birth and passwords stored as salted MD5 hashes. The data was later discovered being traded on a popular hacking forum. Mac Forums did not respond when contacted about the incident via their contact us form.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MacForums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MacGeneration","Title":"MacGeneration","Domain":"macg.co","BreachDate":"2022-01-29","AddedDate":"2022-03-03T03:07:19Z","ModifiedDate":"2022-03-03T03:24:04Z","PwnCount":101004,"Description":"In January 2022, the French Apple news website \u003Ca href=\u0022https://www.macg.co/macgeneration/2022/02/macgeneration-victime-dune-attaque-informatique-127149\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMacGeneration suffered a data breach\u003C/a\u003E. The incident exposed over 100k usernames, email addresses and passwords stored as salted SHA-512 hashes. After discovering the incident, MacGeneration self-submitted data to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MacGeneration.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mac-Torrents","Title":"Mac-Torrents","Domain":"mac-torrents.com","BreachDate":"2015-10-31","AddedDate":"2015-10-31T23:54:26Z","ModifiedDate":"2015-10-31T23:54:26Z","PwnCount":93992,"Description":"In October 2015, the torrent site \u003Ca href=\u0022http://www.mac-torrents.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMac-Torrents\u003C/a\u003E was hacked and almost 94k usernames, email addresses and passwords were leaked. The passwords were hashed with MD5 and no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mac-Torrents.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MagicDuel","Title":"MagicDuel","Domain":"magicduel.com","BreachDate":"2023-08-02","AddedDate":"2023-08-02T23:22:58Z","ModifiedDate":"2023-08-02T23:22:58Z","PwnCount":138443,"Description":"In August 2023, \u003Ca href=\u0022https://magicduel.com/page/Announcement/view/5952\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe MagicDuel Adventure website suffered a data breach that exposed 138k user records\u003C/a\u003E. The data included player names, email and IP addresses and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","IP addresses","Nicknames","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MailRu","Title":"mail.ru Dump","Domain":"mail.ru","BreachDate":"2014-09-10","AddedDate":"2014-09-12T04:50:22Z","ModifiedDate":"2018-01-09T03:38:56Z","PwnCount":16630988,"Description":"In September 2014, several large dumps of user accounts appeared on the \u003Ca href=\u0022https://forum.btcsec.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERussian Bitcoin Security Forum\u003C/a\u003E including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain. Whilst \u003Ca href=\u0022http://globalvoicesonline.org/2014/09/10/russia-email-yandex-mailru-passwords-hacking/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eunlikely to be the result of a direct attack against mail.ru\u003C/a\u003E, the credentials were confirmed by many as legitimate for other services they had subscribed to. Further data allegedly valid for mail.ru and containing email addresses and plain text passwords was added in January 2018 bringing to total to more than 16M records. The incident was also then flagged as \u0026quot;unverified\u0026quot;, a concept that was \u003Ca href=\u0022https://www.troyhunt.com/introducing-unverified-breaches-to-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eintroduced after the initial data load in 2014\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MailRu.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MajorGeeks","Title":"MajorGeeks","Domain":"majorgeeks.com","BreachDate":"2015-11-15","AddedDate":"2016-03-03T02:45:09Z","ModifiedDate":"2016-03-03T02:45:09Z","PwnCount":269548,"Description":"In November 2015, almost 270k accounts from the \u003Ca href=\u0022http://www.majorgeeks.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMajorGeeks\u003C/a\u003E support forum were breached. The accounts were being actively sold and traded online and included email addresses, salted password hashes and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MajorGeeks.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MalindoAir","Title":"MalindoAir","Domain":"malindoair.com","BreachDate":"2019-03-01","AddedDate":"2023-09-14T08:52:38Z","ModifiedDate":"2023-09-14T08:52:38Z","PwnCount":4328232,"Description":"In early 2019, the Malaysian airline \u003Ca href=\u0022https://vpnoverview.com/news/malindo-air-data-leak-reveals-info-of-60-million-passengers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMalindo Air suffered a data breach that exposed tens of millions of customer records\u003C/a\u003E. Containing 4.3M unique email addresses, the breach also exposed extensive personal information including names, dates of birth, genders, physical addresses, phone numbers and passport details. The data was later extensively shared on popular hacking forums.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MalindoAir.png","DataClasses":["Dates of birth","Email addresses","Genders","Loyalty program details","Names","Nationalities","Passport numbers","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MallCZ","Title":"MALL.cz","Domain":"mall.cz","BreachDate":"2017-07-27","AddedDate":"2017-09-04T12:46:39Z","ModifiedDate":"2017-09-04T12:46:39Z","PwnCount":735405,"Description":"In July 2017, the Czech Republic e-commerce site \u003Ca href=\u0022https://blog.mall.cz/o-nas/q-a-vse-co-jste-chteli-vedet-o-bezpecnosti-na-mall-cz-451.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMALL.cz suffered a data breach\u003C/a\u003E after which 735k unique accounts including email addresses, names, phone numbers and passwords were later posted online. Whilst passwords were stored as hashes, \u003Ca href=\u0022https://pulse.michalspacek.cz/passwords/storages/site/www.mall.cz\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea number of different algorithms of varying strength were used over time\u003C/a\u003E. All passwords included in the publicly distributed data were in plain text and were likely just those that had been successfully cracked (members with strong passwords don\u0027t appear to be included). According to MALL.cz, the breach only impacted accounts created before 2015.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MallCZ.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Malwarebytes","Title":"Malwarebytes","Domain":"malwarebytes.org","BreachDate":"2014-11-15","AddedDate":"2016-03-09T11:15:43Z","ModifiedDate":"2016-03-09T11:15:43Z","PwnCount":111623,"Description":"In November 2014, the \u003Ca href=\u0022http://www.scmagazine.com/malwarebytes-forum-hacked/article/385187/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMalwarebytes forum was hacked\u003C/a\u003E and 111k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Malwarebytes.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MangaTraders","Title":"Manga Traders","Domain":"mangatraders.com","BreachDate":"2014-06-09","AddedDate":"2014-06-10T03:49:45Z","ModifiedDate":"2019-05-13T12:24:00Z","PwnCount":855249,"Description":"In June 2014, the Manga trading website \u003Ca href=\u0022http://www.mangatraders.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMangatraders.com\u003C/a\u003E had the usernames and passwords of over 900k users \u003Ca href=\u0022http://boards.4chan.org/a/thread/108603065/mangatraders-has-been-hacked-emails-and-passwords\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eleaked on the internet\u003C/a\u003E (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them vulnerable to being easily cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MangaTraders.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MangaDex","Title":"MangaDex","Domain":"mangadex.org","BreachDate":"2021-03-22","AddedDate":"2021-04-25T21:38:51Z","ModifiedDate":"2021-04-25T21:41:24Z","PwnCount":2987329,"Description":"In March 2021, the manga fan site \u003Ca href=\u0022https://portswigger.net/daily-swig/mangadex-website-taken-offline-following-cyber-attack-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMangaDex suffered a data breach\u003C/a\u003E that resulted in the exposure of almost 3 million subscribers. The data included email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was subsequently circulated within hacking groups.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MangaDex.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MangaFox","Title":"MangaFox.me","Domain":"mangafox.me","BreachDate":"2016-06-01","AddedDate":"2018-03-17T01:43:24Z","ModifiedDate":"2018-03-17T01:43:24Z","PwnCount":1311610,"Description":"In approximately July 2016, the manga website known as \u003Ca href=\u0022http://mangafox.me\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emangafox.me\u003C/a\u003E suffered a data breach. The vBulletin based forum exposed 1.3 million accounts including usernames, email and IP addresses, dates of birth and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MangaFox.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mangatoon","Title":"Mangatoon","Domain":"mangatoon.mobi","BreachDate":"2022-05-13","AddedDate":"2022-07-06T21:04:25Z","ModifiedDate":"2022-07-06T21:04:25Z","PwnCount":23040238,"Description":"In May 2022, the Hong Kong based Manga service \u003Ca href=\u0022https://mangatoon.mobi/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMangatoon\u003C/a\u003E suffered a data breach that exposed 23M subscriber records. The breach exposed names, email addresses, genders, social media account identities, auth tokens from social logins and passwords stored as salted MD5 hashes. Mangatoon did not respond to multiple attempts to make contact regarding the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mangatoon.png","DataClasses":["Auth tokens","Avatars","Email addresses","Genders","Names","Passwords","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ManipulatedCaiman","Title":"Manipulated Caiman","Domain":"","BreachDate":"2023-07-16","AddedDate":"2023-08-15T07:06:49Z","ModifiedDate":"2023-08-15T07:06:49Z","PwnCount":39901389,"Description":"In July 2023, \u003Ca href=\u0022https://perception-point.io/blog/manipulated-caiman-the-sophisticated-snare-of-mexicos-banking-predators-technical-edition/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPerception Point reported on a phishing operation dubbed \u0026quot;Manipulated Caiman\u0026quot;\u003C/a\u003E. Targeting primarily the citizens of Mexico, the campaign attempted to gain access to victims\u0027 bank accounts via spear phishing attacks using malicious attachments. Researchers obtained almost 40M email addresses targeted in the campaign and provided the data to HIBP to alert potential victims.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mappery","Title":"Mappery","Domain":"mappery.com","BreachDate":"2018-12-11","AddedDate":"2018-12-18T16:19:50Z","ModifiedDate":"2018-12-18T16:19:50Z","PwnCount":205242,"Description":"In December 2018, the mapping website \u003Ca href=\u0022http://www.mappery.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMappery\u003C/a\u003E suffered a data breach that exposed over 205k unique email addresses. The incident also exposed usernames, the geographic location of the user and passwords stored as unsalted SHA-1 hashes. No response was received from Mappery when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mappery.png","DataClasses":["Email addresses","Geographic locations","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MarketMoveis","Title":"Market Moveis","Domain":"marketmoveis.pt","BreachDate":"2023-08-30","AddedDate":"2024-09-01T07:22:42Z","ModifiedDate":"2024-09-01T07:35:32Z","PwnCount":28220,"Description":"In August 2023, the Portuguese home decor company \u003Ca href=\u0022https://portaldaqueixa.com/brands/market-moveis/complaints/market-moveis-encomenda-atrasada-nao-respondem-emails-nem-chamadas-e-email-fraudulento-98633223\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMarket Moveis suffered a data breach\u003C/a\u003E that impacted 28k records. The exposed records were limited to names and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MarketMoveis.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mashable","Title":"Mashable","Domain":"mashable.com","BreachDate":"2020-06-01","AddedDate":"2020-11-10T04:33:56Z","ModifiedDate":"2020-11-10T04:56:58Z","PwnCount":1414677,"Description":"In approximately mid-2020, \u003Ca href=\u0022https://portswigger.net/daily-swig/data-breach-at-mashable-leaks-users-nbsp-personal-information-online\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMashable suffered a data breach\u003C/a\u003E that subsequently turned up publicly in November 2020. The data included 1.4 million unique email addresses along with names, genders, expired auth tokens, physical locations, links to social media profiles and days and months of birth. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mashable.png","DataClasses":["Auth tokens","Email addresses","Genders","Geographic locations","IP addresses","Names","Partial dates of birth","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MasterDeeds","Title":"Master Deeds","Domain":"","BreachDate":"2017-03-14","AddedDate":"2017-10-18T11:01:46Z","ModifiedDate":"2017-10-18T11:03:37Z","PwnCount":2257930,"Description":"In March 2017, a 27GB database backup file named \u0022Master Deeds\u0022 was sent to HIBP by a supporter of the project. Upon detailed analysis later that year, the file was found to contain the personal data of tens of millions of living and deceased South African residents. The data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government issued personal identification numbers and 2.2 million email addresses. At the time of publishing, \u003Ca href=\u0022https://www.iafrikan.com/2017/10/18/dracore-data-sciences/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eit\u0027s alleged the data was sourced from Dracore Data Sciences\u003C/a\u003E (Dracore is yet to publicly confirm or deny the data was sourced from their systems). On 18 October 2017, the file was found to have been published to a publicly accessible web server where it was located at the root of an IP address with directory listing enabled. The file was dated 8 April 2015.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MasterDeeds.png","DataClasses":["Dates of birth","Deceased statuses","Email addresses","Employers","Ethnicities","Genders","Government issued IDs","Home ownership statuses","Job titles","Names","Nationalities","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MastercardPricelessSpecials","Title":"Mastercard Priceless Specials","Domain":"specials.mastercard.de","BreachDate":"2019-08-20","AddedDate":"2019-09-01T20:37:49Z","ModifiedDate":"2019-09-01T20:37:49Z","PwnCount":89388,"Description":"In August 2019, \u003Ca href=\u0022https://www.spiegel.de/netzwelt/web/mastercard-datenleck-bei-bonusprogramm-a-1282697.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe German Mastercard bonus program \u0026quot;Priceless Specials\u0026quot; suffered a data breach\u003C/a\u003E. Personal data on almost 90k program members was subsequently extensively circulated online and included names, email and IP addresses, phone numbers and partial credit card data. Following the incident, the program was subsequently suspended.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mastercard.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mate1","Title":"Mate1.com","Domain":"mate1.com","BreachDate":"2016-02-29","AddedDate":"2016-04-14T23:37:15Z","ModifiedDate":"2016-04-14T23:37:15Z","PwnCount":27393015,"Description":"In February 2016, the dating site \u003Ca href=\u0022http://motherboard.vice.com/read/hacker-claims-to-have-sold-27m-dating-site-passwords-mate1-com-hell-forum\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emate1.com suffered a huge data breach\u003C/a\u003E resulting in the disclosure of over 27 million subscribers\u0027 information. The data included deeply personal information about their private lives including drug and alcohol habits, incomes levels and sexual fetishes as well as passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mate1.png","DataClasses":["Astrological signs","Dates of birth","Drinking habits","Drug habits","Education levels","Email addresses","Ethnicities","Fitness levels","Genders","Geographic locations","Income levels","Job titles","Names","Parenting plans","Passwords","Personal descriptions","Physical attributes","Political views","Relationship statuses","Religions","Sexual fetishes","Travel habits","Usernames","Website activity","Work habits"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Mathway","Title":"Mathway","Domain":"mathway.com","BreachDate":"2020-01-13","AddedDate":"2020-06-05T23:59:45Z","ModifiedDate":"2020-06-05T23:59:45Z","PwnCount":25692862,"Description":"In January 2020, the math solving website \u003Ca href=\u0022https://www.zdnet.com/article/25-million-user-records-leak-online-from-popular-math-app-mathway/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMathway suffered a data breach that exposed over 25M records\u003C/a\u003E. The data was subsequently sold on a dark web marketplace and included names, Google and Facebook IDs, email addresses and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mathway.png","DataClasses":["Device information","Email addresses","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MCBans","Title":"MCBans","Domain":"mcbans.com","BreachDate":"2016-10-27","AddedDate":"2017-07-23T05:34:55Z","ModifiedDate":"2017-07-23T05:34:55Z","PwnCount":119948,"Description":"In October 2016, the Minecraft banning service known as \u003Ca href=\u0022https://www.mcbans.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMCBans\u003C/a\u003E suffered a data breach resulting in the exposure of 120k unique user records. The data contained email and IP addresses, usernames and password hashes of unknown format. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MCBans.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MDPI","Title":"MDPI","Domain":"mdpi.com","BreachDate":"2016-08-30","AddedDate":"2018-03-25T22:50:36Z","ModifiedDate":"2018-03-25T22:50:36Z","PwnCount":845012,"Description":"In August 2016, the Swiss scholarly open access publisher known as \u003Ca href=\u0022http://mdpi.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMDPI\u003C/a\u003E had 17.5GB of data obtained from an unprotected Mongo DB instance. The data contained email exchanges between MDPI and their authors and reviewers which included 845k unique email addresses. MDPI have confirmed that the system has since been protected and that no data of a sensitive nature was impacted. As such, they concluded that notification to their subscribers was not necessary due to the fact that all their authors and reviewers are available online on their website.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MDPI.png","DataClasses":["Email addresses","Email messages","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MechoDownload","Title":"Mecho Download","Domain":"mechodownload.com","BreachDate":"2013-10-31","AddedDate":"2022-08-02T04:04:59Z","ModifiedDate":"2022-08-02T04:10:06Z","PwnCount":437928,"Description":"In October 2013, the (now defunct) downloads website \u0026quot;Mecho Download\u0026quot; suffered a data breach that exposed 438k records. Data from the vBulletin based website included email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MechoDownload.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MediaWorks","Title":"MediaWorks","Domain":"mediaworks.co.nz","BreachDate":"2023-03-15","AddedDate":"2024-03-22T06:43:09Z","ModifiedDate":"2024-03-22T06:43:09Z","PwnCount":162710,"Description":"In March 2024, \u003Ca href=\u0022https://www.rnz.co.nz/news/national/512042/mediaworks-data-breach-hackers-email-victims-demanding-820\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emillions of rows of data from the New Zealand media company MediaWorks was publicly posted to a popular hacking forum\u003C/a\u003E. The incident exposed 163k unique email addresses provided by visitors who filled out online competitions and included names, physical addresses, phone numbers, dates of birth, genders and the responses to questions in the competition. Some victims of the breach subsequently received ransom demands requesting payment to have their data deleted.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MediaWorks.png","DataClasses":["Dates of birth","Email addresses","Genders","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MeetMindful","Title":"MeetMindful","Domain":"meetmindful.com","BreachDate":"2020-01-26","AddedDate":"2021-01-31T02:59:06Z","ModifiedDate":"2021-01-31T02:59:06Z","PwnCount":1422717,"Description":"In early 2020, the online dating service \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-data-of-2-28-million-dating-site-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMeetMindful suffered a data breach\u003C/a\u003E that exposed 1.4 million unique customer email addresses. Included in the data was an extensive array of personal information used to find romantic matches including physical attributes, use of alcohol, drugs and cigarettes, marital statuses, birthdates, genders and the gender being sought. Additional personal information such as names, geographical locations and IP addresses were also exposed, along with passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MeetMindful.png","DataClasses":["Dates of birth","Drinking habits","Drug habits","Email addresses","Genders","Geographic locations","IP addresses","Marital statuses","Names","Passwords","Physical attributes","Religions","Sexual orientations","Smoking habits","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MemeChat","Title":"MemeChat","Domain":"memechat.app","BreachDate":"2022-06-01","AddedDate":"2023-10-29T05:02:56Z","ModifiedDate":"2023-10-29T05:02:56Z","PwnCount":4348570,"Description":"In mid-2022, \u0026quot;the ultimate hub of memes\u0026quot; \u003Ca href=\u0022https://twitter.com/search?q=memechat%20breach\u0026src=typed_query\u0026f=media\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMemeChat suffered a data breach that exposed 7.4M records\u003C/a\u003E. Alleged to be due to a misconfigured Elasticsearch instance, the data contained 4.3M unique email addresses alongside usernames.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MemeChat.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MEO","Title":"MEO","Domain":"meoair.com","BreachDate":"2020-12-24","AddedDate":"2023-04-24T02:39:49Z","ModifiedDate":"2023-04-24T02:39:49Z","PwnCount":8227,"Description":"In early 2023, a corpus of data sourced from the New Zealand based face mask company \u003Ca href=\u0022https://www.meoair.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMEO\u003C/a\u003E was discovered. Dating back to December 2020, the data contained over 8k customer records including names, addresses, phone numbers and passwords stored as MD5 Wordpress hashes. MEO did not respond to multiple attempts to report the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MEO.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MGM","Title":"MGM Resorts","Domain":"mgmresorts.com","BreachDate":"2019-07-25","AddedDate":"2020-02-20T00:52:55Z","ModifiedDate":"2020-02-20T01:00:57Z","PwnCount":3081321,"Description":"In July 2019, \u003Ca href=\u0022https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMGM Resorts discovered a data breach of one of their cloud services\u003C/a\u003E. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed. The data was provided to HIBP by \u003Ca href=\u0022https://underthebreach.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUnder The Breach\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MGM.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MGM2022Update","Title":"MGM Resorts (2022 Update)","Domain":"mgmresorts.com","BreachDate":"2019-07-25","AddedDate":"2022-05-29T01:43:46Z","ModifiedDate":"2022-05-29T01:43:46Z","PwnCount":24842001,"Description":"In July 2019, \u003Ca href=\u0022https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMGM Resorts discovered a data breach of one of their cloud services\u003C/a\u003E. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. In May 2022, \u003Ca href=\u0022https://www.vpnmentor.com/blog/mgm-leaked-on-telegram/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea superset of the data totalling almost 25M unique email addresses across 142M rows was extensively shared on Telegram\u003C/a\u003E. On analysis, it\u0027s highly likely the data stems from the same incident \u003Ca href=\u0022https://www.zdnet.com/article/a-hacker-is-selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewith 142M records having been discovered for sale on a dark web marketplace in mid-2020\u003C/a\u003E. The exposed data included email and physical addresses, names, phone numbers and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MGM.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MindJolt","Title":"Mindjolt","Domain":"mindjolt.com","BreachDate":"2019-03-18","AddedDate":"2019-07-13T19:21:12Z","ModifiedDate":"2023-10-04T08:17:42Z","PwnCount":28364826,"Description":"In March 2019, the online gaming website \u003Ca href=\u0022https://www.zdnet.com/article/a-hacker-has-dumped-nearly-one-billion-user-records-over-the-past-two-months/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMindJolt suffered a data breach that exposed 28M unique email addresses\u003C/a\u003E. Also impacted were names and dates of birth, but no passwords. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Mindjolt.png","DataClasses":["Dates of birth","Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MinecraftPocketEditionForum","Title":"Minecraft Pocket Edition Forum","Domain":"minecraftpeforum.net","BreachDate":"2015-05-24","AddedDate":"2015-06-30T09:19:43Z","ModifiedDate":"2015-06-30T09:19:43Z","PwnCount":16034,"Description":"In May 2015, the \u003Ca href=\u0022http://www.databreaches.net/minecraft-pocket-edition-forum-hacked-dumped/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinecraft Pocket Edition forum was hacked\u003C/a\u003E and over 16k accounts were dumped public. Allegedly hacked by \u003Ca href=\u0022https://twitter.com/rmsg0d\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E@rmsg0d\u003C/a\u003E, the forum data included numerous personal pieces of data for each user. The forum has subsequently been decommissioned.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MinecraftPocketEditionForum.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MinecraftWorldMap","Title":"Minecraft World Map","Domain":"minecraftworldmap.com","BreachDate":"2016-01-15","AddedDate":"2016-08-29T01:07:38Z","ModifiedDate":"2016-08-29T01:07:38Z","PwnCount":71081,"Description":"In approximately January 2016, the Minecraft World Map site designed for sharing maps created for the game was hacked and over 71k user accounts were exposed. The data included usernames, email and IP addresses along with salted and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MinecraftWorldMap.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Minefield","Title":"Minefield","Domain":"minefield.fr","BreachDate":"2015-06-28","AddedDate":"2016-03-09T08:18:43Z","ModifiedDate":"2016-03-09T08:18:43Z","PwnCount":188343,"Description":"In June 2015, the French Minecraft server known as \u003Ca href=\u0022https://www.minefield.fr\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinefield\u003C/a\u003E was hacked and 188k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Minefield.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Minehut","Title":"Minehut","Domain":"minehut.com","BreachDate":"2019-05-17","AddedDate":"2019-09-17T08:27:31Z","ModifiedDate":"2019-11-17T23:14:18Z","PwnCount":396533,"Description":"In May 2019, the Minecraft server website \u003Ca href=\u0022https://minehut.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinehut\u003C/a\u003E suffered a data breach. The company advised a database backup had been obtained after which they subsequently notified all impacted users. 397k email addresses from the incident were provided to HIBP. A data set with both email addresses and bcrypt password hashes was also later provided to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Minehut.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Minted","Title":"Minted","Domain":"minted.com","BreachDate":"2020-05-06","AddedDate":"2020-11-03T06:21:01Z","ModifiedDate":"2020-11-03T06:21:01Z","PwnCount":4418182,"Description":"In May 2020, the online marketplace for independent artists \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/minted-discloses-data-breach-after-5m-user-records-sold-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMinted suffered a data breach\u003C/a\u003E that exposed 4.4M unique customer records subsequently sold on a dark web marketplace. Exposed data also included names, physical addresses, phone numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Minted.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Flipkart","Title":"Misattributed Flipkart Data","Domain":"","BreachDate":"2022-09-02","AddedDate":"2024-03-12T05:09:11Z","ModifiedDate":"2024-05-02T23:00:46Z","PwnCount":552094,"Description":"In September 2022, \u003Ca href=\u0022https://izoologic.com/region/central-asia/a-new-alleged-flipkart-data-breach-was-discovered-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 500k customer records alleged to have been sourced from the Indian e-commerce service Flipkart appeared on a popular hacking forum\u003C/a\u003E. Flipkart subsequently reviewed the data and concluded there was minimal overlap with their subscriber base and was not sourced from their services. The data included email addresses, latitudes and longitudes, names and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Geographic locations","Names","Phone numbers"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Habibs","Title":"Misattributed Habib\u0027s Data","Domain":"habibs.com.br","BreachDate":"2021-08-05","AddedDate":"2024-03-10T03:31:15Z","ModifiedDate":"2024-05-25T21:24:28Z","PwnCount":3517679,"Description":"In August 2021, an allegation was made that the Brazilian fast food company \u0026quot;Habib\u0027s\u0026quot; had suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. Upon thorough investigation, parent company Gennius concluded that the information in the breach was not related to any databases that hold their customers\u0027 personal information and had been misattributed to Habib\u0027s. The corpus of data contained 3.5M unique email addresses along with IP addresses, names, phone numbers, dates of birth and links to social media profiles.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Social media profiles"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MMGFusion","Title":"MMG Fusion","Domain":"mmgfusion.com","BreachDate":"2020-12-20","AddedDate":"2021-08-07T23:46:32Z","ModifiedDate":"2021-08-07T23:46:32Z","PwnCount":2660295,"Description":"In December 2020, the dental practice management service \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/02/19/dark-web-roundup-january-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMMG Fusion was the victim of a data breach\u003C/a\u003E which exposed 2.6M unique email addresses. The data also included patient appointments, names, phone numbers, dates of birth, genders and physical addresses. A small number of records also included passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MMGFusion.png","DataClasses":["Appointments","Dates of birth","Email addresses","Genders","Marital statuses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MobiFriends","Title":"MobiFriends","Domain":"mobifriends.com","BreachDate":"2020-01-06","AddedDate":"2021-05-23T03:16:52Z","ModifiedDate":"2021-05-23T03:16:52Z","PwnCount":3512952,"Description":"In January 2020, the Barcelona-based dating app \u003Ca href=\u0022https://www.zdnet.com/article/dating-app-mobifriends-silent-on-security-breach-impacting-3-6-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMobiFriends suffered a data breach\u003C/a\u003E that exposed 3.5 million unique email addresses. The data also included usernames, genders, dates of birth and MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MobiFriends.png","DataClasses":["Dates of birth","Email addresses","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MoDaCo","Title":"MoDaCo","Domain":"modaco.com","BreachDate":"2016-01-01","AddedDate":"2016-09-20T07:32:50Z","ModifiedDate":"2016-09-20T07:32:50Z","PwnCount":879703,"Description":"In approximately January 2016, the UK based Android community known as \u003Ca href=\u0022http://www.modaco.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMoDaCo\u003C/a\u003E suffered a data breach which exposed 880k subscriber identities. The data included email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MoDaCo.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ModernBusinessSolutions","Title":"Modern Business Solutions","Domain":"modbsolutions.com","BreachDate":"2016-10-08","AddedDate":"2016-10-12T09:09:11Z","ModifiedDate":"2016-10-12T09:09:11Z","PwnCount":58843488,"Description":"In October 2016, a large Mongo DB file containing tens of millions of accounts \u003Ca href=\u0022https://twitter.com/0x2Taylor/status/784544208879292417\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas shared publicly on Twitter\u003C/a\u003E (the file has since been removed). The database contained over 58M unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of birth and phone numbers. The data was subsequently \u003Ca href=\u0022http://news.softpedia.com/news/hacker-steals-58-million-user-records-from-data-storage-provider-509190.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattributed to \u0026quot;Modern Business Solutions\u0026quot;\u003C/a\u003E, a company that provides data storage and database hosting solutions. They\u0027ve yet to acknowledge the incident or explain how they came to be in possession of the data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ModernBusinessSolutions.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MoneyBookers","Title":"Money Bookers","Domain":"moneybookers.com","BreachDate":"2009-01-01","AddedDate":"2015-11-30T09:21:55Z","ModifiedDate":"2015-11-30T09:21:55Z","PwnCount":4483605,"Description":"Sometime in 2009, the e-wallet service known as Money Bookers \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2015/11/30/paysafe-optimal-neteller-moneybookers-gambling-cyberattacks-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach which exposed almost 4.5M customers\u003C/a\u003E. Now called Skrill, the breach was not discovered until October 2015 and included names, email addresses, home addresses and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MoneyBookers.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Moneycontrol","Title":"Moneycontrol","Domain":"moneycontrol.com","BreachDate":"2017-09-07","AddedDate":"2021-05-22T22:37:30Z","ModifiedDate":"2021-05-22T22:37:30Z","PwnCount":762874,"Description":"In April 2021, \u003Ca href=\u0022https://www.opindia.com/2021/04/personal-details-of-over-seven-lakh-moneycontrol-users-up-for-sale/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackers posted data for sale originating from the online Indian financial platform, Moneycontrol\u003C/a\u003E. The data included 763 thousand unique email addresses (allegedly a subset of a larger 40 million account breach), alongside geographic locations, phone numbers, genders, dates of birth and plain text passwords. The date of the original breach is unclear, although the breached data indicates the file was created in September 2017 and Moneycontrol has stated that the breach is \u0026quot;an old data set\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Moneycontrol.png","DataClasses":["Email addresses","Genders","Geographic locations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MoreleNet","Title":"Morele.net","Domain":"morele.net","BreachDate":"2018-10-10","AddedDate":"2019-04-20T22:57:28Z","ModifiedDate":"2019-04-20T22:57:28Z","PwnCount":2467304,"Description":"In October 2018, the Polish e-commerce website \u003Ca href=\u0022https://niebezpiecznik.pl/post/morele-potwierdza-ze-wykradziono-dane-klientow/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMorele.net suffered a data breach\u003C/a\u003E. The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MoreleNet.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MortalOnline","Title":"Mortal Online","Domain":"mortalonline.com","BreachDate":"2018-06-17","AddedDate":"2018-08-31T05:38:46Z","ModifiedDate":"2018-09-24T21:05:18Z","PwnCount":606637,"Description":"In June 2018, the massively multiplayer online role-playing game (MMORPG) \u003Ca href=\u0022https://account.mortalonline.com/breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMortal Online suffered a data breach\u003C/a\u003E. A file containing 570k email addresses and cracked passwords was subsequently distributed online. A larger more complete file containing 607k email addresses with original unsalted MD5 password hashes along with names, usernames and physical addresses was later provided and the original breach in HIBP was updated accordingly. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MortalOnline.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MovieForums","Title":"Movie Forums","Domain":"movieforums.com","BreachDate":"2022-11-24","AddedDate":"2023-12-08T02:45:49Z","ModifiedDate":"2023-12-08T02:45:49Z","PwnCount":39914,"Description":"In December 2022, \u003Ca href=\u0022https://www.movieforums.com/community/showthread.php?t=67897\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Movie Forums website suffered a data breach\u003C/a\u003E that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MovieForums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MovieBoxPro","Title":"MovieBoxPro","Domain":"movieboxpro.app","BreachDate":"2024-04-15","AddedDate":"2024-04-30T01:54:06Z","ModifiedDate":"2024-04-30T01:54:06Z","PwnCount":6009014,"Description":"In April 2024, over 6M records from the streaming service MovieBoxPro were scraped from a vulnerable API. Of questionable legality, the service \u003Ca href=\u0022https://twitter.com/troyhunt/status/1784701384266543128\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eprovided no contact information to disclose the incident\u003C/a\u003E, although reportedly the vulnerability was rectified after being mass enumerated.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MovieBoxPro.png","DataClasses":["Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MPGH","Title":"MPGH","Domain":"mpgh.net","BreachDate":"2015-10-22","AddedDate":"2015-10-26T03:20:20Z","ModifiedDate":"2015-10-26T03:20:20Z","PwnCount":3122898,"Description":"In October 2015, the multiplayer game hacking website \u003Ca href=\u0022http://www.mpgh.net\u0022\u003EMPGH was hacked\u003C/a\u003E and 3.1 million user accounts disclosed. The vBulletin forum breach contained usernames, email addresses, IP addresses and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MPGH.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MrGreenGaming","Title":"Mr. Green Gaming","Domain":"mrgreengaming.com","BreachDate":"2024-03-01","AddedDate":"2024-03-03T06:28:42Z","ModifiedDate":"2024-03-03T06:41:04Z","PwnCount":27123,"Description":"In March 2024, the online games community Mr. Green Gaming suffered a data breach that exposed 27k user records. Acknowledged on their Discord server, the incident exposed email and IP addresses, usernames, geographic locations and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MrGreenGaming.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MrExcel","Title":"MrExcel","Domain":"mrexcel.com","BreachDate":"2016-12-05","AddedDate":"2017-01-22T07:39:17Z","ModifiedDate":"2017-01-22T07:39:17Z","PwnCount":366140,"Description":"In December 2016, the forum for the Microsoft Excel tips and solutions site \u003Ca href=\u0022http://www.mrexcel.com/details-of-data-breach-at-mrexcel-com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMr Excel suffered a data breach\u003C/a\u003E. The hack of the vBulletin forum led to the exposure of over 366k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5. The owner of the MrExcel forum subsequently self-submitted the data to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MrExcel.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Social connections","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"mSpy","Title":"mSpy","Domain":"mspy.com","BreachDate":"2015-05-14","AddedDate":"2015-05-28T18:09:16Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":699793,"Description":"In May 2015, the \u0026quot;monitoring\u0026quot; software known as \u003Ca href=\u0022http://www.mspy.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EmSpy\u003C/a\u003E suffered a \u003Ca href=\u0022http://krebsonsecurity.com/2015/05/mobile-spy-software-maker-mspy-hacked-customer-data-leaked/#more-30913\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Emajor data breach\u003C/a\u003E. The software (allegedly often used to spy on unsuspecting victims), stored extensive personal information within their online service which after being breached, was made freely available on the internet.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/mSpy.png","DataClasses":["Device usage tracking data"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"mSpy2024","Title":"mSpy (2024)","Domain":"mspy.com","BreachDate":"2024-06-09","AddedDate":"2024-07-11T19:29:21Z","ModifiedDate":"2024-07-12T23:43:02Z","PwnCount":2394179,"Description":"In June 2024, \u003Ca href=\u0022https://techcrunch.com/2024/07/11/mspy-spyware-millions-customers-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea huge trove of data from spyware maker mSpy was obtained by hacktivists and published online\u003C/a\u003E. Comprising of 142GB of user data and support tickets along with 176GB of more than half a million attachments, the data contained 2.4M unique email addresses, IP addresses names and photos. The data was predominantly support tickets seeking help to install the spyware on target devices, whilst the attachments contained various data including screen grans of financial transactions, photos of credit cards and nude selfies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/mSpy.png","DataClasses":["Email addresses","IP addresses","Names","Photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Muah","Title":"Muah.AI","Domain":"muah.ai","BreachDate":"2024-09-17","AddedDate":"2024-10-08T22:05:01Z","ModifiedDate":"2024-10-08T22:05:01Z","PwnCount":1910261,"Description":"In September 2024, \u003Ca href=\u0022https://www.404media.co/hacked-ai-girlfriend-data-shows-prompts-describing-child-sexual-abuse-2/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe \u0026quot;AI girlfriend\u0026quot; website Muah.AI suffered a data breach\u003C/a\u003E. The breach exposed 1.9M email addresses alongside prompts to generate AI-based images. Many of the prompts were highly sexual in nature, with many also describing child exploitation scenarios.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MuahAI.png","DataClasses":["Email addresses","Sexual fetishes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MultiplayerIt","Title":"Multiplayer.it","Domain":"multiplayer.it","BreachDate":"2018-09-01","AddedDate":"2024-08-01T08:55:16Z","ModifiedDate":"2024-08-01T19:28:20Z","PwnCount":503957,"Description":"In April 2024, \u003Ca href=\u0022https://twitter.com/DarkWebInformer/status/1779593190141554871\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover half a million records taken from the Italian gaming website Multiplayer.it were posted to a popular hacking forum\u003C/a\u003E. The impacted data included email addresses, usernames and salted MD5 password hashes. Multiplayer.it subsequently confirmed the breach dated back 6 years to September 2018 and was merely re-posted in 2024.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MultiplayerIt.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MuslimDirectory","Title":"Muslim Directory","Domain":"muslimdirectory.co.uk","BreachDate":"2014-02-17","AddedDate":"2014-02-23T03:09:38Z","ModifiedDate":"2014-02-23T03:09:38Z","PwnCount":37784,"Description":"In February 2014, the UK guide to services and business known as the Muslim Directory was \u003Ca href=\u0022http://www.cyberwarnews.info/2014/02/17/muslim-directory-hacked-38903-user-credentials-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked by the hacker known as @th3inf1d3l\u003C/a\u003E. The data was consequently dumped publicly and included the web accounts of tens of thousands of users which contained data including their names, home address, age group, email, website activity and password in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MuslimDirectory.png","DataClasses":["Age groups","Email addresses","Employers","Names","Passwords","Phone numbers","Physical addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MuslimMatch","Title":"Muslim Match","Domain":"muslimmatch.com","BreachDate":"2016-06-24","AddedDate":"2016-06-29T19:08:15Z","ModifiedDate":"2020-08-07T23:29:01Z","PwnCount":149830,"Description":"In June 2016, \u003Ca href=\u0022https://motherboard.vice.com/read/hacked-private-messages-from-dating-site-muslim-match\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Muslim Match dating website had 150k email addresses exposed\u003C/a\u003E. The data included private chats and messages between relationship seekers and numerous other personal attributes including passwords hashed with MD5.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MuslimMatch.png","DataClasses":["Chat logs","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","User statuses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyFHA","Title":"MyFHA","Domain":"myfha.net","BreachDate":"2015-02-18","AddedDate":"2018-08-09T20:26:35Z","ModifiedDate":"2018-08-09T20:26:35Z","PwnCount":972629,"Description":"In approximately February 2015, the home financing website \u003Ca href=\u0022https://web.archive.org/web/20180324231131/http://myfha.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyFHA\u003C/a\u003E suffered a data breach which disclosed the personal information of nearly 1 million people. The data included extensive personal information relating to home financing including personal contact info, credit statuses, household incomes, loan amounts and notes on personal circumstances, often referring to legal issues, divorces and health conditions. Multiple parties contacted HIBP with the data after which MyFHA was alerted in mid-July and acknowledged the legitimacy of the breach then took the site offline.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyFHA.png","DataClasses":["Credit status information","Email addresses","Income levels","IP addresses","Loan information","Names","Passwords","Personal descriptions","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyFitnessPal","Title":"MyFitnessPal","Domain":"myfitnesspal.com","BreachDate":"2018-02-01","AddedDate":"2019-02-21T19:28:46Z","ModifiedDate":"2019-02-21T20:00:56Z","PwnCount":143606147,"Description":"In February 2018, the diet and exercise service \u003Ca href=\u0022https://content.myfitnesspal.com/security-information/FAQ.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyFitnessPal suffered a data breach\u003C/a\u003E. The incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords stored as SHA-1 and bcrypt hashes (the former for earlier accounts, the latter for newer accounts). In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyFitnessPal.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyHeritage","Title":"MyHeritage","Domain":"myheritage.com","BreachDate":"2017-10-26","AddedDate":"2019-02-20T21:04:04Z","ModifiedDate":"2019-02-20T21:04:04Z","PwnCount":91991358,"Description":"In October 2017, the genealogy website \u003Ca href=\u0022https://blog.myheritage.com/2018/06/myheritage-statement-about-a-cybersecurity-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyHeritage suffered a data breach\u003C/a\u003E. The incident was reported 7 months later after a security researcher discovered the data and contacted MyHeritage. In total, more than 92M customer records were exposed and included email addresses and salted SHA-1 password hashes. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyHeritage.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyPertamina","Title":"MyPertamina","Domain":"mypertamina.id","BreachDate":"2022-11-01","AddedDate":"2024-01-27T05:19:27Z","ModifiedDate":"2024-01-27T05:19:27Z","PwnCount":5970416,"Description":"In November 2022, the Indonesian oil and gas company \u003Ca href=\u0022https://voi.id/en/technology/226367\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPertamina suffered a data breach of their MyPertamina service\u003C/a\u003E. The incident exposed 44M records with 6M unique email addresses along with names, dates of birth, genders, physical addresses and purchases.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyPertamina.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"myRepoSpace","Title":"myRepoSpace","Domain":"myrepospace.com","BreachDate":"2015-07-06","AddedDate":"2015-07-08T08:44:51Z","ModifiedDate":"2015-07-08T08:44:51Z","PwnCount":252751,"Description":"In July 2015, the Cydia repository known as \u003Ca href=\u0022https://myrepospace.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EmyRepoSpace\u003C/a\u003E was hacked and \u003Ca href=\u0022https://www.reddit.com/r/jailbreak/comments/3c9qr1/discussion_myrepospace_user_data_leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Euser data leaked publicly\u003C/a\u003E. Cydia is designed to facilitate the installation of apps on jailbroken iOS devices. The repository service was allegedly hacked by \u003Ca href=\u0022https://twitter.com/its_not_herpes\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E@its_not_herpes\u003C/a\u003E and \u003Ca href=\u0022https://twitter.com/0x8badfl00d\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E0x8badfl00d\u003C/a\u003E in retaliation for the service refusing to remove pirated tweaks.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/myRepoSpace.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MySpace","Title":"MySpace","Domain":"myspace.com","BreachDate":"2008-07-01","AddedDate":"2016-05-31T00:12:29Z","ModifiedDate":"2016-05-31T00:12:29Z","PwnCount":359420698,"Description":"In approximately 2008, \u003Ca href=\u0022http://motherboard.vice.com/read/427-million-myspace-passwords-emails-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMySpace suffered a data breach that exposed almost 360 million accounts\u003C/a\u003E. In May 2016 the data was offered up for sale on the \u0026quot;Real Deal\u0026quot; dark market website and included email addresses, usernames and SHA1 hashes of the first 10 characters of the password converted to lowercase and stored without a salt. The exact breach date is unknown, but \u003Ca href=\u0022https://www.troyhunt.com/dating-the-ginormous-myspace-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eanalysis of the data suggests it was 8 years before being made public\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MySpace.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"MyVidster","Title":"MyVidster","Domain":"myvidster.com","BreachDate":"2015-08-15","AddedDate":"2015-10-10T07:06:17Z","ModifiedDate":"2015-10-10T07:06:17Z","PwnCount":19863,"Description":"In August 2015, the social video sharing and bookmarking site \u003Ca href=\u0022https://www.reddit.com/r/pwned/comments/3h4tud/myvidstercom_hacked_1_million_member_database/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EMyVidster was hacked\u003C/a\u003E and nearly 20,000 accounts were dumped online. The dump included usernames, email addresses and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/MyVidster.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NamelessMalware","Title":"Nameless Malware","Domain":"","BreachDate":"2020-01-01","AddedDate":"2021-06-09T10:28:14Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":1121484,"Description":"In January 2021, \u003Ca href=\u0022http://troyhunt.com/nameless-malware-discovered-by-nordlocker-is-now-in-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENordLocker provided HIBP 1.1 million email addresses collected by nameless malware\u003C/a\u003E. The malware campaign ran between 2018 and 2020 and infected 3.25 million computers, stealing files, credentials and taking screenshots and photos using the computer\u0027s webcam. \u003Ca href=\u0022https://nordlocker.com/malware-analysis/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more in NordLocker\u0027s writeup about the Nameless malware that stole 1.2 TB of private data.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":false},{"Name":"NapsGear","Title":"NapsGear","Domain":"napsgear.org","BreachDate":"2015-10-21","AddedDate":"2018-09-10T11:07:00Z","ModifiedDate":"2018-09-10T11:07:00Z","PwnCount":287071,"Description":"In October 2015, the anabolic steroids retailer \u003Ca href=\u0022https://thinksteroids.com/community/threads/warning-naps-customer-database-compromised.134375549/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENapsGear suffered a data breach\u003C/a\u003E. An extensive amount of personal information on 287k customers was exposed including email addresses, names, addresses, phone numbers, purchase histories and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NapsGear.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NationalPublicData","Title":"National Public Data","Domain":"","BreachDate":"2024-04-09","AddedDate":"2024-08-13T18:09:46Z","ModifiedDate":"2024-08-13T18:09:46Z","PwnCount":133957569,"Description":"In April 2024, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-3-billion-people-national-public-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large trove of data made headlines as having exposed \u0026quot;3 billion people\u0026quot; due to a breach of the National Public Data background check service\u003C/a\u003E. The initial corpus of data released in the breach contained billions of rows of personal information, including US social security numbers. Further partial data sets were later released including extensive personal information and 134M unique email addresses, although the origin and accuracy of the data remains in question. This breach has been flagged as \u0026quot;unverified\u0026quot; and a full description of the incident is in the link above.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Genders","Government issued IDs","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NaughtyAmerica","Title":"Naughty America","Domain":"naughtyamerica.com","BreachDate":"2016-03-14","AddedDate":"2016-04-24T06:14:42Z","ModifiedDate":"2016-04-24T06:14:42Z","PwnCount":1398630,"Description":"In March 2016, the adult website \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2016/04/14/naughty-america-fappening-hacked-porn-sites/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENaughty America was hacked and the data consequently sold online\u003C/a\u003E. The breach included data from numerous systems with various personal identity attributes, the largest of which had passwords stored as easily crackable MD5 hashes. There were 1.4 million unique email addresses in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NaughtyAmerica.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NazApi","Title":"Naz.API","Domain":"","BreachDate":"2023-09-20","AddedDate":"2024-01-17T13:24:27Z","ModifiedDate":"2024-01-17T13:24:27Z","PwnCount":70840771,"Description":"In September 2023, \u003Ca href=\u0022https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 100GB of stealer logs and credential stuffing lists titled \u0026quot;Naz.API\u0026quot; was posted to a popular hacking forum\u003C/a\u003E. The incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairs obtained from unnamed sources. In total, the corpus of data included 71M unique email addresses and 100M unique passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NeimanMarcus","Title":"Neiman Marcus","Domain":"neimanmarcus.com","BreachDate":"2024-04-14","AddedDate":"2024-07-09T19:27:32Z","ModifiedDate":"2024-07-09T19:27:32Z","PwnCount":31152842,"Description":"In May 2024, the American luxury retailer Neiman Marcus suffered a data breach \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewhich was later posted to a popular hacking forum\u003C/a\u003E. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NeimanMarcus.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NemoWeb","Title":"NemoWeb","Domain":"nemoweb.net","BreachDate":"2016-09-04","AddedDate":"2018-09-19T03:53:20Z","ModifiedDate":"2018-09-24T05:09:56Z","PwnCount":3472916,"Description":"In September 2016, almost 21GB of data from the French website used for \u0026quot;standardised and decentralized means of exchange for publishing newsgroup articles\u0026quot; \u003Ca href=\u0022http://www.nemoweb.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENemoWeb\u003C/a\u003E was leaked from what appears to have been an unprotected Mongo DB. The data consisted of a large volume of emails sent to the service and included almost 3.5M unique addresses, albeit many of them auto-generated. Multiple attempts were made to contact the operators of NemoWeb but no response was received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NemoWeb.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Neopets","Title":"Neopets","Domain":"neopets.com","BreachDate":"2013-05-05","AddedDate":"2016-07-07T23:00:10Z","ModifiedDate":"2016-07-07T23:00:10Z","PwnCount":26892897,"Description":"In May 2016, \u003Ca href=\u0022http://motherboard.vice.com/read/neopets-hack-another-day-another-hack-tens-of-millions-of-neopets-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea set of breached data originating from the virtual pet website \u0026quot;Neopets\u0026quot; was found being traded online\u003C/a\u003E. Allegedly hacked \u0026quot;several years earlier\u0026quot;, the data contains sensitive personal information including birthdates, genders and names as well as almost 27 million unique email addresses. Passwords were stored in plain text and IP addresses were also present in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Neopets.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NetEase","Title":"NetEase","Domain":"163.com","BreachDate":"2015-10-19","AddedDate":"2016-10-09T06:13:31Z","ModifiedDate":"2016-10-09T06:13:31Z","PwnCount":234842089,"Description":"In October 2015, the Chinese site known as \u003Ca href=\u0022http://www.163.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetEase\u003C/a\u003E (located at \u003Ca href=\u0022http://www.163.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E163.com\u003C/a\u003E) was \u003Ca href=\u0022http://news.mydrivers.com/1/452/452173.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereported as having suffered a data breach that impacted hundreds of millions of subscribers\u003C/a\u003E. Whilst there is evidence that the data itself is legitimate (multiple HIBP subscribers confirmed a password they use is in the data), due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NetEase.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Neteller","Title":"Neteller","Domain":"neteller.com","BreachDate":"2010-05-17","AddedDate":"2015-11-30T10:26:47Z","ModifiedDate":"2015-11-30T10:26:47Z","PwnCount":3619948,"Description":"In May 2010, the e-wallet service known as Neteller \u003Ca href=\u0022http://www.forbes.com/sites/thomasbrewster/2015/11/30/paysafe-optimal-neteller-moneybookers-gambling-cyberattacks-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach which exposed over 3.6M customers\u003C/a\u003E. The breach was not discovered until October 2015 and included names, email addresses, home addresses and account balances.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Neteller.png","DataClasses":["Account balances","Dates of birth","Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses","Security questions and answers","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NetGalley","Title":"NetGalley","Domain":"netgalley.com","BreachDate":"2020-12-21","AddedDate":"2021-02-23T01:38:21Z","ModifiedDate":"2021-11-25T22:08:12Z","PwnCount":1436435,"Description":"In December 2020, the book promotion site \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/netgalley-discloses-data-breach-after-website-was-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetGalley suffered a data breach\u003C/a\u003E. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to pom@pompur.in.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NetGalley.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Netlog","Title":"Netlog","Domain":"netlog.com","BreachDate":"2012-11-01","AddedDate":"2019-07-15T10:25:07Z","ModifiedDate":"2019-07-15T10:25:07Z","PwnCount":49038354,"Description":"In July 2018, the Belgian social networking site \u003Ca href=\u0022https://oag.ca.gov/system/files/Communication%20to%20Users%20-%20FINAL_0.pdf\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetlog identified a data breach of their systems dating back to November 2012 (PDF)\u003C/a\u003E. Although the service was discontinued in 2015, the data breach still impacted 49 million subscribers for whom email addresses and plain text passwords were exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Netlog.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NetProspex","Title":"NetProspex","Domain":"netprospex.com","BreachDate":"2016-09-01","AddedDate":"2017-03-15T01:57:04Z","ModifiedDate":"2017-03-15T01:57:04Z","PwnCount":33698126,"Description":"In 2016, a list of over 33 million individuals in corporate America sourced from Dun \u0026 Bradstreet\u0027s NetProspex service \u003Ca href=\u0022https://www.troyhunt.com/weve-lost-control-of-our-personal-data-including-33m-netprospex-records\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas leaked online\u003C/a\u003E. D\u0026B believe the targeted marketing data was lost by a customer who purchased it from them. It contained extensive personal and corporate information including names, email addresses, job titles and general information about the employer.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NetProspex.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Netshoes","Title":"Netshoes","Domain":"netshoes.com.br","BreachDate":"2017-12-07","AddedDate":"2017-12-10T04:01:03Z","ModifiedDate":"2017-12-10T04:01:03Z","PwnCount":499836,"Description":"In December 2017, the online Brazilian retailer known as \u003Ca href=\u0022https://www.databreaches.net/netshoes-customer-data-possibly-hacked-500k-customers-order-info-dumped/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENetshoes had half a million records allegedly hacked from their system posted publicly\u003C/a\u003E. The company was contacted by local Brazilian media outlet Tecmundo and subsequently advised that \u003Ca href=\u0022https://www.tecmundo.com.br/seguranca/125038-netshoes-invadida-meio-milhao-dados-clientes-vazam-internet.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eno indications have been identified of an invasion of the company\u0027s systems\u003C/a\u003E. However, Netshoes\u0027 own systems successfully confirm the presence of matching identifiers and email addresses from the data set, indicating a high likelihood that the data originated from them.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Netshoes.png","DataClasses":["Dates of birth","Email addresses","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NextGenUpdate","Title":"NextGenUpdate","Domain":"nextgenupdate.com","BreachDate":"2014-04-22","AddedDate":"2015-06-05T04:12:29Z","ModifiedDate":"2015-06-05T04:12:29Z","PwnCount":1194597,"Description":"Early in 2014, the video game website \u003Ca href=\u0022http://www.nextgenupdate.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENextGenUpdate\u003C/a\u003E reportedly \u003Ca href=\u0022https://leakforums.org/thread-265363\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach\u003C/a\u003E that disclosed almost 1.2 million accounts. Amongst the data breach was usernames, email addresses, IP addresses and salted and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NextGenUpdate.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NexusMods","Title":"Nexus Mods","Domain":"nexusmods.com","BreachDate":"2013-07-22","AddedDate":"2016-01-17T17:18:47Z","ModifiedDate":"2016-01-17T17:18:47Z","PwnCount":5915013,"Description":"In December 2015, the game modding site Nexus Mods \u003Ca href=\u0022http://www.nexusmods.com/games/news/12670/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereleased a statement notifying users that they had been hacked\u003C/a\u003E. They subsequently dated the hack as having occurred in July 2013 although there is evidence to suggest the data was being traded months in advance of that. The breach contained usernames, email addresses and passwords stored as a salted hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NexusMods.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nihonomaru","Title":"Nihonomaru","Domain":"nihonomaru.net","BreachDate":"2015-12-01","AddedDate":"2016-08-30T09:54:55Z","ModifiedDate":"2016-08-30T09:54:55Z","PwnCount":1697282,"Description":"In late 2015, the anime community known as Nihonomaru had their vBulletin forum hacked and 1.7 million accounts exposed. The compromised data included email and IP addresses, usernames and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nihonomaru.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nitro","Title":"Nitro","Domain":"gonitro.com","BreachDate":"2020-09-28","AddedDate":"2021-01-19T10:45:32Z","ModifiedDate":"2021-01-19T10:45:32Z","PwnCount":77159696,"Description":"In September 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/massive-nitro-data-breach-impacts-microsoft-google-apple-more/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses\u003C/a\u003E. The breach also exposed names, bcrypt password hashes and the titles of converted documents. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nitro.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nival","Title":"Nival","Domain":"nival.com","BreachDate":"2016-02-29","AddedDate":"2016-03-03T00:32:49Z","ModifiedDate":"2016-03-03T00:32:49Z","PwnCount":1535473,"Description":"In February 2016, the Russian gaming company \u003Ca href=\u0022http://nival.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENival\u003C/a\u003E was the target of an attack which was consequently \u003Ca href=\u0022https://www.reddit.com/r/pwned/comments/47u1bf/operation_wrath_of_anakin_evolved\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edetailed on Reddit\u003C/a\u003E. Allegedly protesting \u0026quot;the foreign policy of Russia in regards to Ukraine\u0026quot;, Nival was one of several Russian sites in the breach and impacted over 1.5M accounts including sensitive personal information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nival.png","DataClasses":["Avatars","Dates of birth","Email addresses","Genders","Names","Spoken languages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NonNudeGirls","Title":"Non Nude Girls","Domain":"nonnudegirls.org","BreachDate":"2013-05-21","AddedDate":"2017-01-25T06:38:36Z","ModifiedDate":"2017-01-25T06:38:36Z","PwnCount":75383,"Description":"In May 2013, the non-consensual voyeurism site \u003Ca href=\u0022http://www.ibtimes.co.uk/upskirt-porn-website-hit-massive-data-leak-exposing-nearly-180000-voyeurs-1602756\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;Non Nude Girls\u0026quot; suffered a data breach\u003C/a\u003E. The hack of the vBulletin forum led to the exposure of over 75k accounts along with email and IP addresses, names and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NonNudeGirls.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NotAcxiom","Title":"Not Acxiom","Domain":"","BreachDate":"2020-06-21","AddedDate":"2022-11-22T19:17:40Z","ModifiedDate":"2022-11-22T19:17:40Z","PwnCount":51730831,"Description":"In 2020, \u003Ca href=\u0022https://www.troyhunt.com/data-breach-misattribution-acxiom-live-ramp/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea corpus of data containing almost a quarter of a billion records spanning over 400 different fields was misattributed to database marketing company Acxiom\u003C/a\u003E and subsequently circulated within the hacking community. On review, Acxiom concluded that \u0026quot;the claims are indeed false and that the data, which has been readily available across multiple environments, does not come from Acxiom and is in no way the subject of an Acxiom breach\u0026quot;. The data contained almost 52M unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NotSOCRadar","Title":"Not SOCRadar","Domain":"","BreachDate":"2024-08-03","AddedDate":"2024-08-09T09:28:24Z","ModifiedDate":"2024-08-09T09:28:24Z","PwnCount":282478425,"Description":"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however \u003Ca href=\u0022https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean investigation on their behalf concluded that \u0026quot;the actor merely utilised functionalities inherent in the platform\u0027s standard offerings, designed to gather information from publicly available sources\u0026quot;\u003C/a\u003E. There is no suggestion the incident compromised SOCRadar\u0027s security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NulledCH","Title":"Nulled.ch","Domain":"nulled.ch","BreachDate":"2020-05-20","AddedDate":"2020-05-24T07:05:43Z","ModifiedDate":"2020-05-24T07:05:43Z","PwnCount":43491,"Description":"In May 2020, the hacking forum \u003Ca href=\u0022https://www.nulled.ch/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENulled.ch\u003C/a\u003E was breached and the data published to a rival hacking forum. Over 43k records were compromised and included IP and email addresses, usernames and passwords stored as salted MD5 hashes alongside the private message history of the website\u0027s admin. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;Split10\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NulledCH.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Nulled","Title":"Nulled.cr","Domain":"nulled.cr","BreachDate":"2016-05-06","AddedDate":"2016-05-09T11:28:01Z","ModifiedDate":"2020-05-24T07:00:23Z","PwnCount":599080,"Description":"In May 2016, the cracking community forum known as \u003Ca href=\u0022http://nulled.cr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENulled.cr\u003C/a\u003E was hacked and 599k user accounts were leaked publicly. The compromised data included email and IP addresses, weak salted MD5 password hashes and hundreds of thousands of private messages between members.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Nulled.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NurseryCam","Title":"NurseryCam","Domain":"nurserycam.co.uk","BreachDate":"2021-02-12","AddedDate":"2021-02-23T07:58:02Z","ModifiedDate":"2021-02-23T07:58:02Z","PwnCount":10585,"Description":"In February 2021, \u003Ca href=\u0022https://www.theregister.com/2021/02/18/nurserycam_security_problems_footfallcam_ltd/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea series of egregiously bad security flaws were identified in the NurseryCam system\u003C/a\u003E designed for parents to remotely monitor their children whilst attending nursery. The flaws led to the exposure of over 10k parent records before the service was shut down. The email addresses alone were provided to Have I Been Pwned to ensure parents were properly notified of the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NurseryCam.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"NVIDIA","Title":"NVIDIA","Domain":"nvidia.com","BreachDate":"2022-02-23","AddedDate":"2022-03-02T23:50:10Z","ModifiedDate":"2022-03-02T23:51:53Z","PwnCount":71335,"Description":"In February 2022, microchip company \u003Ca href=\u0022https://www.zdnet.com/article/nvidia-says-employee-credentials-proprietary-information-stolen-during-cyberattack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENVIDIA suffered a data breach that exposed employee credentials and proprietary code\u003C/a\u003E. Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/NVIDIA.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers","Title":"OGUsers (2019 breach)","Domain":"ogusers.com","BreachDate":"2018-12-26","AddedDate":"2019-05-19T22:45:45Z","ModifiedDate":"2020-04-04T08:21:10Z","PwnCount":161143,"Description":"In May 2019, the account hijacking and SIM swapping forum \u003Ca href=\u0022https://krebsonsecurity.com/2019/05/account-hijacking-forum-ogusers-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOGusers suffered a data breach\u003C/a\u003E. The breach exposed a database backup from December 2018 which was published on a rival hacking forum. There were 161k unique email addresses spread across 113k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers2020","Title":"OGUsers (2020 breach)","Domain":"ogusers.com","BreachDate":"2020-04-02","AddedDate":"2020-04-04T08:27:13Z","ModifiedDate":"2020-04-04T08:27:13Z","PwnCount":263189,"Description":"In April 2020, the account hijacking and SIM swapping forum \u003Ca href=\u0022https://www.zdnet.com/article/hacking-forum-gets-hacked-for-the-second-time-in-a-year/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOGUsers suffered their second data breach in less than a year\u003C/a\u003E. As with the previous breach, the exposed data included email and IP addresses, usernames, private messages and passwords stored as salted MD5 hashes. A total of 263k email addresses across user accounts and other tables were posted to a rival hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers2021","Title":"OGUsers (2021 breach)","Domain":"ogusers.com","BreachDate":"2021-04-11","AddedDate":"2022-05-16T00:40:46Z","ModifiedDate":"2022-05-16T00:40:46Z","PwnCount":348302,"Description":"In April 2021, the account hijacking and SIM swapping forum \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/fourth-times-a-charm-ogusers-hacking-forum-hacked-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOGusers suffered a data breach\u003C/a\u003E, the fourth since December 2018. The breach was subsequently sold on a rival hacking forum and contained usernames, email and IP addresses and passwords stored as either salted MD5 or argon2 hashes. A total of 348k unique email addresses appeared in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OGUsers2022","Title":"OGUsers (2022 breach)","Domain":"ogusers.com","BreachDate":"2022-07-13","AddedDate":"2023-04-14T01:51:23Z","ModifiedDate":"2023-04-14T01:51:23Z","PwnCount":529020,"Description":"In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes. A total of 529k unique email addresses appeared in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OGUsers.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OMGPOP","Title":"OMGPOP","Domain":"omgpop.com","BreachDate":"2013-01-01","AddedDate":"2023-11-20T21:20:28Z","ModifiedDate":"2023-11-20T21:20:28Z","PwnCount":7071293,"Description":"In approximately 2013, the maker of the Draw Something game \u003Ca href=\u0022https://www.cpomagazine.com/cyber-security/password-breach-of-game-developer-zynga-compromises-170-million-accounts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOMGPOP suffered a data breach\u003C/a\u003E. Formerly known as i\u0027minlikewithyou or iilwy and later purchased by Zynga, the breach exposed over 7M email address and plain text password pairs which were later leaked in 2019.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OMGPOP.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OnlineTrade","Title":"Online Trade (\u041E\u043D\u043B\u0430\u0439\u043D \u0422\u0440\u0435\u0439\u0434)","Domain":"onlinetrade.ru","BreachDate":"2022-09-19","AddedDate":"2024-03-07T06:51:12Z","ModifiedDate":"2024-03-07T07:01:28Z","PwnCount":3805265,"Description":"In September 2022, the Russian e-commerce website \u003Ca href=\u0022https://xakep.ru/2022/09/21/new-leaks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOnline Trade (\u041E\u043D\u043B\u0430\u0439\u043D \u0422\u0440\u0435\u0439\u0434) suffered a data breach\u003C/a\u003E that exposed 3.8M customer records. The data included email and IP addresses, names, phone numbers, dates of birth and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OnlineTrade.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OnlinerSpambot","Title":"Onliner Spambot","Domain":"","BreachDate":"2017-08-28","AddedDate":"2017-08-29T19:25:56Z","ModifiedDate":"2017-08-29T19:25:56Z","PwnCount":711477622,"Description":"In August 2017, a spambot by the name of \u003Ca href=\u0022https://benkowlab.blogspot.com.au/2017/08/from-onliner-spambot-to-millions-of.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOnliner Spambot was identified by security researcher Benkow mo\u029Eu\u018Eq\u003C/a\u003E. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled \u003Ca href=\u0022https://www.troyhunt.com/inside-the-massive-711-million-record-onliner-spambot-dump\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInside the Massive 711 Million Record Onliner Spambot Dump\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Onverse","Title":"Onverse","Domain":"onverse.com","BreachDate":"2016-01-01","AddedDate":"2016-09-06T06:28:30Z","ModifiedDate":"2016-09-06T06:28:30Z","PwnCount":800157,"Description":"In January 2016, the online virtual world known as \u003Ca href=\u0022http://www.onverse.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOnverse\u003C/a\u003E was hacked and 800k accounts were exposed. Along with email and IP addresses, the site also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Onverse.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OpenCSGO","Title":"Open CS:GO","Domain":"opencsgo.com","BreachDate":"2017-11-28","AddedDate":"2018-01-15T06:14:55Z","ModifiedDate":"2018-01-15T06:14:55Z","PwnCount":512311,"Description":"In December 2017, the website for purchasing Counter-Strike skins known as \u003Ca href=\u0022http://opencsgo.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOpen CS:GO\u003C/a\u003E (Counter-Strike: Global Offensive) suffered a data breach (address since redirects to dropgun.com). The 10GB file contained an extensive amount of personal information including email and IP addresses, phone numbers, physical addresses and purchase histories. \u003Ca href=\u0022https://www.troyhunt.com/streamlining-data-breach-disclosures-a-step-by-step-process\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENumerous attempts were made to contact Open CS:GO about the incident\u003C/a\u003E, however no responses were received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OpenCSGO.png","DataClasses":["Avatars","Email addresses","IP addresses","Phone numbers","Physical addresses","Purchases","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OpenSubtitles","Title":"Open Subtitles","Domain":"opensubtitles.org","BreachDate":"2021-08-01","AddedDate":"2022-01-19T04:51:36Z","ModifiedDate":"2022-01-19T04:51:36Z","PwnCount":6783158,"Description":"In August 2021, the subtitling website \u003Ca href=\u0022https://forum.opensubtitles.org/viewtopic.php?f=1\u0026p=46835\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOpen Subtitles suffered a data breach and subsequent ransom demand\u003C/a\u003E. The breach exposed almost 7M subscribers\u0027 personal data including email and IP addresses, usernames, the country of the user and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OpenSubtitles.png","DataClasses":["Email addresses","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OperationEndgame","Title":"Operation Endgame","Domain":"","BreachDate":"2024-05-30","AddedDate":"2024-05-30T04:19:45Z","ModifiedDate":"2024-05-31T03:22:05Z","PwnCount":16466858,"Description":"In May 2024, \u003Ca href=\u0022https://www.troyhunt.com/operation-endgame/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea coalition of international law enforcement agencies took down a series of botnets in a campaign they coined \u0026quot;Operation Endgame\u0026quot;\u003C/a\u003E. Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"OrderSnapp","Title":"OrderSnapp","Domain":"ordersnapp.com","BreachDate":"2020-06-29","AddedDate":"2021-08-08T01:53:33Z","ModifiedDate":"2021-08-08T02:11:56Z","PwnCount":1304447,"Description":"In June 2020, the restaurant solutions provider \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/01/25/shinyhunters-wave-3-one-hacker-exposes-over-125-million-credentials/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOrderSnapp suffered a data breach\u003C/a\u003E which exposed 1.3M unique email addresses. Impacted data also included names, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OrderSnapp.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OrdineAvvocatiDiRoma","Title":"Ordine Avvocati di Roma","Domain":"ordineavvocatiroma.it","BreachDate":"2019-05-07","AddedDate":"2019-05-26T23:24:11Z","ModifiedDate":"2019-05-26T23:24:11Z","PwnCount":41960,"Description":"In May 2019, \u003Ca href=\u0022https://roma.repubblica.it/cronaca/2019/05/07/news/roma_anonymus_viola_la_mail_di_30mila_avvocati_c_e_anche_quella_di_raggi-225675248/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Lawyers Order of Rome suffered a data breach by a group claiming to be Anonymous Italy\u003C/a\u003E. Data on tens of thousands of Roman lawyers was taken from the breached system and redistributed online. The data included contact information, email addresses and email messages themselves encompassing tens of thousands of unique email addresses. A total of 42k unique addresses appeared in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OrdineAvvocatiDiRoma.png","DataClasses":["Email addresses","Email messages","Geographic locations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OVH","Title":"OVH","Domain":"ovh.com","BreachDate":"2015-05-01","AddedDate":"2016-12-27T07:49:12Z","ModifiedDate":"2016-12-27T07:49:12Z","PwnCount":452899,"Description":"In mid-2015, the forum for the hosting provider known as \u003Ca href=\u0022https://www.ovh.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOVH\u003C/a\u003E suffered a data breach. The vBulletin forum contained 453k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OVH.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"OwnedCore","Title":"OwnedCore","Domain":"OwnedCore.com","BreachDate":"2013-08-01","AddedDate":"2016-02-06T02:53:13Z","ModifiedDate":"2016-02-06T02:53:13Z","PwnCount":880331,"Description":"In approximately August 2013, the World of Warcraft exploits forum known as \u003Ca href=\u0022http://www.ownedcore.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOwnedCore\u003C/a\u003E was hacked and more than 880k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/OwnedCore.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Oxfam","Title":"Oxfam","Domain":"oxfam.org.au","BreachDate":"2021-01-20","AddedDate":"2021-03-02T07:07:00Z","ModifiedDate":"2021-03-02T07:07:00Z","PwnCount":1834006,"Description":"In January 2021, \u003Ca href=\u0022https://www.oxfam.org.au/updates-suspected-data-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EOxfam Australia was the victim of a data breach\u003C/a\u003E which exposed 1.8M unique email addresses of supporters of the charity. The data was put up for sale on a popular hacking forum and also included names, phone numbers, addresses, genders and dates of birth. A small number of people also had partial credit card data exposed (the first 6 and last 3 digits of the card, plus card type and expiry) and in some cases the bank name, account number and BSB were also exposed. The data was subsequently made freely available on the hacking forum later the following month.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Oxfam.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Genders","Names","Partial credit card data","Payment histories","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PaddyPower","Title":"Paddy Power","Domain":"paddypower.com","BreachDate":"2010-10-25","AddedDate":"2015-10-11T01:26:05Z","ModifiedDate":"2015-10-11T01:26:05Z","PwnCount":590954,"Description":"In October 2010, the Irish bookmaker \u003Ca href=\u0022http://www.telegraph.co.uk/technology/internet-security/11005558/Irish-government-disappointed-over-Paddy-Power-hack.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPaddy Power suffered a data breach\u003C/a\u003E that exposed 750,000 customer records with nearly 600,000 unique email addresses. The breach was not disclosed until July 2014 and contained extensive personal information including names, addresses, phone numbers and plain text security questions and answers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PaddyPower.png","DataClasses":["Account balances","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pampling","Title":"Pampling","Domain":"pampling.com","BreachDate":"2020-01-04","AddedDate":"2023-08-31T05:09:24Z","ModifiedDate":"2023-09-03T06:23:38Z","PwnCount":383468,"Description":"In January 2020, \u003Ca href=\u0022https://www.elespanol.com/omicrono/20200308/comprado-camiseta-pampling-cambia-contrasena-seguridad/473202676_0.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe online clothing retailer Pampling suffered a data breach\u003C/a\u003E that exposed 383k unique customer email addresses. The data was later shared on a popular hacking forum and also included names, usernames and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pampling.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pandabuy","Title":"Pandabuy","Domain":"pandabuy.com","BreachDate":"2024-03-31","AddedDate":"2024-04-01T08:34:24Z","ModifiedDate":"2024-04-01T08:34:24Z","PwnCount":1348407,"Description":"In March 2024, \u003Ca href=\u0022https://twitter.com/troyhunt/status/1774704266500043067\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum\u003C/a\u003E. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to \u0026quot;Sanggiero\u0026quot; and \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pandabuy.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ParagonCheats","Title":"Paragon Cheats","Domain":"paragoncheats.com","BreachDate":"2021-05-22","AddedDate":"2022-05-14T02:26:40Z","ModifiedDate":"2022-05-14T02:32:52Z","PwnCount":188089,"Description":"In May 2021, the Grand Theft Auto Online cheats website \u003Ca href=\u0022https://screenrant.com/gta-online-cheater-mod-shut-down/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EParagon Cheats suffered a data breach that lead to the shutdown of the service\u003C/a\u003E. The breach exposed 188k customer records including usernames, email and IP addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;VRAirhead and xFueY\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ParagonCheats.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ParkMobile","Title":"ParkMobile","Domain":"parkmobile.io","BreachDate":"2021-03-21","AddedDate":"2021-04-30T03:07:24Z","ModifiedDate":"2021-04-30T03:07:24Z","PwnCount":20949825,"Description":"In March 2021, the mobile parking app service \u003Ca href=\u0022https://krebsonsecurity.com/2021/04/parkmobile-breach-exposes-license-plate-data-mobile-numbers-of-21m-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EParkMobile suffered a data breach which exposed 21 million customers\u0027 personal data\u003C/a\u003E. The impacted data included email addresses, names, phone numbers, vehicle licence plates and passwords stored as bcrypt hashes. The following month, the data appeared on a public hacking forum where it was extensively redistributed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ParkMobile.png","DataClasses":["Email addresses","Licence plates","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Patreon","Title":"Patreon","Domain":"patreon.com","BreachDate":"2015-10-01","AddedDate":"2015-10-02T02:29:20Z","ModifiedDate":"2021-08-10T06:52:47Z","PwnCount":2330382,"Description":"In October 2015, the crowdfunding site \u003Ca href=\u0022http://www.zdnet.com/article/patreon-hacked-anonymous-patrons-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPatreon was hacked\u003C/a\u003E and over 16GB of data was released publicly. The dump included almost 14GB of database records with more than 2.3M unique email addresses, millions of personal messages and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Patreon.png","DataClasses":["Email addresses","Passwords","Payment histories","Physical addresses","Private messages","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PayAsUGym","Title":"PayAsUGym","Domain":"payasugym.com","BreachDate":"2016-12-15","AddedDate":"2016-12-17T06:45:44Z","ModifiedDate":"2016-12-17T06:45:44Z","PwnCount":400260,"Description":"In December 2016, \u003Ca href=\u0022https://twitter.com/real_1x0123/status/809443917984911364\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean attacker breached PayAsUGym\u0027s website\u003C/a\u003E exposing over 400k customers\u0027 personal data. The data was consequently leaked publicly and broadly distributed via Twitter. The leaked data contained personal information including email addresses and passwords hashed using MD5 without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PayAsUGym.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PayHere","Title":"PayHere","Domain":"payhere.lk","BreachDate":"2022-03-27","AddedDate":"2022-05-02T05:26:25Z","ModifiedDate":"2022-05-02T08:27:23Z","PwnCount":1580249,"Description":"In late March 2022, the Sri Lankan payment gateway \u003Ca href=\u0022https://www.yoshlk.me/technicity/payhere-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPayHere suffered a data breach that exposed more than 65GB of payment records\u003C/a\u003E including over 1.5M unique email addresses. The data also included IP and physical addresses, names, phone numbers, purchase histories and partially obfuscated credit card data (card type, first 6 and last 4 digits plus expiry date). A month later, PayHere published a blog on the incident titled \u003Ca href=\u0022https://blog.payhere.lk/ensuring-integrity-on-payhere-cybersecurity-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EEnsuring Integrity on PayHere Cybersecurity Incident\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PayHere.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PaySystemTech","Title":"PaySystem.tech","Domain":"paysystem.tech","BreachDate":"2022-04-29","AddedDate":"2023-10-08T23:07:02Z","ModifiedDate":"2023-10-08T23:07:02Z","PwnCount":1410764,"Description":"In mid-2022, \u003Ca href=\u0022https://twitter.com/troyhunt/status/1711145477872431529\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata alleged to have been sourced from the Russian payment provider PaySystem.tech appeared in hacking circles where it was made publicly available for download\u003C/a\u003E. Consisting of 16M rows with 1.4M unique email addresses, the data also included purchases and full credit card numbers and expiry dates. The data could not be independently attributed back to PaySystem.tech and the breach has been flagged as \u0026quot;unverified\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PaySystemTech.png","DataClasses":["Credit cards","Email addresses","Purchases"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Paytm","Title":"Paytm","Domain":"paytm.com","BreachDate":"2020-08-30","AddedDate":"2022-07-26T23:17:02Z","ModifiedDate":"2022-07-29T00:10:06Z","PwnCount":3395101,"Description":"In August 2020, the Indian payment provider \u003Ca href=\u0022https://economictimes.indiatimes.com/tech/internet/paytm-mall-suffers-massive-breach-ransom-demanded-report/articleshow/77833664.cms\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPaytm was reported as having suffered a data breach and subsequent ransom demand\u003C/a\u003E, after which the data was circulated publicly. Further investigation into the data concluded that \u003Ca href=\u0022https://twitter.com/troyhunt/status/1552808334759043073 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe breach was fabricated and did not originate from Paytm\u003C/a\u003E. The impacted data covered 3.4M unique email addresses along with names, phone numbers, genders, dates of birth, income levels and previous purchases.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Paytm.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Income levels","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":true,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"pcTattletale","Title":"pcTattletale","Domain":"pctattletale.com","BreachDate":"2024-05-25","AddedDate":"2024-05-25T21:38:18Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":138751,"Description":"In May 2024, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-defaces-spyware-apps-site-dumps-database-and-source-code/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe spyware service pcTattletale suffered a data breach that defaced the website and posted tens of gigabytes of data to the homepage\u003C/a\u003E, allegedly due to pcTattletale not responding to a previous security vulnerability report. The breach exposed data including membership records, infected PC names, captured messages and extensive logs of IP addresses and device information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/pcTattletale.png","DataClasses":["Device information","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses","SMS messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Peatix","Title":"Peatix","Domain":"peatix.com","BreachDate":"2019-01-20","AddedDate":"2020-12-06T22:53:53Z","ModifiedDate":"2020-12-06T22:53:53Z","PwnCount":4227907,"Description":"In January 2019, the event organising platform \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-the-user-data-of-event-management-app-peatix/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPeatix suffered a data breach\u003C/a\u003E. The incident exposed 4.2M email addresses, names and salted password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Peatix.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pemiblanc","Title":"Pemiblanc","Domain":"pemiblanc.com","BreachDate":"2018-04-02","AddedDate":"2018-07-09T22:16:26Z","ModifiedDate":"2018-07-09T22:16:26Z","PwnCount":110964206,"Description":"In April 2018, a credential stuffing list containing 111 million email addresses and passwords known as \u003Ca href=\u0022https://www.troyhunt.com/the-111-million-pemiblanc-credential-stuffing-list\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPemiblanc\u003C/a\u003E was discovered on a French server. The list contained email addresses and passwords collated from different data breaches and used to mount account takeover attacks against other services. \u003Ca href=\u0022https://www.troyhunt.com/the-111-million-pemiblanc-credential-stuffing-list\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about the incident.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PeoplesEnergy","Title":"People\u0027s Energy","Domain":"peoplesenergy.co.uk","BreachDate":"2020-12-16","AddedDate":"2021-02-23T03:25:44Z","ModifiedDate":"2021-11-25T22:08:12Z","PwnCount":358822,"Description":"In December 2020, the UK power company \u003Ca href=\u0022https://www.bbc.com/news/technology-55350995\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPeople\u0027s Energy suffered a data breach\u003C/a\u003E. The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers, physical addresses and dates of birth. The incident also included People\u0027s Energy staff email addresses and bcrypt password hashes (no customer passwords were exposed). The data was provided to HIBP by a source who requested it be attributed to pom@pompur.in.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PeoplesEnergy.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PetFlow","Title":"PetFlow","Domain":"petflow.com","BreachDate":"2017-12-09","AddedDate":"2020-05-26T02:48:24Z","ModifiedDate":"2020-05-26T02:48:24Z","PwnCount":990919,"Description":"In December 2017, the pet care delivery service \u003Ca href=\u0022https://techcrunch.com/2019/02/14/hacker-strikes-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPetFlow suffered a data breach which consequently appeared for sale on a dark web marketplace\u003C/a\u003E. Almost 1M accounts were impacted and exposed email addresses and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;nano@databases.pw\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PetFlow.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"CERTPolandPhish","Title":"Phished Data via CERT Poland","Domain":"","BreachDate":"2023-02-25","AddedDate":"2023-08-31T05:53:44Z","ModifiedDate":"2023-08-31T05:53:44Z","PwnCount":67943,"Description":"In August 2023, \u003Ca href=\u0022https://www.troyhunt.com/68k-polish-phishing-victims-are-now-searchable-in-have-i-been-pwned-courtesy-of-cert-poland\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ECERT Poland observed a phishing campaign that collected credentials from 68k victims\u003C/a\u003E. The campaign collected email addresses and passwords via a phishing email masquerading as a purchase order confirmation. CERT Poland identified a further 202 other phishing campaigns operating on the same C2 server, which has now been dismantled.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":true},{"Name":"Phoenix","Title":"Phoenix","Domain":"phoenixim.ddns.net","BreachDate":"2021-06-05","AddedDate":"2023-10-17T02:27:58Z","ModifiedDate":"2023-10-17T02:27:58Z","PwnCount":74776,"Description":"In mid-2021, the \u0026quot;vintage messaging reborn\u0026quot; service \u003Ca href=\u0022https://prnt.sc/_t-Usfo2rHqP\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPhoenix suffered a data breach\u003C/a\u003E that exposed 75k unique email addresses. The breach also exposed IP addresses, usernames and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Phoenix.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PhoneHouse","Title":"Phone House Espa\u00F1a","Domain":"phonehouse.es","BreachDate":"2021-04-08","AddedDate":"2021-04-22T05:59:07Z","ModifiedDate":"2021-04-22T05:59:07Z","PwnCount":5223350,"Description":"In April 2021, the Spanish retailer \u003Ca href=\u0022https://thetechzone.online/cyberattack-on-phone-house-with-ransomware-and-possible-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPhone House allegedly suffered a ransomware attack that also exposed significant volumes of customer data\u003C/a\u003E. Attributed to the Babuk ransomware, a collection of data alleged to be a subset of a larger corpus was posted to a dark web site and contained 5.2M email addresses along with names, nationalities, genders, dates of birth, phone numbers and physical addresses. Phone House has been threatened with further releases if a ransom is not paid.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PhoneHouse.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Nationalities","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PHPFreaks","Title":"PHP Freaks","Domain":"phpfreaks.com","BreachDate":"2015-10-27","AddedDate":"2015-10-30T14:19:52Z","ModifiedDate":"2015-10-30T14:19:52Z","PwnCount":173891,"Description":"In October 2015, the PHP discussion board \u003Ca href=\u0022http://forums.phpfreaks.com/topic/298874-alert-the-phpfreaks-forum-members-data-appears-to-have-been-stolen\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPHP Freaks was hacked\u003C/a\u003E and 173k user accounts were publicly leaked. The breach included multiple personal data attributes as well as salted and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PHPFreaks.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PipingRock","Title":"Piping Rock","Domain":"pipingrock.com","BreachDate":"2024-04-24","AddedDate":"2024-04-26T01:13:39Z","ModifiedDate":"2024-04-26T01:13:39Z","PwnCount":2103100,"Description":"In April 2024, \u003Ca href=\u0022https://cybernews.com/news/piping-rock-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E2.1M email addresses from the online health products store Piping Rock were publicly posted to a popular hacking forum\u003C/a\u003E. The data also included names, phone numbers and physical addresses. The account posting the data had previously posted multiple other data breaches which all appear to have been obtained from the Shopify service used by the respective websites.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PipingRock.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PixelFederation","Title":"Pixel Federation","Domain":"pixelfederation.com","BreachDate":"2013-12-04","AddedDate":"2013-12-06T00:00:00Z","ModifiedDate":"2013-12-06T00:00:00Z","PwnCount":38108,"Description":"In December 2013, a \u003Ca href=\u0022http://www.cyberwarnews.info/2013/12/04/pixel-federation-hacked-38000-user-credentials-leaked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreach of the web-based game community based in Slovakia\u003C/a\u003E exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PixelFederation.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pixlr","Title":"Pixlr","Domain":"pixlr.com","BreachDate":"2020-10-07","AddedDate":"2021-02-01T03:40:29Z","ModifiedDate":"2021-02-01T03:40:29Z","PwnCount":1906808,"Description":"In October 2020, the online photo editing application \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-posts-19-million-pixlr-user-records-for-free-on-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPixlr suffered a data breach\u003C/a\u003E exposing 1.9 million subscribers. Impacted data included names, email addresses, social media profiles, the country signed up from and passwords stored as SHA-512 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pixlr.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"piZap","Title":"piZap","Domain":"pizap.com","BreachDate":"2017-12-07","AddedDate":"2019-07-16T05:43:27Z","ModifiedDate":"2019-07-16T05:43:27Z","PwnCount":41817893,"Description":"In approximately December 2017, the online photo editing site \u003Ca href=\u0022https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EpiZap suffered a data breach\u003C/a\u003E. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in February 2019. A total of 42 million unique email addresses were included in the breach alongside names, genders and links to Facebook profiles when the social media platform was used to authenticate to piZap. When accounts were created directly on piZap without using Facebook for authentication, passwords stored as SHA-1 hashes were also exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/piZap.png","DataClasses":["Email addresses","Genders","Geographic locations","Names","Passwords","Social media profiles","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlanetCalypso","Title":"Planet Calypso","Domain":"planetcalypsoforum.com","BreachDate":"2019-07-01","AddedDate":"2020-01-12T09:48:57Z","ModifiedDate":"2020-01-12T09:48:57Z","PwnCount":62261,"Description":"In approximately July 2019, \u003Ca href=\u0022http://www.planetcalypsoforum.com/forums/showthread.php?311854-ET-or-Planet-Forums-ever-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forums for the Planet Calypso game suffered a data breach\u003C/a\u003E. The breach of the vBulletin based forum exposed email and IP addresses, usernames and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlanetCalypso.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlanetIce","Title":"Planet Ice","Domain":"planet-ice.co.uk","BreachDate":"2023-01-14","AddedDate":"2023-01-31T02:00:53Z","ModifiedDate":"2023-01-31T02:00:53Z","PwnCount":240488,"Description":"In January 2023, the UK-based ice skating rink booking service \u003Ca href=\u0022https://www.bristolpost.co.uk/news/bristol-news/bristol-planet-ice-cyber-attack-8076491\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPlanet Ice suffered a data breach\u003C/a\u003E. The incident exposed the personal data of 240k people including email and physical addresses, phone numbers, genders, dates of birth and passwords stored as MD5 hashes. The data also included the names, genders and dates of birth of children having parties.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlanetIce.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Playbook","Title":"Playbook","Domain":"playbook.vc","BreachDate":"2020-10-19","AddedDate":"2021-10-11T23:39:05Z","ModifiedDate":"2021-10-11T23:39:05Z","PwnCount":50538,"Description":"In September 2021, \u003Ca href=\u0022https://www.bankinfosecurity.com/articles.php?art_id=17696\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea publicly accessible PostgresSQL database belonging to the Playbook service was identified\u003C/a\u003E. Run by VC firm Plug and Play Ventures, the database had been exposed since October 2020 and contained more than 50 thousand unique email addresses along with names, phone numbers, job titles and passwords stored as PBKDF2 hashes. It took more than 2 weeks after being notified of the exposed data to properly secure it. It\u0027s unknown whether Plug and Play Ventures notified impacted individuals as they ceased responding to queries from the press.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Playbook.png","DataClasses":["Email addresses","Job titles","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlayCyberGames","Title":"PlayCyberGames","Domain":"playcybergames.com","BreachDate":"2023-08-09","AddedDate":"2023-08-31T02:22:55Z","ModifiedDate":"2023-08-31T02:22:55Z","PwnCount":3681753,"Description":"In August 2023, PlayCyberGames which \u0026quot;allows users to play any games with LAN function or games using IP address\u0026quot; suffered a data breach which exposed 3.7M customer records. The data included email addresses, usernames and MD5 password hashes with a constant value in the \u0026quot;salt\u0026quot; field. PlayCyberGames did not respond to multiple attempts to disclose the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlayCyberGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Plex","Title":"Plex","Domain":"plex.tv","BreachDate":"2015-07-02","AddedDate":"2016-02-08T01:35:48Z","ModifiedDate":"2016-02-08T01:35:48Z","PwnCount":327314,"Description":"In July 2015, the discussion forum for Plex media centre \u003Ca href=\u0022https://blog.plex.tv/2015/07/02/security-notice-forum-user-password-resets\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and over 327k accounts exposed\u003C/a\u003E. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Plex.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PlutoTV","Title":"Pluto TV","Domain":"pluto.tv","BreachDate":"2018-10-12","AddedDate":"2020-12-05T22:27:36Z","ModifiedDate":"2020-12-05T22:36:02Z","PwnCount":3225080,"Description":"In October 2018, the internet television service \u003Ca href=\u0022https://www.vice.com/en/article/88a8ma/pluto-tv-hacked-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPluto TV suffered a data breach\u003C/a\u003E which was then shared extensively in hacking communities. Pluto TV \u0026quot;decided not to proactively inform users of the breach\u0026quot; which contained 3.2M unique email and IP addresses, names, usernames, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PlutoTV.png","DataClasses":["Dates of birth","Device information","Email addresses","Genders","IP addresses","Names","Passwords","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Pokebip","Title":"Pok\u00E9bip","Domain":"pokebip.com","BreachDate":"2015-07-28","AddedDate":"2016-09-09T04:43:00Z","ModifiedDate":"2016-09-09T04:43:00Z","PwnCount":657001,"Description":"In July 2015, the French Pok\u00E9mon site \u003Ca href=\u0022https://www.pokebip.com/news3382__message_de_securite_de_l_equipe_pokebip_.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9bip suffered a data breach\u003C/a\u003E which exposed 657k subscriber identities. The data included email and IP addresses, usernames and passwords stored as unsalted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Pokebip.png","DataClasses":["Email addresses","IP addresses","Passwords","Time zones","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PokemonCreed","Title":"Pok\u00E9mon Creed","Domain":"pokemoncreed.net","BreachDate":"2014-08-08","AddedDate":"2014-08-10T00:03:59Z","ModifiedDate":"2014-08-10T00:03:59Z","PwnCount":116465,"Description":"In August 2014, the Pok\u00E9mon RPG website \u003Ca href=\u0022http://pokemoncreed.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9mon Creed\u003C/a\u003E was hacked after a dispute with rival site, \u003Ca href=\u0022http://pkmndusk.in\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9mon Dusk\u003C/a\u003E. In a \u003Ca href=\u0022https://www.facebook.com/ramandeep.s.dehal/posts/749666358442465\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epost on Facebook\u003C/a\u003E, \u0026quot;Cruz Dusk\u0026quot; announced the hack then pasted the dumped MySQL database on \u003Ca href=\u0022http://pkmndusk.in\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epkmndusk.in\u003C/a\u003E. The breached data included over 116k usernames, email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PokemonCreed.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PokemonNegro","Title":"Pok\u00E9mon Negro","Domain":"pokemonnegro.com","BreachDate":"2016-10-01","AddedDate":"2017-01-03T20:45:24Z","ModifiedDate":"2017-01-03T20:45:24Z","PwnCount":830155,"Description":"In approximately October 2016, the Spanish Pok\u00E9mon site \u003Ca href=\u0022http://pokemonnegro.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPok\u00E9mon Negro\u003C/a\u003E suffered a data breach. The attack resulted in the disclosure of 830k accounts including email and IP addresses along with plain text passwords. Pok\u00E9mon Negro did not respond when contacted about the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PokemonNegro.png","DataClasses":["Email addresses","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PoliceOne","Title":"PoliceOne","Domain":"policeone.com","BreachDate":"2014-07-01","AddedDate":"2017-11-15T07:57:11Z","ModifiedDate":"2017-11-15T07:57:11Z","PwnCount":709926,"Description":"In February 2017, the law enforcement website \u003Ca href=\u0022http://www.zdnet.com/article/police-forum-hacked-thousands-of-records-for-sale-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPoliceOne confirmed they\u0027d suffered a data breach\u003C/a\u003E. The breach contained over 700k accounts which appeared for sale by a data broker and included email and IP addresses, usernames and salted MD5 password hashes. The file the data was contained in indicated the original breach dated back to July 2014.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PoliceOne.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PolishCredentials","Title":"Polish Credentials","Domain":"","BreachDate":"2023-05-29","AddedDate":"2023-05-30T23:13:32Z","ModifiedDate":"2023-05-30T23:13:32Z","PwnCount":1204870,"Description":"In May 2023, \u003Ca href=\u0022https://zaufanatrzeciastrona.pl/post/kilka-milionow-loginow-i-hasel-z-polski-wycieklo-do-sieci/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum\u003C/a\u003E. Likely obtained by malware running on victims\u0027 machines, each record included an email address and plain text password alongside the website the credentials were used on. The data included 1.2M unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PolishCredentials.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Poshmark","Title":"Poshmark","Domain":"poshmark.com","BreachDate":"2018-05-16","AddedDate":"2019-09-02T03:36:05Z","ModifiedDate":"2019-09-02T03:44:37Z","PwnCount":36395491,"Description":"In mid-2018, social commerce marketplace \u003Ca href=\u0022https://techcrunch.com/2019/08/01/poshmark-confirms-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPoshmark suffered a data breach\u003C/a\u003E that exposed 36M user accounts. The compromised data included email addresses, names, usernames, genders, locations and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to \u0022JimScott.Sec@protonmail.com\u0022.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Poshmark.png","DataClasses":["Email addresses","Genders","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Powerbot","Title":"Powerbot","Domain":"powerbot.org","BreachDate":"2014-09-01","AddedDate":"2017-07-01T16:12:37Z","ModifiedDate":"2017-07-01T16:12:37Z","PwnCount":503501,"Description":"In approximately September 2014, the RuneScape bot website \u003Ca href=\u0022https://www.powerbot.org\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPowerbot\u003C/a\u003E suffered a data breach resulting in the exposure of over half a million unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Powerbot.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PPCGeeks","Title":"PPCGeeks","Domain":"ppcgeeks.com","BreachDate":"2016-08-19","AddedDate":"2022-07-18T22:20:50Z","ModifiedDate":"2022-07-18T22:20:50Z","PwnCount":492518,"Description":"In August 2016, the pocket PC fan site forum \u003Ca href=\u0022https://web.archive.org/web/20210227221024/https://forum.ppcgeeks.com/site-news-announcements/153465-urgent-ppcgeeks-hacked-database-dumped.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPPCGeeks suffered a data breach that exposed over 490k records\u003C/a\u003E. The breach of the vBulletin forum exposed email and IP addresses, usernames, dates of birth and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;fall1984@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PPCGeeks.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PreenMe","Title":"Preen.Me","Domain":"preen.me","BreachDate":"2020-05-25","AddedDate":"2022-05-26T00:58:43Z","ModifiedDate":"2022-05-26T00:58:43Z","PwnCount":236105,"Description":"In May 2020, social media marketing company \u003Ca href=\u0022https://www.riskbasedsecurity.com/2020/06/24/personal-data-of-350000-social-media-influencers-and-users-compromised-following-preen-me-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPreen.Me was the target of a ransom attack that resulted in hundreds of thousands of records being publicly posted\u003C/a\u003E. Over 236k unique email addresses were exposed in the attack alongside names, usernames and links to social media profiles.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PreenMe.png","DataClasses":["Email addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ProctorU","Title":"ProctorU","Domain":"proctoru.com","BreachDate":"2020-06-26","AddedDate":"2020-08-06T09:37:17Z","ModifiedDate":"2020-08-06T09:37:17Z","PwnCount":444453,"Description":"In June 2020, the online exam service \u003Ca href=\u0022https://www.smh.com.au/national/hackers-hit-university-online-exam-tool-20200806-p55j6h.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EProctorU suffered a data breach\u003C/a\u003E which was subsequently shared extensively across online hacking communities. The breach contained 444k user records including names, email and physical addresses, phones numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ProctorU.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ProgrammingForums","Title":"Programming Forums","Domain":"programmingforums.org","BreachDate":"2015-12-01","AddedDate":"2017-07-01T16:42:46Z","ModifiedDate":"2017-07-01T16:42:46Z","PwnCount":707432,"Description":"In approximately late 2015, the programming forum at \u003Ca href=\u0022http://www.programmingforums.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eprogrammingforums.org\u003C/a\u003E suffered a data breach resulting in the exposure of 707k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ProgrammingForums.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Promo","Title":"Promo","Domain":"promo.com","BreachDate":"2020-06-22","AddedDate":"2020-07-26T02:44:11Z","ModifiedDate":"2020-07-26T02:44:11Z","PwnCount":14610585,"Description":"In July 2020, the self-proclaimed \u0026quot;World\u0027s #1 Marketing Video Maker\u0026quot; \u003Ca href=\u0022https://support.promo.com/en/articles/4276475-promo-data-breach-faq\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPromo suffered a data breach\u003C/a\u003E which was then shared extensively on a hacking forum. The incident exposed 22 million records containing almost 15 million unique email addresses alongside IP addresses, genders, names and salted SHA-256 password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Promo.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Promofarma","Title":"Promofarma","Domain":"promofarma.com","BreachDate":"2019-08-03","AddedDate":"2020-11-01T07:11:46Z","ModifiedDate":"2020-11-03T10:19:52Z","PwnCount":1277761,"Description":"In August 2019, \u003Ca href=\u0022https://www.zdnet.com/article/data-of-21-million-mixcloud-users-put-up-for-sale-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data breach from the Spanish online pharmacy Promofarma appeared for sale on a dark web marketplace\u003C/a\u003E. The breach exposed over 2.7M records and contained almost 1.3M unique customer email addresses. The data also included customer names and was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Promofarma.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PropTiger","Title":"PropTiger","Domain":"proptiger.com","BreachDate":"2018-01-30","AddedDate":"2020-03-24T07:21:44Z","ModifiedDate":"2020-03-24T07:30:36Z","PwnCount":2156921,"Description":"In January 2018, the Indian property website \u003Ca href=\u0022https://www.proptiger.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPropTiger\u003C/a\u003E suffered a data breach which resulted in a 3.46GB database file being exposed and subsequently shared extensively on a popular hacking forum 2 years later. The exposed data contained both user records and login histories with over 2M unique customer email addresses. Exposed data also included additional personal attributes such as names, dates of birth, genders, IP addresses and passwords stored as MD5 hashes. PropTiger advised they believe the usability of the data is \u0026quot;limited\u0026quot; due to how certain data attributes were generated and stored. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PropTiger.png","DataClasses":["Dates of birth","Device information","Email addresses","Genders","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Protemps","Title":"Protemps","Domain":"protemps.com.sg","BreachDate":"2021-10-04","AddedDate":"2021-12-20T02:36:08Z","ModifiedDate":"2021-12-20T02:57:50Z","PwnCount":49591,"Description":"In October 2021, the Singaporean recruitment website \u003Ca href=\u0022https://www.straitstimes.com/singapore/courts-crime/spore-employment-agency-hacked-ic-scans-and-salaries-of-40000-job-seekers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EProtemps suffered a data breach\u003C/a\u003E that exposed almost 50,000 unique email addresses. The impacted data includes names, email and physical addresses, phone numbers, passport numbers and passwords stored as unsalted MD5 hashes, among troves of other jobseeker data. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Protemps.png","DataClasses":["Email addresses","Genders","Job applications","Marital statuses","Names","Nationalities","Passport numbers","Passwords","Phone numbers","Physical addresses","Religions","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PS3Hax","Title":"PS3Hax","Domain":"ps3hax.net","BreachDate":"2015-07-01","AddedDate":"2016-02-07T04:44:49Z","ModifiedDate":"2016-02-07T04:44:49Z","PwnCount":447410,"Description":"In approximately July 2015, the Sony Playstation hacks and mods forum known as \u003Ca href=\u0022http://www.ps3hax.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPS3Hax\u003C/a\u003E was hacked and more than 447k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PS3Hax.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PSPISO","Title":"PSP ISO","Domain":"pspiso.com","BreachDate":"2015-09-25","AddedDate":"2017-01-29T07:28:23Z","ModifiedDate":"2017-01-29T07:28:23Z","PwnCount":1274070,"Description":"In approximately September 2015, the PlayStation PSP forum known as \u003Ca href=\u0022http://www.pspiso.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPSP ISO\u003C/a\u003E was hacked and almost 1.3 million accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PSPISO.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"PSX-Scene","Title":"PSX-Scene","Domain":"psx-scene.com","BreachDate":"2015-02-01","AddedDate":"2016-02-07T03:46:46Z","ModifiedDate":"2016-02-07T03:46:46Z","PwnCount":341118,"Description":"In approximately February 2015, the Sony Playstation forum known as \u003Ca href=\u0022http://psx-scene.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPSX-Scene\u003C/a\u003E was hacked and more than 340k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/PSX-Scene.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"BVD","Title":"Public Business Data","Domain":"bvdinfo.com","BreachDate":"2021-08-19","AddedDate":"2023-10-09T07:05:10Z","ModifiedDate":"2023-12-06T22:45:20Z","PwnCount":27917714,"Description":"In approximately August 2021, \u003Ca href=\u0022https://kaduu.io/blog/2022/02/04/us-strategic-company-bureau-van-dijk-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehundreds of gigabytes of business data collated from public sources was obtained and later published to a popular hacking forum\u003C/a\u003E. Sourced from a customer of Bureau van Dijk\u0027s (BvD) \u0026quot;Orbis\u0026quot; product, the corpus of data released contained hundreds of millions of lines about corporations and individuals, including personal information such as names and dates of birth. The data also included 28M unique email addresses along with physical addresses (presumedly corporate locations), phone numbers and job titles. There was no unauthorised access to BvD\u0027s systems, nor did the incident expose any of their or parent company\u0027s Moody\u0027s clients.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Dates of birth","Email addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Qakbot","Title":"Qakbot","Domain":"","BreachDate":"2023-08-29","AddedDate":"2023-08-29T19:40:03Z","ModifiedDate":"2023-08-29T19:40:03Z","PwnCount":6431319,"Description":"In August 2023, \u003Ca href=\u0022https://www.troyhunt.com/data-from-the-qakbot-malware-is-now-searchable-in-have-i-been-pwned-courtesy-of-the-fbi\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure\u003C/a\u003E. After the takedown, 6.43M email addresses were provided to HIBP to help notify victims of the malware.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":true},{"Name":"QatarNationalBank","Title":"Qatar National Bank","Domain":"qnb.com","BreachDate":"2015-07-01","AddedDate":"2016-05-01T01:06:35Z","ModifiedDate":"2016-05-01T01:06:35Z","PwnCount":88678,"Description":"In July 2015, the Qatar National Bank \u003Ca href=\u0022http://www.theregister.co.uk/2016/04/25/breaking_qatar_bank_hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach\u003C/a\u003E which exposed 15k documents totalling 1.4GB and detailing more than 100k accounts with passwords and PINs. The incident was made public some 9 months later in April 2016 when the documents appeared publicly on a file sharing site. Analysis of the breached data suggests \u003Ca href=\u0022http://blog.trendmicro.co.uk/qatar-bank-breach-lifts-the-veil-on-targeted-attack-strategies/#more-520\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe attack began by exploiting a SQL injection flaw\u003C/a\u003E in the bank\u0027s website.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QatarNationalBank.png","DataClasses":["Bank account numbers","Customer feedback","Dates of birth","Financial transactions","Genders","Geographic locations","Government issued IDs","IP addresses","Marital statuses","Names","Passwords","Phone numbers","Physical addresses","PINs","Security questions and answers","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QIP","Title":"QIP","Domain":"qip.ru","BreachDate":"2011-06-01","AddedDate":"2017-01-08T22:23:19Z","ModifiedDate":"2017-01-08T22:23:19Z","PwnCount":26183992,"Description":"In mid-2011, the Russian instant messaging service known as \u003Ca href=\u0022http://securityaffairs.co/wordpress/51118/data-breach/qip-data-breach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EQIP (Quiet Internet Pager) suffered a data breach\u003C/a\u003E. The attack resulted in the disclosure of over 26 million unique accounts including email addresses and passwords with the data eventually appearing in public years later.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QIP.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QuantumBooter","Title":"Quantum Booter","Domain":"quantumbooter.net","BreachDate":"2014-03-18","AddedDate":"2015-04-04T06:40:05Z","ModifiedDate":"2015-04-04T06:40:05Z","PwnCount":48592,"Description":"In March 2014, the \u003Ca href=\u0022http://www.webopedia.com/TERM/B/booter_services.html\u0022\u003Ebooter service\u003C/a\u003E Quantum Booter (also referred to as Quantum Stresser) suffered a breach which lead to the disclosure of their internal database. The leaked data included private discussions relating to malicious activity Quantum Booter users were performing against online adversaries, including the IP addresses of those using the service to mount DDoS attacks.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QuantumBooter.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QuestionPro","Title":"QuestionPro","Domain":"questionpro.com","BreachDate":"2022-05-21","AddedDate":"2022-08-05T00:05:34Z","ModifiedDate":"2022-08-05T23:24:27Z","PwnCount":22229637,"Description":"In May 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hackers-try-to-extort-survey-firm-questionpro-after-alleged-data-theft/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach\u003C/a\u003E. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IP addresses, browser user agents and results relating to surveys. QuestionPro would not confirm whether a breach had occurred (although they did confirm they were the target of an extortion attempt), so the data was initially flagged as \u0026quot;unverified\u0026quot;. \u003Ca href=\u0022https://twitter.com/troyhunt/status/1555696116351377410\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESubsequent verification by impacted HIBP subscribers\u003C/a\u003E later led to the removal of the unverified flag.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QuestionPro.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Survey results"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Quidd","Title":"Quidd","Domain":"quidd.co","BreachDate":"2019-07-01","AddedDate":"2020-06-24T11:05:34Z","ModifiedDate":"2020-06-24T11:05:34Z","PwnCount":3805863,"Description":"In 2019, online marketplace for trading stickers, cards, toys, and other collectibles \u003Ca href=\u0022https://www.zdnet.com/article/account-details-for-4-million-quidd-users-shared-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EQuidd suffered a data breach\u003C/a\u003E. The breach exposed almost 4 million users\u0027 email addresses, usernames and passwords stored as bcrypt hashes. The data was subsequently sold then redistributed extensively via hacking forums.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Quidd.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"QuinStreet","Title":"QuinStreet","Domain":"quinstreet.com","BreachDate":"2015-12-14","AddedDate":"2016-12-17T07:44:31Z","ModifiedDate":"2016-12-17T07:44:31Z","PwnCount":4907802,"Description":"In approximately late 2015, the maker of \u0026quot;performance marketing products\u0026quot; \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EQuinStreet\u003C/a\u003E had a number of their online assets compromised. The attack impacted 28 separate sites, predominantly technology forums such as \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eflashkit.com\u003C/a\u003E, \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ecodeguru.com\u003C/a\u003E and \u003Ca href=\u0022http://quinstreet.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewebdeveloper.com\u003C/a\u003E (\u003Ca href=\u0022http://pastebin.com/raw/6p50GgCV\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eview a full list of sites\u003C/a\u003E). QuinStreet advised that impacted users have been notified and passwords reset. The data contained details on over 4.9 million people and included email addresses, dates of birth and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/QuinStreet.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"R2-2017","Title":"R2 (2017 forum breach)","Domain":"r2games.com","BreachDate":"2017-01-01","AddedDate":"2017-04-25T11:04:29Z","ModifiedDate":"2017-04-25T11:04:29Z","PwnCount":1023466,"Description":"In early 2017, the forum for the gaming website \u003Ca href=\u0022http://www.csoonline.com/article/3192246/security/r2games-compromised-again-over-one-million-accounts-exposed.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ER2 Games was hacked\u003C/a\u003E. R2 had previously appeared on HIBP in 2015 after a prior incident. This one exposed over 1 million unique user accounts and corresponding MD5 password hashes with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/R2Games.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"R2Games","Title":"R2Games","Domain":"r2games.com","BreachDate":"2015-11-01","AddedDate":"2016-02-09T12:20:35Z","ModifiedDate":"2016-02-09T12:20:35Z","PwnCount":22281337,"Description":"In late 2015, the gaming website \u003Ca href=\u0022https://www.r2games.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ER2Games\u003C/a\u003E was hacked and more than 2.1M personal records disclosed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 11M accounts were added to \u0022Have I Been Pwned\u0022 in March 2016 and another 9M in July 2016 bringing the total to over 22M.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/R2Games.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RaidForums","Title":"RaidForums","Domain":"raidforums.com","BreachDate":"2020-09-24","AddedDate":"2023-05-31T01:43:34Z","ModifiedDate":"2023-05-31T02:12:05Z","PwnCount":478604,"Description":"In May 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/new-hacking-forum-leaks-data-of-478-000-raidforums-members/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E478k user records from the now defunct hacking forum known as \u0026quot;RaidForums\u0026quot; was posted to another hacking forum\u003C/a\u003E. The data dated back to September 2020 and included email addresses, usernames, dates of birth, IP addresses and passwords stored as Argon2 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RaidForums.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RailYatri","Title":"RailYatri","Domain":"railyatri.in","BreachDate":"2022-12-26","AddedDate":"2023-12-05T07:17:53Z","ModifiedDate":"2023-12-05T07:17:53Z","PwnCount":23209732,"Description":"In December 2022, India\u2019s government-approved online travel agency \u003Ca href=\u0022https://cybersecuritynews.com/railyatri-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERailYatri suffered a data breach\u003C/a\u003E. The incident impacted over 31M customers and exposed 23M unique email addresses. Also impacted were names, genders, phone numbers and tickets purchased, including travel information and fares.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RailYatri.png","DataClasses":["Email addresses","Genders","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Rambler","Title":"Rambler","Domain":"rambler.ru","BreachDate":"2014-03-01","AddedDate":"2016-11-01T09:33:34Z","ModifiedDate":"2016-11-01T09:33:34Z","PwnCount":91436280,"Description":"In late 2016, a data dump of almost 100M accounts from Rambler, sometimes referred to as \u0026quot;The Russian Yahoo\u0026quot;, \u003Ca href=\u0022http://www.zdnet.com/article/russian-portal-email-provider-rambler-hacked-98-million-accounts-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas discovered being traded online\u003C/a\u003E. The data set provided to Have I Been Pwned included 91M unique usernames (which also form part of Rambler email addresses) and plain text passwords. According to Rambler, the data dates back to March 2014.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Rambler.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Rankwatch","Title":"RankWatch","Domain":"rankwatch.com","BreachDate":"2016-11-19","AddedDate":"2017-11-03T07:04:08Z","ModifiedDate":"2017-11-03T07:04:08Z","PwnCount":7445067,"Description":"In approximately November 2016, the search engine optimisation management company \u003Ca href=\u0022https://www.rankwatch.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERankWatch\u003C/a\u003E exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called \u0026quot;us_emails\u0026quot;. When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being \u0026quot;in the same vein as the modbsolutions leak\u0026quot;, \u003Ca href=\u0022https://haveibeenpwned.com/PwnedWebsites#ModernBusinessSolutions\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea large list of corporate data allegedly used for spam purposes\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Rankwatch.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Raychat","Title":"Raychat","Domain":"raychat.ir","BreachDate":"2021-01-31","AddedDate":"2021-07-04T00:52:38Z","ModifiedDate":"2021-07-04T00:52:38Z","PwnCount":938981,"Description":"In January 2021, the now defunct Iranian social media platform \u003Ca href=\u0022https://www.gizmodo.com.au/2021/02/iranian-chat-app-gets-its-data-wiped-out-in-a-cyberattack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERaychat suffered a data breach that exposed 939 thousand unique email addresses\u003C/a\u003E. The data included names, IP addresses, browser user agent strings and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Raychat.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RbxRocks","Title":"Rbx.Rocks","Domain":"rbx.rocks","BreachDate":"2018-08-06","AddedDate":"2018-11-07T13:26:42Z","ModifiedDate":"2019-07-27T14:58:29Z","PwnCount":149958,"Description":"In August 2018, the Roblox trading site \u003Ca href=\u0022https://rbx.rocks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERbx.Rocks\u003C/a\u003E suffered a data breach. Almost 25k records were sent to HIBP in November and included names, email addresses and passwords stored as bcrypt hashes. In July 2019, a further 125k records emerged bringing the total size of the incident to 150k. The website has since gone offline with a message stating that \u0026quot;Rbx.Rocks v2.0 is currently under construction\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RbxRocks.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ReadNovel","Title":"Read Novel","Domain":"readnovel.com","BreachDate":"2019-05-01","AddedDate":"2022-05-16T08:41:14Z","ModifiedDate":"2022-05-16T08:41:14Z","PwnCount":22424472,"Description":"In May 2019, the Chinese literature website \u003Ca href=\u0022https://www.readnovel.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead Novel\u003C/a\u003E allegedly suffered a data breach that exposed 22M unique email addresses. Data also included usernames, genders, phone numbers and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ReadNovel.png","DataClasses":["Email addresses","Genders","Passwords","Phone numbers","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RealEstateMogul","Title":"Real Estate Mogul","Domain":"realestatemogul.com","BreachDate":"2016-09-06","AddedDate":"2018-09-24T05:08:57Z","ModifiedDate":"2018-09-24T05:08:57Z","PwnCount":307768,"Description":"In September 2016, the real estate investment site \u003Ca href=\u0022https://realestatemogul.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EReal Estate Mogul\u003C/a\u003E had a Mongo DB instance compromised and 5GB of data downloaded by an unauthorised party. The data contained real estate listings including addresses and the names, phone numbers and 308k unique email addresses of the sellers. Real Estate Mogul was advised of the incident in September 2018 and stated that they \u0026quot;found no instance of user account credentials like usernames and passwords nor billing information within this file\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RealEstateMogul.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RealDudesInc","Title":"RealDudesInc","Domain":"realdudesinc.com","BreachDate":"2022-10-22","AddedDate":"2023-02-19T04:52:21Z","ModifiedDate":"2023-02-19T04:52:21Z","PwnCount":101543,"Description":"In October 2022, the GTA mod menu provider \u003Ca href=\u0022https://twitter.com/FalconFeedsio/status/1584795069260869632\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERealDudesInc suffered a data breach\u003C/a\u003E that exposed over 100k email addresses (many of which are temporary guest account addresses). The breach also included usernames and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RealDudesInc.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RedDoorz","Title":"RedDoorz","Domain":"reddoorz.com","BreachDate":"2020-09-04","AddedDate":"2022-01-28T03:44:12Z","ModifiedDate":"2022-01-28T03:44:12Z","PwnCount":5890277,"Description":"In September 2020, the hotel management \u0026amp; booking platform \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/58-million-reddoorz-user-records-for-sale-on-hacking-forum/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERedDoorz suffered a data breach that exposed over 5.8M user accounts\u003C/a\u003E. The breached data included names, email addresses, phone numbers, genders, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RedDoorz.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Occupations","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RedLineStealer","Title":"RedLine Stealer","Domain":"","BreachDate":"2021-12-05","AddedDate":"2021-12-30T05:24:21Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":441657,"Description":"In December 2021, \u003Ca href=\u0022https://twitter.com/MayhemDayOne/status/1474749233475596292\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Elogs from the RedLine Stealer malware were left publicly exposed and were then obtained by security researcher Bob Diachenko\u003C/a\u003E. The data included 441 thousand unique email addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":true,"IsSubscriptionFree":false},{"Name":"BlueSnapRegpack","Title":"Regpack","Domain":"bluesnap.com","BreachDate":"2016-05-20","AddedDate":"2016-09-13T04:35:05Z","ModifiedDate":"2016-09-13T04:35:05Z","PwnCount":104977,"Description":"In July 2016, a tweet was posted with a link to an alleged data breach of \u003Ca href=\u0022http://bluesnap.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBlueSnap, a global payment gateway and merchant account provider\u003C/a\u003E. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I Been Pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as \u003Ca href=\u0022http://www.regpacks.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERegpack\u003C/a\u003E was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled \u003Ca href=\u0022https://www.troyhunt.com/someone-just-lost-324k-payment-records-complete-with-cvvs/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESomeone just lost 324k payment records, complete with CVVs\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/BlueSnapRegpack.png","DataClasses":["Browser user agent details","Credit card CVV","Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Reincubate","Title":"Reincubate","Domain":"reincubate.com","BreachDate":"2017-05-11","AddedDate":"2020-10-29T06:01:21Z","ModifiedDate":"2020-10-29T06:06:15Z","PwnCount":616146,"Description":"In October 2020, the app data company \u003Ca href=\u0022https://reincubate.com/blog/security-incident-oct-2020/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EReincubate suffered a data breach\u003C/a\u003E which exposed a backup from November 2017 (the newest record in the data appeared several months earlier). The data included over 616k unique email addresses, names and passwords stored as PBKDF2 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Reincubate.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RentoMojo","Title":"RentoMojo","Domain":"rentomojo.com","BreachDate":"2023-04-15","AddedDate":"2023-05-10T22:36:01Z","ModifiedDate":"2023-05-10T22:36:01Z","PwnCount":2185697,"Description":"In April 2023, the Indian rental service \u003Ca href=\u0022https://www.indiatoday.in/technology/news/story/rentomojo-confirms-data-breach-attackers-accessed-identifiable-customer-information-2362942-2023-04-21\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERentoMojo suffered a data breach\u003C/a\u003E. The breach exposed over 2M unique email addresses along with names, phone, passport and Aadhaar numbers, genders, dates of birth, purchases and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RentoMojo.png","DataClasses":["Dates of birth","Email addresses","Genders","Government issued IDs","Names","Passport numbers","Passwords","Phone numbers","Purchases","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RepublicanPartyOfTexas","Title":"Republican Party of Texas","Domain":"texasgop.org","BreachDate":"2021-09-11","AddedDate":"2021-10-06T07:44:39Z","ModifiedDate":"2021-10-06T07:44:39Z","PwnCount":72596,"Description":"In September 2021, \u003Ca href=\u0022https://www.dailydot.com/debug/anonymous-texas-gop-epik/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Republican Party of Texas was hacked by a group claiming to be \u0026quot;Anonymous\u0026quot; in retaliation for the state\u0027s controversial abortion ban\u003C/a\u003E. The September defacement was followed by a leak of data and documents which included material from the hosting provider Epik. Impacted data included over 72 thousand unique email addresses across various tables, some also including names, geographic location data, IP addresses and browser user agents.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RepublicanPartyOfTexas.png","DataClasses":["Browser user agent details","Email addresses","Geographic locations","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RetinaX","Title":"Retina-X","Domain":"retinax.com","BreachDate":"2017-02-23","AddedDate":"2017-04-30T01:51:55Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":71153,"Description":"In February 2017, the mobile device monitoring software developer Retina-X was hacked and customer data downloaded before being wiped from their servers. The incident was covered in the Motherboard article titled \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/inside-stalkerware-surveillance-market-flexispy-retina-x\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EInside the \u0027Stalkerware\u0027 Surveillance Market, Where Ordinary People Tap Each Other\u0027s Phones\u003C/a\u003E. The service, used to monitor mobile devices, had 71k email addresses and MD5 hashes with no salt exposed. Retina-X \u003Ca href=\u0022http://www.phonesheriff.com/blog/retina-x-studios-server-breached-by-hackers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edisclosed the incident in a blog post\u003C/a\u003E on April 27, 2017.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RetinaX.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Reverb-Nation","Title":"ReverbNation","Domain":"reverbnation.com","BreachDate":"2014-01-01","AddedDate":"2017-10-05T06:56:23Z","ModifiedDate":"2017-10-05T06:56:23Z","PwnCount":7040725,"Description":"In January 2014, the online service for assisting musicians to build their careers \u003Ca href=\u0022https://www.scmagazine.com/2014-breach-prompts-reverbnation-to-notify-customers/article/532492/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EReverbNation suffered a data breach which wasn\u0027t identified until September the following year\u003C/a\u003E. The breach contained over 7 million accounts with unique email addresses and salted SHA1 passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Reverb-Nation.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Rightbiz","Title":"Rightbiz","Domain":"rightdev.co.uk","BreachDate":"2023-07-09","AddedDate":"2023-08-10T22:11:35Z","ModifiedDate":"2023-08-10T22:43:06Z","PwnCount":65376,"Description":"In June 2023, data belonging to the \u0026quot;UK\u0027s No.1 Business Marketplace\u0026quot; Rightbiz appeared on a popular hacking forum. Comprising of more than 18M rows of data, the breach included 65k unique email addresses along with names, phone numbers and physical address. Rightbiz didn\u0027t respond to mulitple attempts to disclose the incident. The data was provided to HIBP by a source who requested it be attributed to \u003Ca href=\u0022https://discord.gg/gN9C9em\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;https://discord.gg/gN9C9em\u0026quot;\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Rightbiz.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RiverCityMedia","Title":"River City Media Spam List","Domain":"rivercitymediaonline.com","BreachDate":"2017-01-01","AddedDate":"2017-03-08T23:49:53Z","ModifiedDate":"2017-03-08T23:49:53Z","PwnCount":393430309,"Description":"In January 2017, \u003Ca href=\u0022https://web.archive.org/web/20170426084052/https://mackeeper.com/blog/post/339-spammergate-the-fall-of-an-empire\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea massive trove of data from River City Media was found exposed online\u003C/a\u003E. The data was found to contain almost 1.4 billion records including email and IP addresses, names and physical addresses, all of which was used as part of an enormous spam operation. Once de-duplicated, there were 393 million unique email addresses within the exposed data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Robinhood","Title":"Robinhood","Domain":"robinhood.com","BreachDate":"2021-11-03","AddedDate":"2022-03-03T22:47:32Z","ModifiedDate":"2022-03-03T22:47:32Z","PwnCount":5003937,"Description":"In November 2021, the online trading platform \u003Ca href=\u0022https://techcrunch.com/2021/11/09/robinhood-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERobinhood suffered a data breach\u003C/a\u003E after a customer service representative was socially engineered. The incident exposed over 5M customer email addresses and 2M customer names. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;Jarand Moen Romtviet\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Robinhood.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Roblox","Title":"Roblox","Domain":"roblox.com","BreachDate":"2016-07-31","AddedDate":"2023-07-23T03:51:55Z","ModifiedDate":"2023-07-23T04:01:44Z","PwnCount":52458,"Description":"In August 2016, \u003Ca href=\u0022https://roblox.fandom.com/wiki/2016_Roblox_security_breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERoblox disclosed a data breach that affected over 50k users\u003C/a\u003E. The security incident impacted email and IP addresses, usernames, purchases and Robux balances which were left exposed on a test server.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Roblox.png","DataClasses":["Account balances","Email addresses","IP addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RobloxDeveloperConference","Title":"Roblox Developer Conference (2023)","Domain":"rdcglobal.com","BreachDate":"2020-12-18","AddedDate":"2023-07-18T21:06:48Z","ModifiedDate":"2024-07-06T00:37:32Z","PwnCount":3943,"Description":"In July 2023, \u003Ca href=\u0022https://twitter.com/troyhunt/status/1681163196110098432\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea list of alleged attendees from the 2017-2020 Roblox Developers Conferences was circulated on a forum\u003C/a\u003E. The data contained 4k unique email addresses along with names, usernames, dates of birth, phone numbers, physical and IP addresses and T-shirt sizes","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Roblox.png","DataClasses":["Clothing sizes","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Roll20","Title":"Roll20","Domain":"roll20.net","BreachDate":"2018-12-26","AddedDate":"2019-07-19T14:26:05Z","ModifiedDate":"2019-07-19T14:26:05Z","PwnCount":3994436,"Description":"In December 2018, the tabletop role-playing games website \u003Ca href=\u0022https://app.roll20.net/forum/post/7209691/roll20-security-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERoll20 suffered a data breach\u003C/a\u003E. Almost 4 million customers were impacted by the breach and had email and IP addresses, names, bcrypt hashes of passwords and the last 4 digits of credit cards exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Roll20.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Romwe","Title":"Romwe","Domain":"romwe.com","BreachDate":"2018-06-01","AddedDate":"2021-01-18T09:15:42Z","ModifiedDate":"2021-01-18T09:15:42Z","PwnCount":19531820,"Description":"In mid-2018, the Hong Kong-based retailer \u003Ca href=\u0022https://finance.yahoo.com/finance/news/romwe-informs-shoppers-data-security-203054849.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERomwe suffered a data breach which exposed almost 20 million customers\u003C/a\u003E. The data was subsequently sold online and includes names, phone numbers, email and IP addresses, customer geographic locations and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Romwe.png","DataClasses":["Geographic locations","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RosebuttBoard","Title":"Rosebutt Board","Domain":"rosebuttboard.com","BreachDate":"2016-05-09","AddedDate":"2016-05-10T07:37:46Z","ModifiedDate":"2016-05-10T07:37:46Z","PwnCount":107303,"Description":"Some time prior to May 2016, \u003Ca href=\u0022https://motherboard.vice.com/read/rosebuttboard-ip-board\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum known as \u0026quot;Rosebutt Board\u0026quot; was hacked\u003C/a\u003E and 107k accounts were exposed. The self-described \u0026quot;top one board for anal fisting, prolapse, huge insertions and rosebutt fans\u0026quot; had email and IP addresses, usernames and weakly stored salted MD5 password hashes hacked from the IP.Board based forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RosebuttBoard.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RoyalEnfield","Title":"Royal Enfield","Domain":"royalenfield.com","BreachDate":"2019-01-01","AddedDate":"2022-03-31T21:13:58Z","ModifiedDate":"2022-03-31T21:13:58Z","PwnCount":420873,"Description":"In January 2020, motorcycle maker \u003Ca href=\u0022https://www.thequint.com/news/india/royal-enfield-exposed-database-containing-450000-customer-data-cyber-security-expert\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERoyal Enfield left a database publicly exposed that resulted in the inadvertent publication of over 400k customers\u003C/a\u003E. The impacted data included email and physical addresses, names, motorcycle information, social media profiles, passwords, and other personal information. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RoyalEnfield.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Social media profiles","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"RussianAmerica","Title":"Russian America","Domain":"russianamerica.com","BreachDate":"2017-01-01","AddedDate":"2018-09-13T04:48:08Z","ModifiedDate":"2018-09-13T04:48:08Z","PwnCount":182717,"Description":"In approximately 2017, the website for Russian speakers in America known as \u003Ca href=\u0022http://www.russianamerica.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERussian America\u003C/a\u003E suffered a data breach. The incident exposed 183k unique records including names, email addresses, phone numbers and passwords stored in both plain text and as MD5 hashes. Russian America was contacted about the breach but did not respond.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/RussianAmerica.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SalvadoranCitizens","Title":"Salvadoran Citizens","Domain":"","BreachDate":"2024-04-02","AddedDate":"2024-04-10T22:25:03Z","ModifiedDate":"2024-04-10T22:26:30Z","PwnCount":946989,"Description":"In April 2024, \u003Ca href=\u0022https://protos.com/hacker-doxxes-nearly-every-adult-in-el-salvador/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enearly 6 million records of Salvadoran citizens were published to a popular hacking forum\u003C/a\u003E. The data included names, dates of birth, phone numbers, physical addresses and nearly 1M unique email addresses. Further, over 5M corresponding profile photos were also included in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ElSalvadorFlag.png","DataClasses":["Dates of birth","Email addresses","Government issued IDs","Names","Phone numbers","Physical addresses","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SaverSpy","Title":"SaverSpy","Domain":"","BreachDate":"2018-09-18","AddedDate":"2018-09-25T10:59:05Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":2457420,"Description":"In September 2018, \u003Ca href=\u0022https://www.linkedin.com/pulse/another-e-marketing-database-11-million-records-bob-diachenko/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko discovered a massive collection of personal details exposed in an unprotected Mongo DB instance\u003C/a\u003E. The data appears to have been used in marketing campaigns (possibly for spam purposes) but had little identifying data about it other than a description of \u0026quot;Yahoo_090618_ SaverSpy\u0026quot;. The data set provided to HIBP had almost 2.5M unique email addresses (all of which were from Yahoo!) alongside names, genders and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses","Genders","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SCDailyPhoneSpamList","Title":"SC Daily Phone Spam List","Domain":"data4marketers.com","BreachDate":"2015-04-14","AddedDate":"2016-11-24T06:04:34Z","ModifiedDate":"2016-11-24T06:04:34Z","PwnCount":32939105,"Description":"In early 2015, a spam list known as \u003Ca href=\u0022http://www.data4marketers.com/2015APRspecials.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESC Daily Phone\u003C/a\u003E emerged containing almost 33M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. \u003Ca href=\u0022https://www.troyhunt.com/have-i-been-pwned-and-spam-lists-of-personal-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about spam lists in HIBP.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Scentbird","Title":"Scentbird","Domain":"scentbird.com","BreachDate":"2020-06-22","AddedDate":"2020-07-30T00:11:15Z","ModifiedDate":"2020-07-30T00:11:15Z","PwnCount":5814988,"Description":"In June 2020, the online fragrance service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EScentbird suffered a data breach\u003C/a\u003E that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of birth, passwords stored as bcrypt hashes and indicators of password strength were all exposed. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Scentbird.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Password strengths","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SchoolDistrict42","Title":"School District 42","Domain":"sd42.ca","BreachDate":"2023-01-15","AddedDate":"2023-02-02T05:27:50Z","ModifiedDate":"2023-02-02T08:16:17Z","PwnCount":18850,"Description":"In January 2023, \u003Ca href=\u0022https://www.mapleridgenews.com/news/maple-ridge-pitt-meadows-school-district-suffers-massive-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EPitt Meadows School District 42 in British Columbia suffered a data breach\u003C/a\u003E. The incident exposed the names and email addresses of approximately 19k students and staff which were consequently redistributed on a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SchoolDistrict42.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Seedpeer","Title":"Seedpeer","Domain":"seedpeer.eu","BreachDate":"2015-07-12","AddedDate":"2016-03-09T02:49:28Z","ModifiedDate":"2016-03-09T02:49:28Z","PwnCount":281924,"Description":"In July 2015, the torrent site Seedpeer was hacked and 282k member records were exposed. The data included usernames, email addresses and passwords stored as weak MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Seedpeer.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sephora","Title":"Sephora","Domain":"sephora.com.au","BreachDate":"2017-01-09","AddedDate":"2019-10-06T15:14:12Z","ModifiedDate":"2019-10-06T15:14:12Z","PwnCount":780073,"Description":"In approximately January 2017, the beauty store \u003Ca href=\u0022https://www.zdnet.com/article/sephora-data-breach-hits-southeast-asia-and-anz-customers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESephora suffered a data breach\u003C/a\u003E. Impacting customers in South East Asia, Australia and New Zealand, 780k unique email addresses were included in the breach alongside names, genders, dates of birth, ethnicities and other personal information. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sephora.png","DataClasses":["Dates of birth","Email addresses","Ethnicities","Genders","Names","Physical attributes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ServerPact","Title":"ServerPact","Domain":"serverpact.com","BreachDate":"2016-01-01","AddedDate":"2016-09-06T04:21:06Z","ModifiedDate":"2016-09-06T04:21:06Z","PwnCount":73587,"Description":"In mid-2015, the Dutch Minecraft site \u003Ca href=\u0022https://twitter.com/serverpact/status/772534083788365829\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EServerPact was hacked\u003C/a\u003E and 73k accounts were exposed. Along with birth dates, email and IP addresses, the site also exposed SHA1 password hashes with the username as the salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ServerPact.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SevenRooms","Title":"SevenRooms","Domain":"sevenrooms.com","BreachDate":"2022-12-11","AddedDate":"2023-08-24T21:49:00Z","ModifiedDate":"2023-08-24T21:49:00Z","PwnCount":1205385,"Description":"In December 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/restaurant-crm-platform-sevenrooms-confirms-breach-after-data-for-sale/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum\u003C/a\u003E. The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unauthorised access of \u0026quot;a file transfer interface of a third-party vendor\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SevenRooms.png","DataClasses":["Email addresses","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shadi","Title":"Shadi.com","Domain":"shadi.com","BreachDate":"2016-07-09","AddedDate":"2022-07-20T07:07:31Z","ModifiedDate":"2022-07-20T07:07:31Z","PwnCount":2021984,"Description":"In July 2016, the Muslim dating site \u003Ca href=\u0022https://news.softpedia.com/news/data-from-two-muslim-dating-sites-two-others-dumped-online-506356.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShadi.com suffered a data breach that exposed over 2M members\u0027 email addresses\u003C/a\u003E. The breach also exposed passwords stored as MD5 hashes alongside their plain text equivalents. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;fall1984@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shadi.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shadow","Title":"Shadow","Domain":"shadow.tech","BreachDate":"2023-09-28","AddedDate":"2024-08-11T00:06:02Z","ModifiedDate":"2024-08-11T04:46:29Z","PwnCount":543295,"Description":"In September 2023, the cloud gaming provider \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/shadow-pc-warns-of-data-breach-as-hacker-tries-to-sell-gamers-info/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShadow suffered a data breach that exposed over half a million customer records\u003C/a\u003E. The data included email and physical addresses, names and dates of birth. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shadow.png","DataClasses":["Dates of birth","Email addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShareThis","Title":"ShareThis","Domain":"sharethis.com","BreachDate":"2018-07-09","AddedDate":"2019-03-03T06:31:39Z","ModifiedDate":"2019-03-12T21:00:14Z","PwnCount":40960499,"Description":"In July 2018, the social bookmarking and sharing service \u003Ca href=\u0022https://www.sharethis.com/data-privacy-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShareThis suffered a data breach\u003C/a\u003E. The incident exposed 41 million unique email addresses alongside names and in some cases, dates of birth and password hashes. In 2019, \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared listed for sale on a dark web marketplace\u003C/a\u003E (along with several other large breaches) and subsequently began circulating more broadly. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShareThis.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SHEIN","Title":"SHEIN","Domain":"shein.com","BreachDate":"2018-06-01","AddedDate":"2019-07-17T13:59:41Z","ModifiedDate":"2019-07-17T13:59:41Z","PwnCount":39086762,"Description":"In June 2018, online fashion retailer \u003Ca href=\u0022https://www.zdnet.com/article/shein-fashion-retailer-announces-breach-affecting-6-42-million-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESHEIN suffered a data breach\u003C/a\u003E. The company discovered the breach 2 months later in August then disclosed the incident another month after that. A total of 39 million unique email addresses were found in the breach alongside MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SHEIN.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shitexpress","Title":"Shitexpress","Domain":"shitexpress.com","BreachDate":"2022-08-08","AddedDate":"2022-08-16T22:40:35Z","ModifiedDate":"2022-08-16T22:40:35Z","PwnCount":23817,"Description":"In August 2022, the online faeces delivery service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/anonymous-poop-gifting-site-hacked-customers-exposed/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShitexpress suffered a data breach that exposed 24k unique email addresses\u003C/a\u003E. The addresses spanned invoices, gift cards, promotions and PayPal records. The breach also exposed the IP and email addresses of senders, physical addresses of recipients and messages accompanying the shit delivery.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shitexpress.png","DataClasses":["Email addresses","IP addresses","Names","Physical addresses","Private messages","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShockGore","Title":"ShockGore","Domain":"shockgore.com","BreachDate":"2020-08-11","AddedDate":"2022-01-20T00:07:47Z","ModifiedDate":"2022-01-20T00:07:47Z","PwnCount":73944,"Description":"In August 2020, the website for sharing graphic videos and images of gore and animal cruelty suffered a data breach. The breach exposed 74k unique email addresses alongside usernames, IP addresses, genders and unsalted SHA-1 password hashes. Private messages were also exposed, many containing requests for material of a depraved nature. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShockGore.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShoeZone","Title":"Shoe Zone","Domain":"shoezone.com","BreachDate":"2024-06-28","AddedDate":"2024-08-05T22:13:35Z","ModifiedDate":"2024-08-05T22:13:35Z","PwnCount":46140,"Description":"In June 2024, \u003Ca href=\u0022https://cybernews.com/news/shoezone-cyberattack-uk-retail-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum\u003C/a\u003E. The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits), and 46k unique email addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShoeZone.png","DataClasses":["Email addresses","Names","Partial credit card data","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShopBack","Title":"ShopBack","Domain":"shopback.com","BreachDate":"2020-09-17","AddedDate":"2021-04-25T05:41:24Z","ModifiedDate":"2021-04-25T05:41:24Z","PwnCount":20529819,"Description":"In September 2020, the cashback reward program \u003Ca href=\u0022https://support.shopback.com.au/hc/en-us/articles/360054141274-Customer-Notice-FAQs\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShopBack suffered a data breach\u003C/a\u003E. The incident exposed over 20 million unique email addresses along with names, phone numbers, country of residence and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShopBack.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShopperPlus","Title":"Shopper\u002B","Domain":"shopperplus.ca","BreachDate":"2020-09-14","AddedDate":"2023-03-11T07:20:20Z","ModifiedDate":"2023-03-11T07:20:20Z","PwnCount":878290,"Description":"In March 2023, \u0026quot;Canada\u0027s online shopping mall\u0026quot; \u003Ca href=\u0022https://twitter.com/MikeSafariMusic/status/1634251270817980424\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShopper\u002B disclosed a data breach discovered on a public hacking forum\u003C/a\u003E. The breach dated back to September 2020 and included 878k customer records with email and physical addresses, names, phone numbers and in some cases, genders and dates of birth.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShopperPlus.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Phone numbers","Physical addresses","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ShortEdition","Title":"Short \u00C9dition","Domain":"short-edition.com","BreachDate":"2021-06-26","AddedDate":"2021-07-19T04:49:43Z","ModifiedDate":"2021-07-19T04:49:43Z","PwnCount":505466,"Description":"In June 2021, the French publishing house of short literature \u003Ca href=\u0022https://short-edition.com/en/p/cyber-attack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShort \u00C9dition suffered a data breach that exposed 505k records\u003C/a\u003E. Impacted data included email and physical addresses, names, usernames, phone numbers, dates of birth, genders and passwords stored as either salted SHA-1 or salted SHA-512 hashes. Short \u00C9dition self-submitted the impacted data to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ShortEdition.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Shotbow","Title":"Shotbow","Domain":"shotbow.net","BreachDate":"2016-05-09","AddedDate":"2017-10-29T23:53:20Z","ModifiedDate":"2017-10-29T23:53:20Z","PwnCount":1052753,"Description":"In May 2016, the multiplayer server for Minecraft service \u003Ca href=\u0022https://shotbow.net/forum/threads/security-data-breach-and-information-leak.346321/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EShotbow announced they\u0027d suffered a data breach\u003C/a\u003E. The incident resulted in the exposure of over 1 million unique email addresses, usernames and salted SHA-256 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Shotbow.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SirHurt","Title":"SirHurt","Domain":"sirhurt.net","BreachDate":"2021-04-23","AddedDate":"2022-05-24T05:06:08Z","ModifiedDate":"2022-05-24T05:06:08Z","PwnCount":90655,"Description":"In April 2021, the the Roblox cheats website \u003Ca href=\u0022https://wearedevs.net/forum/t/20397\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESirHurt suffered a data breach\u003C/a\u003E that exposed over 90k customer records. The exposed data included email and IP addresses, usernames and passwords stored as MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SirHurt.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SitePoint","Title":"SitePoint","Domain":"sitepoint.com","BreachDate":"2020-06-20","AddedDate":"2022-08-17T08:21:50Z","ModifiedDate":"2022-08-17T08:21:50Z","PwnCount":1021790,"Description":"In June 2020, the web development site \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/sitepoint-discloses-data-breach-after-stolen-info-used-in-attacks/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESitePoint suffered a data breach that exposed over 1M customer records\u003C/a\u003E. Impacted data included email and IP addresses, names, usernames, bios and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SitePoint.png","DataClasses":["Bios","Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SkTorrent","Title":"SkTorrent","Domain":"sktorrent.eu","BreachDate":"2016-02-19","AddedDate":"2016-02-23T03:30:49Z","ModifiedDate":"2016-02-23T03:30:49Z","PwnCount":117070,"Description":"In February 2016, the Slovak torrent tracking site SkTorrent \u003Ca href=\u0022http://tech.sme.sk/c/20099331/hackeri-ukradli-na-slovensku-118-tisic-identit.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked and over 117k records leaked online\u003C/a\u003E. The data dump included usernames, email addresses and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SkTorrent.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Slickwraps","Title":"Slickwraps","Domain":"slickwraps.com","BreachDate":"2020-02-16","AddedDate":"2020-02-22T19:20:00Z","ModifiedDate":"2020-02-22T19:20:00Z","PwnCount":857611,"Description":"In February 2020, the online store for consumer electronics wraps \u003Ca href=\u0022https://www.slickwraps.com/blog/update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESlickwraps suffered a data breach\u003C/a\u003E. The incident resulted in the exposure of 858k unique email addresses across customer records and newsletter subscribers. Additional impacted data included names, physical addresses, phone numbers and purchase histories.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Slickwraps.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SlideTeam","Title":"SlideTeam","Domain":"slideteam.net","BreachDate":"2021-04-06","AddedDate":"2023-01-07T01:05:24Z","ModifiedDate":"2023-01-07T01:05:24Z","PwnCount":1464271,"Description":"In April 2021, the \u0026quot;world\u2019s largest collection of pre-designed presentation slides\u0026quot; \u003Ca href=\u0022https://news.kaduu.ch/2022/08/25/worlds-largest-supplier-of-powerpoint-content-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESlideTeam had 1.4M records breached and later published to a popular hacking forum the following year\u003C/a\u003E. Allegedly sourced from a compromised Magento instance, the data included names, email addresses and passwords stored as salted hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SlideTeam.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Smogon","Title":"Smogon","Domain":"smogon.com","BreachDate":"2017-09-10","AddedDate":"2018-04-11T00:12:09Z","ModifiedDate":"2018-04-11T00:12:09Z","PwnCount":386489,"Description":"In April 2018, the Pok\u00E9mon website known as \u003Ca href=\u0022https://www.smogon.com/forums/threads/we-were-hacked-recently-you-may-potentially-want-to-change-your-passwords.3632265/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESmogon announced they\u0027d suffered a data breach\u003C/a\u003E. The breach dated back to September 2017 and affected their XenForo based forum. The exposed data included usernames, email addresses, genders and both bcrypt and MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Smogon.png","DataClasses":["Email addresses","Genders","Geographic locations","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Snail","Title":"Snail","Domain":"snail.com","BreachDate":"2015-03-14","AddedDate":"2019-07-27T16:24:09Z","ModifiedDate":"2019-07-27T16:24:09Z","PwnCount":1410899,"Description":"In March 2015, the gaming website \u003Ca href=\u0022https://www.technadu.com/emuparadise-1-1-million-user-data-breach/70025/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESnail suffered a data breach\u003C/a\u003E that impacted 1.4 million subscribers. The impacted data included usernames, IP and email addresses and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Snail.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Snapchat","Title":"Snapchat","Domain":"snapchat.com","BreachDate":"2014-01-01","AddedDate":"2014-01-02T00:00:00Z","ModifiedDate":"2014-01-02T00:00:00Z","PwnCount":4609615,"Description":"In January 2014 just one week after \u003Ca href=\u0022http://gibsonsec.org/snapchat/fulldisclosure/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EGibson Security detailed vulnerabilities in the service\u003C/a\u003E, Snapchat had 4.6 million usernames and phone number exposed. The attack involved \u003Ca href=\u0022http://www.troyhunt.com/2014/01/searching-snapchat-data-breach-with.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebrute force enumeration of a large number of phone numbers\u003C/a\u003E against the Snapchat API in what appears to be a response to Snapchat\u0027s assertion that such an attack was \u0026quot;theoretical\u0026quot;. Consequently, the breach enabled individual usernames (which are often used across other services) to be resolved to phone numbers which users usually wish to keep private.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Snapchat.png","DataClasses":["Geographic locations","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SoarGames","Title":"SoarGames","Domain":"soargames.com","BreachDate":"2019-12-16","AddedDate":"2023-12-03T06:56:13Z","ModifiedDate":"2023-12-03T06:56:13Z","PwnCount":4774445,"Description":"In December 2019, the now defunct gaming website SoarGames suffered a data breach that exposed 4.8M unique email addresses. The impacted data included usernames, email and IP addresses and salted MD5 password hashes. A significant number of the email addresses appeared to have been generated as opposed to organically provided by the user.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SoarGames.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SocialEngineered","Title":"Social Engineered","Domain":"socialengineered.net","BreachDate":"2019-06-13","AddedDate":"2019-06-23T20:46:39Z","ModifiedDate":"2019-06-25T18:06:57Z","PwnCount":89392,"Description":"In June 2019, the \u0026quot;Art of Human Hacking\u0026quot; site \u003Ca href=\u0022https://socialengineered.net\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESocial Engineered\u003C/a\u003E suffered a data breach. The breach of the MyBB forum was published on a rival hacking forum and included 89k unique email addresses spread across 55k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SocialEngineered.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SIAE","Title":"Societ\u00E0 Italiana degli Autori ed Editori","Domain":"siae.it","BreachDate":"2018-11-03","AddedDate":"2018-11-07T04:31:14Z","ModifiedDate":"2018-11-07T04:37:11Z","PwnCount":14609,"Description":"In November 2018, the Societ\u00E0 Italiana degli Autori ed Editori (Italian Society of Authors and Publishers, or SIAE) \u003Ca href=\u0022https://www.repubblica.it/tecnologia/sicurezza/2018/11/03/news/tecnologia_altro_attacco_di_anonplus_bucato_il_sito_della_siae_e_rubati_4_giga_di_dati-210654944/?ref=search\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas hacked, defaced and almost 4GB of data leaked publicly via Twitter\u003C/a\u003E. The data included over 14k registered users\u0027 names, email addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SIAE.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sonicbids","Title":"Sonicbids","Domain":"sonicbids.com","BreachDate":"2019-12-30","AddedDate":"2020-08-18T07:39:37Z","ModifiedDate":"2020-08-18T07:39:37Z","PwnCount":751700,"Description":"In December 2019, the booking website \u003Ca href=\u0022https://oag.ca.gov/system/files/Sonicbids%20-%20%20CA.pdf\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESonicbids suffered a data breach\u003C/a\u003E which they attributed to \u0026quot;a data privacy event involving our third-party cloud hosting services\u0026quot;. The breach contained 752k user records including names and usernames, email addresses and passwords stored as PBKDF2 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sonicbids.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sony","Title":"Sony","Domain":"sony.com","BreachDate":"2011-06-02","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":37103,"Description":"In 2011, Sony suffered breach after breach after breach \u0026mdash; it was a \u003Cem\u003Every\u003C/em\u003E bad year for them. The breaches spanned various areas of the business ranging from the PlayStation network all the way through to the motion picture arm, Sony Pictures. A SQL Injection vulnerability in \u003Ca href=\u0022http://www.sonypictures.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esonypictures.com\u003C/a\u003E lead to \u003Ca href=\u0022http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etens of thousands of accounts across multiple systems being exposed\u003C/a\u003E complete with plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sony.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Soundwave","Title":"Soundwave","Domain":"soundwave.com","BreachDate":"2015-07-16","AddedDate":"2017-03-17T22:36:34Z","ModifiedDate":"2017-03-17T22:36:34Z","PwnCount":130705,"Description":"In approximately mid 2015, the music tracking app \u003Ca href=\u0022http://www.soundwave.com/help/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESoundwave suffered a data breach\u003C/a\u003E. The breach stemmed from an incident whereby \u0026quot;production data had been used to populate the test database\u0026quot; and was then inadvertently exposed in a MongoDB. The data contained 130k records and included email addresses, dates of birth, genders and MD5 hashes of passwords without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Soundwave.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Social connections"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SpecialKSpamList","Title":"Special K Data Feed Spam List","Domain":"data4marketers.com","BreachDate":"2015-10-07","AddedDate":"2016-11-24T00:18:27Z","ModifiedDate":"2016-11-24T00:18:27Z","PwnCount":30741620,"Description":"In mid to late 2015, a spam list known as the \u003Ca href=\u0022http://www.data4marketers.com/d4m_SpecialKfeed2015.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESpecial K Data Feed\u003C/a\u003E was discovered containing almost 31M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. \u003Ca href=\u0022https://www.troyhunt.com/have-i-been-pwned-and-spam-lists-of-personal-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about spam lists in HIBP.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sphero","Title":"Sphero","Domain":"sphero.com","BreachDate":"2023-09-09","AddedDate":"2023-10-20T07:16:25Z","ModifiedDate":"2023-10-20T07:16:25Z","PwnCount":832255,"Description":"In September 2023, \u003Ca href=\u0022https://www.safetydetectives.com/news/sphero-leak-report/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 1M rows of data from the educational robots company Sphero was posted to a popular hacking forum\u003C/a\u003E. The data contained 832k unique email addresses alongside names, usernames, dates of birth and geographic locations.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sphero.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Spirol","Title":"Spirol","Domain":"spirol.com","BreachDate":"2014-02-22","AddedDate":"2014-02-22T20:47:56Z","ModifiedDate":"2014-02-22T20:47:56Z","PwnCount":55622,"Description":"In February 2014, Connecticut based Spirol Fastening Solutions \u003Ca href=\u0022http://news.softpedia.com/news/Details-of-70-000-Users-Leaked-by-Hackers-From-Systems-of-SPIROL-International-428669.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach that exposed over 70,000 customer records\u003C/a\u003E. The attack was allegedly mounted by exploiting a SQL injection vulnerability which yielded data from Spirol\u2019s CRM system ranging from customers\u2019 names, companies, contact information and over 55,000 unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Spirol.png","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Sport2000","Title":"Sport 2000","Domain":"sport2000.fr","BreachDate":"2024-04-18","AddedDate":"2024-08-28T06:56:12Z","ModifiedDate":"2024-08-28T06:56:12Z","PwnCount":3189643,"Description":"In April 2024, \u003Ca href=\u0022https://www.clubic.com/actualite-525045-sport-2000-victime-d-une-cyberattaque-un-gang-de-pirates-francais-soupconne-de-vendre-les-donnees-de-4-millions-de-clients.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe French sporting equipment manufacturer Sport 2000 announced it had suffered a data breach\u003C/a\u003E. The data was subsequently put up for sale on a popular hacking forum and included 4.4M rows with 3.2M unique email addresses alongside names, physical addresses, phone numbers, dates of birth and purchases made by store name. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Sport2000.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Spoutible","Title":"Spoutible","Domain":"spoutible.com","BreachDate":"2024-01-31","AddedDate":"2024-02-05T07:33:00Z","ModifiedDate":"2024-02-05T07:33:00Z","PwnCount":207114,"Description":"In January 2024, \u003Ca href=\u0022https://www.troyhunt.com/how-spoutibles-leaky-api-spurted-out-a-deluge-of-personal-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESpoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information\u003C/a\u003E. The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes. The incident also exposed 2FA secrets and backup codes along with password reset tokens.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Spoutible.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SpyFone","Title":"SpyFone","Domain":"spyfone.com","BreachDate":"2018-08-16","AddedDate":"2018-08-24T04:36:24Z","ModifiedDate":"2024-07-11T19:29:17Z","PwnCount":44109,"Description":"In August 2018, the spyware company \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/9kmj4v/spyware-company-spyfone-terabytes-data-exposed-online-leak\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESpyFone left terabytes of data publicly exposed\u003C/a\u003E. Collected surreptitiously whilst the targets were using their devices, the data included photos, audio recordings, text messages and browsing history which were then exposed via a number of misconfigurations within SpyFone\u0027s systems. The data belonged the thousands of SpyFone customers and included 44k unique email addresses, many likely belonging to people the targeted phones had contact with.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SpyFone.png","DataClasses":["Audio recordings","Browsing histories","Device information","Email addresses","Geographic locations","IMEI numbers","IP addresses","Names","Passwords","Photos","SMS messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Spytech","Title":"Spytech","Domain":"spytech-web.com","BreachDate":"2024-06-04","AddedDate":"2024-07-30T03:30:44Z","ModifiedDate":"2024-07-30T03:30:44Z","PwnCount":5645,"Description":"In July 2024, \u003Ca href=\u0022https://techcrunch.com/2024/07/25/spytech-data-breach-windows-mac-android-chromebook-spyware/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Espyware maker Spytech suffered a data breach that exposed data collected as recently as the previous month\u003C/a\u003E. Designed to \u0026quot;invisibly record everything users do\u0026quot;, the breach exposed information related to both purchasers and targets of the product. Target data collection (and subsequent exposure) included the infected computer name, browsing history, applications used, usernames of authenticated users, keywords being monitored, file operations (creation and deletion), computer usage times and email addresses, often captured within the spyware\u0027s logs. The data also included the names, purchases and md5 password hashes of purchasers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Spytech.png","DataClasses":["Browsing histories","Device information","Email addresses","Names","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StalkerOnline","Title":"Stalker Online","Domain":"stalker.so","BreachDate":"2020-05-05","AddedDate":"2024-10-31T20:11:33Z","ModifiedDate":"2024-10-31T20:11:33Z","PwnCount":1385472,"Description":"In May 2020, \u003Ca href=\u0022https://www.bitdefender.com/en-gb/blog/hotforsecurity/data-breach-hacker-sells-over-1-3-million-user-records-of-popular-stalker-online-mmo-game-on-dark-web-marketplace/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 1.3M records from the MMO game Stalker Online were breached\u003C/a\u003E. The data included email and IP addresses, usernames and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StalkerOnline.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Staminus","Title":"Staminus","Domain":"staminus.net","BreachDate":"2016-03-11","AddedDate":"2017-10-05T03:58:50Z","ModifiedDate":"2017-10-05T03:58:50Z","PwnCount":26815,"Description":"In March 2016, the DDoS protection service \u003Ca href=\u0022https://krebsonsecurity.com/2016/03/hackers-target-anti-ddos-firm-staminus/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStaminus was \u0026quot;massively hacked\u0026quot;\u003C/a\u003E resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data. 27k unique email addresses were found in the data which was subsequently released to the public. Staminus is no longer in operation.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Staminus.png","DataClasses":["Credit cards","Email addresses","IP addresses","Passwords","Support tickets","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StarNet","Title":"StarNet","Domain":"starnet.md","BreachDate":"2015-02-26","AddedDate":"2015-04-11T06:35:46Z","ModifiedDate":"2015-04-11T06:35:46Z","PwnCount":139395,"Description":"In February 2015, the Moldavian ISP \u0026quot;StarNet\u0026quot; \u003Ca href=\u0022http://www.moldova.org/the-database-of-an-internet-provider-from-moldova-was-stolen-and-published/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehad it\u0027s database published online\u003C/a\u003E. The dump included nearly 140k email addresses, many with personal details including contact information, usage patterns of the ISP and even passport numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StarNet.png","DataClasses":["Customer interactions","Dates of birth","Email addresses","Genders","IP addresses","MAC addresses","Names","Passport numbers","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Start","Title":"START","Domain":"start.film","BreachDate":"2021-06-01","AddedDate":"2022-08-30T02:48:30Z","ModifiedDate":"2022-08-30T02:55:07Z","PwnCount":7455386,"Description":"In August 2022, \u003Ca href=\u0022https://meduza.io/news/2022/08/28/v-set-popali-dannye-44-millionov-polzovateley-onlayn-kinoteatra-start\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of an attack against the Russian streaming service \u0026quot;START\u0026quot;\u003C/a\u003E. The incident led to the exposure of 44M records containing 7.4M unique email addresses. The impacted data also included the subscriber\u0027s country and password hash. START subsequently \u003Ca href=\u0022https://t.me/start_shows/1181\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eacknowledged the incident in a Telegram post\u003C/a\u003E and stated that the data dated back to 2021.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Start.png","DataClasses":["Email addresses","Geographic locations","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StarTribune","Title":"StarTribune","Domain":"startribune.com","BreachDate":"2019-10-10","AddedDate":"2020-10-30T23:30:39Z","ModifiedDate":"2020-10-31T01:01:09Z","PwnCount":2192857,"Description":"In October 2019, the Minnesota-based news service \u003Ca href=\u0022https://www.startribune.com/hacker-group-claims-to-have-stolen-star-tribune-user-information/570384542/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStarTribune suffered a data breach\u003C/a\u003E which was subsequently sold on the dark web. The breach exposed over 2 million unique email addresses alongside names, usernames, physical addresses, dates of birth, genders and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StarTribune.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TelegramStealerLogs","Title":"Stealer Logs Posted to Telegram","Domain":"","BreachDate":"2024-07-18","AddedDate":"2024-08-01T05:38:53Z","ModifiedDate":"2024-08-01T05:38:53Z","PwnCount":26105473,"Description":"In July 2024, \u003Ca href=\u0022https://troyhunt.com/begging-for-bounties-and-more-info-stealer-logs\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Einfo stealer logs with 26M unique email addresses were collated from malicious Telegram channels\u003C/a\u003E. The data contained 22GB of logs consisting of email addresses, passwords and the websites they were used on, all obtained by malware running on infected machines.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SterKinekor","Title":"Ster-Kinekor","Domain":"sterkinekor.co.za","BreachDate":"2017-03-09","AddedDate":"2017-03-13T10:13:16Z","ModifiedDate":"2017-03-13T10:13:16Z","PwnCount":1619544,"Description":"In 2016, the South African cinema company \u003Ca href=\u0022http://blog.roguecode.co.za/sterkinekor-vulnerability-download-millions-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESter-Kinekor had a security flaw\u003C/a\u003E which leaked a large amount of customer data via an enumeration vulnerability in the API of their old website. Whilst more than 6 million accounts were leaked by the flaw, the exposed data only contained 1.6 million unique email addresses. The data also included extensive personal information such as names, addresses, birthdates, genders and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SterKinekor.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StockX","Title":"StockX","Domain":"stockx.com","BreachDate":"2019-07-26","AddedDate":"2019-08-10T15:34:08Z","ModifiedDate":"2019-08-11T04:12:11Z","PwnCount":6840339,"Description":"In July 2019, the fashion and sneaker trading platform \u003Ca href=\u0022https://stockx.com/news/update-on-data-security-issue/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStockX suffered a data breach\u003C/a\u003E which was subsequently sold via a dark webmarketplace. The exposed data included 6.8 million unique email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StockX.png","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StoryBird","Title":"StoryBird","Domain":"storybird.com","BreachDate":"2015-08-07","AddedDate":"2021-02-02T00:39:58Z","ModifiedDate":"2021-02-02T00:39:58Z","PwnCount":1047200,"Description":"In August 2015, the storytelling service \u003Ca href=\u0022https://www.zdnet.com/article/hacker-puts-up-for-sale-third-round-of-hacked-databases-on-the-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStoryBird suffered a data breach\u003C/a\u003E exposing 4 million records with 1 million unique email addresses. Impacted data also included names, usernames and passwords stored as PBKDF2 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StoryBird.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Straffic","Title":"Straffic","Domain":"straffic.io","BreachDate":"2020-02-14","AddedDate":"2020-02-27T19:28:29Z","ModifiedDate":"2020-02-27T19:28:29Z","PwnCount":48580249,"Description":"In February 2020, Israeli marketing company \u003Ca href=\u0022https://www.databreachtoday.com/israeli-marketing-company-exposes-contacts-database-a-13785\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStraffic exposed a database with 140GB of personal data\u003C/a\u003E. The publicly accessible Elasticsearch database contained over 300M rows with 49M unique email addresses. Exposed data also included names, phone numbers, physical addresses and genders. In \u003Ca href=\u0022https://straffic.io/updates.php\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etheir breach disclosure message\u003C/a\u003E, Straffic stated that \u0026quot;it is impossible to create a totally immune system, and these things can occur\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Straffic.png","DataClasses":["Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Stratfor","Title":"Stratfor","Domain":"stratfor.com","BreachDate":"2011-12-24","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":859777,"Description":"In December 2011, \u0026quot;Anonymous\u0026quot; \u003Ca href=\u0022http://www.troyhunt.com/2011/12/5-website-security-lessons-courtesy-of.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked the global intelligence company known as \u0026quot;Stratfor\u0026quot;\u003C/a\u003E and consequently disclosed a veritable treasure trove of data including hundreds of gigabytes of email and tens of thousands of credit card details which were promptly used by the attackers to make charitable donations (among other uses). The breach also included 860,000 user accounts complete with email address, time zone, some internal system data and MD5 hashed passwords with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Stratfor.png","DataClasses":["Credit cards","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StreamCraft","Title":"StreamCraft","Domain":"streamcraft.net","BreachDate":"2020-07-06","AddedDate":"2024-10-27T21:01:08Z","ModifiedDate":"2024-10-27T21:01:08Z","PwnCount":1772620,"Description":"In July 2020, the Russian Minecraft service StreamCraft suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The data included 1.8M records of usernames, email and IP addresses and passwords stored as either MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StreamCraft.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StreetEasy","Title":"StreetEasy","Domain":"streeteasy.com","BreachDate":"2016-06-28","AddedDate":"2019-10-06T18:18:50Z","ModifiedDate":"2019-10-06T18:25:03Z","PwnCount":988230,"Description":"In approximately June 2016, the real estate website \u003Ca href=\u0022https://therealdeal.com/2019/02/19/a-million-streeteasy-accounts-hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStreetEasy suffered a data breach\u003C/a\u003E. In total, 988k unique email addresses were included in the breach alongside names, usernames and SHA-1 hashes of passwords, all of which appeared for sale on a dark web marketplace in February 2019. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StreetEasy.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Stripchat","Title":"Stripchat","Domain":"stripchat.com","BreachDate":"2021-11-05","AddedDate":"2022-08-31T06:17:42Z","ModifiedDate":"2022-08-31T06:37:07Z","PwnCount":10001355,"Description":"In November 2021, the live sex cams and adult chat website \u003Ca href=\u0022https://www.bitdefender.com.au/blog/hotforsecurity/unsecure-server-exposed-200-million-records-of-adult-webcam-models-and-users-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStripchat left several databases exposed and unsecured\u003C/a\u003E. In June the following year, over 10M Stripchat records appeared on a popular hacking forum. The exposed data included usernames, email addresses and IP addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Stripchat.png","DataClasses":["Email addresses","IP addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"StrongholdKingdoms","Title":"Stronghold Kingdoms","Domain":"strongholdkingdoms.com","BreachDate":"2018-07-04","AddedDate":"2019-07-21T15:36:01Z","ModifiedDate":"2019-07-21T15:36:01Z","PwnCount":5187305,"Description":"In July 2018, the massive multiplayer online game \u003Ca href=\u0022https://techraptor.net/content/roll20-stronghold-kingdoms-subject-security-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EStronghold Kingdoms suffered a data breach\u003C/a\u003E. Almost 5.2 million accounts were impacted by the incident which exposed emails addresses, usernames and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/StrongholdKingdoms.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SubaGames","Title":"SubaGames","Domain":"subagames.com","BreachDate":"2016-11-01","AddedDate":"2021-08-25T06:39:28Z","ModifiedDate":"2021-08-25T06:44:29Z","PwnCount":6137666,"Description":"In November 2016, the game developer \u003Ca href=\u0022https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESuba Games suffered a data breach\u003C/a\u003E which led to the exposure of 6.1M unique email addresses. Impacted data also included usernames and passwords, most of which appeared circulating in the breached file in plain text after being cracked from salted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SubaGames.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SumoTorrent","Title":"Sumo Torrent","Domain":"sumotorrent.sx","BreachDate":"2014-06-21","AddedDate":"2016-03-09T01:23:23Z","ModifiedDate":"2016-03-09T01:23:23Z","PwnCount":285191,"Description":"In June 2014, the torrent site Sumo Torrent was hacked and 285k member records were exposed. The data included IP addresses, email addresses and passwords stored as weak MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SumoTorrent.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SundryFiles","Title":"Sundry Files","Domain":"sundryfiles.com","BreachDate":"2022-01-21","AddedDate":"2023-03-31T04:51:11Z","ModifiedDate":"2023-03-31T04:51:11Z","PwnCount":274461,"Description":"In January 2022, the now defunct file upload service Sundry Files suffered a data breach that exposed 274k unique email addresses. The data also included usernames, IP addresses and passwords stored as salted SHA-256 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SundryFiles.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SuperVPNGeckoVPN","Title":"SuperVPN \u0026 GeckoVPN","Domain":"","BreachDate":"2021-02-25","AddedDate":"2021-02-28T22:30:29Z","ModifiedDate":"2021-02-28T22:49:32Z","PwnCount":20339937,"Description":"In February 2021, \u003Ca href=\u0022https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea series of \u0026quot;free\u0026quot; VPN services were breached including SuperVPN and GeckoVPN\u003C/a\u003E, exposing over 20M records. The data appeared together in a single file with a small number of records also included from FlashVPN, suggesting that all three brands may share the same platform. Impacted data also included email addresses, the country logged in from and the date and time each login occurred alongside device information including the make and model, IMSI number and serial number. The data was provided to HIBP by a source who requested it be attributed to redredred@riseup.net.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SuperVPNGeckoVPN.png","DataClasses":["Device information","Device serial numbers","Email addresses","Geographic locations","IMSI numbers","Login histories"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SurveyLama","Title":"SurveyLama","Domain":"surveylama.com","BreachDate":"2024-02-01","AddedDate":"2024-04-02T23:04:58Z","ModifiedDate":"2024-04-02T23:04:58Z","PwnCount":4426879,"Description":"In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already \u0026quot;notified the users by email\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SurveyLama.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SvenskaMagic","Title":"SvenskaMagic","Domain":"svenskamagic.com","BreachDate":"2015-07-01","AddedDate":"2018-08-30T05:05:04Z","ModifiedDate":"2018-08-30T05:08:09Z","PwnCount":30327,"Description":"Sometime in 2015, the Swedish magic website \u003Ca href=\u0022https://www.svenskamagic.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESvenskaMagic\u003C/a\u003E suffered a data breach that exposed over 30k records. The compromised data included usernames, email addresses and MD5 password hashes. The data was self-submitted to HIBP by SvenskaMagic.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SvenskaMagic.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SweClockers","Title":"SweClockers.com","Domain":"sweclockers.com","BreachDate":"2015-04-01","AddedDate":"2017-03-22T02:01:20Z","ModifiedDate":"2018-07-27T21:59:04Z","PwnCount":254867,"Description":"In early 2015, the Swedish tech news site \u003Ca href=\u0022http://www.sweclockers.com/nyhet/20800-sweclockers-drabbas-av-dataintrang\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESweClockers was hacked\u003C/a\u003E and 255k accounts were exposed. The attack led to the exposure of usernames, email addresses and salted hashes of passwords stored with a combination of MD5 and SHA512.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SweClockers.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Switch","Title":"Switch","Domain":"switchit.hu","BreachDate":"2024-10-01","AddedDate":"2024-10-05T20:18:44Z","ModifiedDate":"2024-10-05T20:18:44Z","PwnCount":5397,"Description":"In October 2024, the Hungarian IT headhunting service \u003Ca href=\u0022https://telex.hu/techtud/2024/10/01/kiberbiztonsag-adatvedelem-adatszivargas-szemelyes-adatok-switch-it-fejvadasz-ceg\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESwitch inadvertently exposed thousands of customer records via a public GitHub repository\u003C/a\u003E. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Switch.png","DataClasses":["Email addresses","Job applications","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SwordFantasy","Title":"SwordFantasy","Domain":"swordfantasy.com","BreachDate":"2017-01-20","AddedDate":"2024-03-26T08:31:58Z","ModifiedDate":"2024-03-26T08:31:58Z","PwnCount":2690657,"Description":"In January 2019, the now defunct MMO and RPG game SwordFantasy suffered a data breach that exposed 2.7M unique email addresses. Other impacted data included username, IP address and salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SwordFantasy.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Swvl","Title":"Swvl","Domain":"swvl.com","BreachDate":"2020-06-23","AddedDate":"2020-07-31T06:24:42Z","ModifiedDate":"2020-07-31T07:59:49Z","PwnCount":4195918,"Description":"In June 2020, the Egyptian bus operator \u003Ca href=\u0022https://portswigger.net/daily-swig/egyptian-bus-operator-swvl-hit-by-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESwvl suffered a data breach\u003C/a\u003E which impacted over 4 million members of the service. The exposed data included names, email addresses, phone numbers, profile photos, partial credit card data (type and last 4 digits) and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Swvl.png","DataClasses":["Email addresses","Names","Partial credit card data","Passwords","Phone numbers","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"T2","Title":"T2","Domain":"t2tea.com","BreachDate":"2024-04-17","AddedDate":"2024-04-22T06:17:17Z","ModifiedDate":"2024-04-24T04:06:11Z","PwnCount":94584,"Description":"In April 2024, \u003Ca href=\u0022https://www.cyberdaily.au/security/10446-t2-scalded-by-alleged-data-breach-affecting-more-than-80-000-customers\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E95k records from the T2 tea store were posted to a popular hacking forum\u003C/a\u003E. Data included email and physical addresses, names, phone numbers, dates of birth, purchases and passwords stored as scrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/T2.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TaiLieu","Title":"TaiLieu","Domain":"tailieu.vn","BreachDate":"2019-11-24","AddedDate":"2020-05-03T23:48:08Z","ModifiedDate":"2020-05-03T23:48:08Z","PwnCount":7327477,"Description":"In November 2019, the Vietnamese education website \u003Ca href=\u0022https://tailieu.vn/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaiLieu\u003C/a\u003E allegedly suffered a data breach exposing 7.3M customer records. Impacted data included names and usernames, email addresses, dates of birth, genders and passwords stored as unsalted MD5 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E after being shared on a popular hacking forum. TaiLieu did not respond when contacted about the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TaiLieu.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tamodo","Title":"Tamodo","Domain":"tamodo.com","BreachDate":"2020-02-28","AddedDate":"2020-03-24T23:47:43Z","ModifiedDate":"2020-03-24T23:55:46Z","PwnCount":494945,"Description":"In February 2020, the affiliate marketing network \u003Ca href=\u0022https://www.tamodo.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETamodo\u003C/a\u003E suffered a data breach which was subsequently shared on a popular hacking forum. The incident exposed almost 500k accounts including names, email addresses, dates of birth and passwords stored as bcrypt hashes. Tamodo failed to respond to multiple attempts to report the breach via published communication channels.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tamodo.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tangerine","Title":"Tangerine","Domain":"tangerinetelecom.com.au","BreachDate":"2024-02-18","AddedDate":"2024-02-28T01:42:43Z","ModifiedDate":"2024-02-28T01:42:43Z","PwnCount":243462,"Description":"In February 2024, the Australian Telco \u003Ca href=\u0022https://www.itnews.com.au/news/tangerine-telecom-says-customer-data-of-232000-affected-by-cyber-incident-605337\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETangerine suffered a data breach that exposed over 200k customer records\u003C/a\u003E. Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process involves sending a one-time password after entering an email address and phone number, it previously used a traditional password which was also exposed as a bcrypt hash.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tangerine.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Taobao","Title":"Taobao","Domain":"taobao.com","BreachDate":"2012-01-01","AddedDate":"2016-10-08T10:53:23Z","ModifiedDate":"2016-10-08T10:53:23Z","PwnCount":21149008,"Description":"In approximately 2012, it\u0027s alleged that the Chinese shopping site known as \u003Ca href=\u0022https://www.taobao.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaobao\u003C/a\u003E suffered a data breach that impacted over 21 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Taobao.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TAPAirPortugal","Title":"TAP Air Portugal","Domain":"flytap.com","BreachDate":"2022-08-25","AddedDate":"2022-09-23T05:33:05Z","ModifiedDate":"2023-02-05T06:13:01Z","PwnCount":6083479,"Description":"In August 2022, the Portuguese airline \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/ragnar-locker-ransomware-claims-attack-on-portugals-flag-airline/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETAP Air Portugal was the target of a ransomware attack perpetrated by the Ragnar Locker gang\u003C/a\u003E who later leaked the compromised data via a public dark web site. Over 5M unique email addresses were exposed alongside other personal data including names, genders, DoBs, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TAPAirPortugal.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Nationalities","Phone numbers","Physical addresses","Salutations","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tappware","Title":"Tappware","Domain":"tappware.com","BreachDate":"2024-04-23","AddedDate":"2024-05-09T00:34:12Z","ModifiedDate":"2024-05-09T00:34:12Z","PwnCount":94734,"Description":"In April 2024, \u003Ca href=\u0022https://bcsi.gov.bd/bangladeshi-tech-company-tappware-database-compromise/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum\u003C/a\u003E. Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens including names, physical addresses, job titles, dates of birth, genders and scans of government issued national identity (NID) cards.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tappware.png","DataClasses":["Dates of birth","Email addresses","Genders","Government issued IDs","Job titles","Names","Phone numbers","Physical addresses","Religions"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Taringa","Title":"Taringa","Domain":"taringa.net","BreachDate":"2017-08-01","AddedDate":"2018-04-19T10:11:37Z","ModifiedDate":"2018-04-19T10:11:37Z","PwnCount":27971100,"Description":"In September 2017, news broke that \u003Ca href=\u0022https://thehackernews.com/2017/09/taringa-data-breach-hacking.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaringa had suffered a data breach exposing 28 million records\u003C/a\u003E. Known as \u0026quot;The Latin American Reddit\u0026quot;, \u003Ca href=\u0022https://www.taringa.net/posts/taringa/19972402/Un-mensaje-importante-sobre-la-seguridad-de-tu-cuenta.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETaringa\u0027s breach disclosure notice\u003C/a\u003E indicated the incident dated back to August that year. The exposed data included usernames, email addresses and weak MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Taringa.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Solomid","Title":"Team SoloMid","Domain":"solomid.net","BreachDate":"2014-12-22","AddedDate":"2016-03-09T13:04:08Z","ModifiedDate":"2016-03-09T13:04:08Z","PwnCount":442166,"Description":"In December 2014, the electronic sports organisation known as \u003Ca href=\u0022http://www.dailydot.com/esports/null-consolidated-team-solomid-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETeam SoloMid was hacked\u003C/a\u003E and 442k members accounts were leaked. The accounts included email and IP addresses, usernames and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Solomid.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Technic","Title":"Technic","Domain":"technicpack.net","BreachDate":"2018-11-30","AddedDate":"2018-12-04T02:32:35Z","ModifiedDate":"2018-12-04T02:32:35Z","PwnCount":265410,"Description":"In November 2018, the Minecraft modpack platform known as \u003Ca href=\u0022https://www.technicpack.net/article/forums-database-breach.149\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETechnic suffered a data breach\u003C/a\u003E. Technic promptly disclosed the breach and advised that the impacted data included over 265k unique users\u0027 email and IP addresses, chat logs, private messages and \u003Ca href=\u0022https://twitter.com/PedroACunha/status/1069740224497020929\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epasswords stored as bcrypt hashes with a work factor of 13\u003C/a\u003E. Technic self-submitted the breach to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Technic.png","DataClasses":["Chat logs","Email addresses","IP addresses","Passwords","Private messages","Time zones"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Teespring","Title":"Teespring","Domain":"teespring.com","BreachDate":"2020-04-01","AddedDate":"2021-06-25T06:58:48Z","ModifiedDate":"2021-06-25T06:58:48Z","PwnCount":8234193,"Description":"In April 2020, the custom printed apparel website \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-data-of-millions-of-teespring-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETeespring suffered a data breach that exposed 8.2 million customer records\u003C/a\u003E. The data included email addresses, names, geographic locations and social media IDs.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Teespring.png","DataClasses":["Email addresses","Geographic locations","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TRAI","Title":"Telecom Regulatory Authority of India","Domain":"trai.gov.in","BreachDate":"2015-04-27","AddedDate":"2015-04-27T11:21:59Z","ModifiedDate":"2015-04-27T11:21:59Z","PwnCount":107776,"Description":"In April 2015, the Telecom Regulatory Authority of India (TRAI) \u003Ca href=\u0022http://www.dnaindia.com/scitech/report-email-savetheinternet-net-neutrality-campaign-public-privacy-spam-phishing-2081037\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Epublished tens of thousand of emails\u003C/a\u003E sent by Indian citizens supporting net neutrality as part of the SaveTheInternet campaign. The published data included lists of emails including the sender\u0027s name and email address as well as the contents of the email as well, often with signatures including other personal data.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TRAI.png","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Teracod","Title":"Teracod","Domain":"teracod.org","BreachDate":"2016-05-28","AddedDate":"2016-08-22T11:21:27Z","ModifiedDate":"2016-08-22T11:21:27Z","PwnCount":97151,"Description":"In May 2015, almost 100k user records were extracted from the Hungarian torrent site known as Teracod. The data was later discovered being torrented itself and included email addresses, passwords, private messages between members and the peering history of IP addresses using the service.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Teracod.png","DataClasses":["Avatars","Email addresses","IP addresses","Passwords","Payment histories","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Terravision","Title":"Terravision","Domain":"terravision.eu","BreachDate":"2023-02-01","AddedDate":"2023-04-23T03:50:37Z","ModifiedDate":"2023-04-23T03:50:37Z","PwnCount":2075625,"Description":"In February 2023, the European airport transfers service \u003Ca href=\u0022https://www.terravision.eu/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETerravision\u003C/a\u003E suffered a data breach. The breach exposed over 2M records of customer data including names, phone numbers, email addresses, salted password hashes and in some cases, date of birth and country of origin. Terravision did not respond to multiple attempts by individuals period over a period of months to report the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Terravision.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tesco","Title":"Tesco","Domain":"tesco.com","BreachDate":"2014-02-12","AddedDate":"2014-02-13T21:19:24Z","ModifiedDate":"2014-02-13T21:19:24Z","PwnCount":2239,"Description":"In February 2014, \u003Ca href=\u0022http://www.bbc.co.uk/news/technology-26171130\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 2,000 Tesco accounts with usernames, passwords and loyalty card balances appeared on Pastebin\u003C/a\u003E. Whilst the source of the breach is not clear, many confirmed the credentials were valid for Tesco and indeed \u003Ca href=\u0022http://www.troyhunt.com/2012/07/lessons-in-website-security-anti.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E they have a history of poor online security\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tesco.png","DataClasses":["Email addresses","Passwords","Reward program balances"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TGBUS","Title":"TGBUS","Domain":"tgbus.com","BreachDate":"2017-09-01","AddedDate":"2018-04-28T02:02:29Z","ModifiedDate":"2018-04-28T02:02:29Z","PwnCount":10371766,"Description":"In approximately 2017, it\u0027s alleged that the Chinese gaming site known as \u003Ca href=\u0022http://www.tgbus.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETGBUS\u003C/a\u003E suffered a data breach that impacted over 10 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TGBUS.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheCandidBoard","Title":"The Candid Board","Domain":"thecandidboard.com","BreachDate":"2015-09-03","AddedDate":"2017-01-22T08:33:43Z","ModifiedDate":"2017-01-22T08:33:43Z","PwnCount":178201,"Description":"In September 2015, the non-consensual voyeurism site \u003Ca href=\u0022http://www.ibtimes.co.uk/upskirt-porn-website-hit-massive-data-leak-exposing-nearly-180000-voyeurs-1602756\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;The Candid Board\u0026quot; suffered a data breach\u003C/a\u003E. The hack of the vBulletin forum led to the exposure of over 178k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheCandidBoard.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheClubPenguinExperience","Title":"The Club Penguin Experience","Domain":"thecpexperience.com","BreachDate":"2024-10-14","AddedDate":"2024-10-26T05:21:55Z","ModifiedDate":"2024-10-26T05:21:55Z","PwnCount":6342,"Description":"In October 2024, \u003Ca href=\u0022https://x.com/troyhunt/status/1850043298049888760\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Club Penguin Experience (TCPE) suffered a data breach\u003C/a\u003E. The incident exposed over 6k subscribers\u0027 email addresses alongside usernames, age groups, passwords stored as bcrypt hashes and in some cases, plain text password hints. TCPE sent prompt disclosure notices to impacted customers following the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheClubPenguinExperience.png","DataClasses":["Age groups","Email addresses","Password hints","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheFappening","Title":"The Fappening","Domain":"thefappening.so","BreachDate":"2015-12-01","AddedDate":"2016-04-13T01:08:20Z","ModifiedDate":"2016-04-13T01:08:20Z","PwnCount":179030,"Description":"In December 2015, the forum for discussing naked celebrity photos known as \u0026quot;The Fappening\u0026quot; (named after the iCloud leaks of 2014) was compromised and 179k accounts were leaked. Exposed member data included usernames, email addresses and salted hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheFappening.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheFlyOnTheWall","Title":"The Fly on the Wall","Domain":"theflyonthewall.com","BreachDate":"2017-12-31","AddedDate":"2018-01-15T06:42:31Z","ModifiedDate":"2018-01-15T06:42:31Z","PwnCount":84011,"Description":"In December 2017, the stock market news website \u003Ca href=\u0022http://theflyonthewall.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Fly on the Wall\u003C/a\u003E suffered a data breach. The data in the breach included 84k unique email addresses as well as purchase histories and credit card data. \u003Ca href=\u0022https://www.troyhunt.com/streamlining-data-breach-disclosure-a-step-by-step-process\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ENumerous attempts were made to contact The Fly on the Wall about the incident\u003C/a\u003E, however no responses were received.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheFlyOnTheWall.png","DataClasses":["Age groups","Credit cards","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"HalloweenSpot","Title":"The Halloween Spot","Domain":"thehalloweenspot.com","BreachDate":"2019-09-27","AddedDate":"2020-03-16T05:20:32Z","ModifiedDate":"2020-03-16T22:07:11Z","PwnCount":10653,"Description":"In September 2019, the Halloween costume store \u003Ca href=\u0022https://www.thehalloweenspot.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Halloween Spot\u003C/a\u003E suffered a data breach. Originally misattributed to fancy dress store \u003Ca href=\u0022https://www.smiffys.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ESmiffys\u003C/a\u003E, the breach contained 13GB of data with over 10k unique email addresses alongside names, physical and IP addresses, phone numbers and order histories. The Halloween Spot advised customers the breach was traced back to \u0026quot;an old shipping information database\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/HalloweenSpot.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheHeritageFoundation","Title":"The Heritage Foundation","Domain":"heritage.org","BreachDate":"2024-07-09","AddedDate":"2024-07-10T06:51:28Z","ModifiedDate":"2024-07-10T06:51:28Z","PwnCount":72004,"Description":"In July 2024, \u003Ca href=\u0022https://cyberscoop.com/hackvists-release-two-gigabytes-of-heritage-foundation-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal\u003C/a\u003E. The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the comments left) and by content contributors (along with usernames and passwords stored as either MD5 or phpass hashes).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheHeritageFoundation.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"KodiFoundation","Title":"The Kodi Foundation","Domain":"kodi.tv","BreachDate":"2023-02-16","AddedDate":"2023-04-13T05:01:41Z","ModifiedDate":"2023-04-13T05:01:41Z","PwnCount":400635,"Description":"In February 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/kodi-discloses-data-breach-after-forum-database-for-sale-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThe Kodi Foundation suffered a data breach that exposed more than 400k user records\u003C/a\u003E. Attributed to an account belonging to \u0026quot;a trusted but currently inactive member of the forum admin team\u0026quot;, the breach involved the administrator account creating a database backup that was subsequently downloaded before being sold on a hacking forum. The breach exposed email and IP addresses, usernames, genders and passwords stored as MyBB salted hashes. The Kodi Foundation elected to self-submit impacted email addresses to HIBP.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/KodiFoundation.png","DataClasses":["Browser user agent details","Dates of birth","Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ThePostMillennial","Title":"The Post Millennial","Domain":"thepostmillennial.com","BreachDate":"2024-05-02","AddedDate":"2024-05-10T01:55:22Z","ModifiedDate":"2024-05-14T20:33:14Z","PwnCount":56973345,"Description":"In May 2024, \u003Ca href=\u0022https://www.mediaite.com/politics/conservative-news-websites-hacked-replaced-with-page-leaking-private-information/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe conservative news website The Post Millennial suffered a data breach\u003C/a\u003E. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from \u003Ca href=\u0022https://sprunge.us/SZTt4N\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethousands of mailing lists\u003C/a\u003E \u003Cem\u003Ealleged\u003C/em\u003E to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ThePostMillennial.png","DataClasses":["Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheRealWorld","Title":"The Real World","Domain":"therealworld.net","BreachDate":"2024-11-15","AddedDate":"2024-11-22T21:55:44Z","ModifiedDate":"2024-11-22T21:55:44Z","PwnCount":324382,"Description":"In November 2024, the online course founded by Andrew Tate known as \u0026quot;The Real World\u0026quot; (previously \u0026quot;Hustler\u0027s University\u0026quot; \u003Ca href=\u0022https://www.dailydot.com/debug/andrew-tate-the-real-world-hack/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach that exposed almost 325k users of the platform\u003C/a\u003E. The impacted data was limited to usernames, email addresses and chat logs.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheRealWorld.png","DataClasses":["Chat logs","Email addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheGradCafe","Title":"TheGradCafe","Domain":"thegradcafe.com","BreachDate":"2023-02-26","AddedDate":"2023-03-24T04:12:17Z","ModifiedDate":"2023-03-24T04:12:17Z","PwnCount":310975,"Description":"In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheGradCafe.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TheTVDB","Title":"TheTVDB.com","Domain":"thetvdb.com","BreachDate":"2017-11-21","AddedDate":"2018-01-29T07:50:12Z","ModifiedDate":"2018-01-29T07:50:12Z","PwnCount":181871,"Description":"In November 2017, the open television database known as \u003Ca href=\u0022https://forums.thetvdb.com/viewtopic.php?f=3\u0026t=43254\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETheTVDB.com suffered a data breach\u003C/a\u003E. The breached data was posted to a hacking forum and included 182k records with usernames, email addresses and MySQL password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TheTVDB.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Thingiverse","Title":"Thingiverse","Domain":"thingiverse.com","BreachDate":"2020-10-13","AddedDate":"2021-10-14T10:02:04Z","ModifiedDate":"2021-10-14T10:02:04Z","PwnCount":228102,"Description":"In October 2021, a database backup taken from the 3D model sharing service \u003Ca href=\u0022https://www.databreachtoday.com/thingiverse-data-leak-affects-25-million-subscribers-a-17729\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EThingiverse began extensively circulating within the hacking community\u003C/a\u003E. Dating back to October 2020, the 36GB file contained 228 thousand unique email addresses, mostly alongside comments left on 3D models. The data also included usernames, IP addresses, full names and passwords stored as either unsalted SHA-1 or bcrypt hashes. In some cases, physical addresses was also exposed. Thingiverse\u0027s owner, MakerBot, is aware of the incident but at the time of writing, is yet to issue a disclosure statement. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Thingiverse.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ThisHabboForum","Title":"ThisHabbo Forum","Domain":"thishabboforum.com","BreachDate":"2014-01-01","AddedDate":"2015-03-28T05:35:28Z","ModifiedDate":"2015-03-28T05:35:28Z","PwnCount":612414,"Description":"In 2014, the ThisHabbo forum (a fan site for Habbo.com, a Finnish social networking site) \u003Ca href=\u0022https://www.google.com/search?q=\u0022thishabbo_forum.txt\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eappeared among a list of compromised sites\u003C/a\u003E which has subsequently been removed from the internet. Whilst the actual date of the exploit is not clear, the breached data includes usernames, email addresses, IP addresses and salted hashes of passwords. A further 584k records were added from a more comprehensive breach file provided in October 2016.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ThisHabboForum.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tianya","Title":"Tianya","Domain":"tianya.cn","BreachDate":"2011-12-26","AddedDate":"2016-06-30T03:39:05Z","ModifiedDate":"2016-06-30T03:39:05Z","PwnCount":29020808,"Description":"In December 2011, \u003Ca href=\u0022http://thehackernews.com/2011/12/tianya-chinas-biggest-online-forum-40.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EChina\u0027s largest online forum known as Tianya was hacked\u003C/a\u003E and tens of millions of accounts were obtained by the attacker. The leaked data included names, usernames and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tianya.png","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ticketcounter","Title":"Ticketcounter","Domain":"ticketcounter.nl","BreachDate":"2021-02-22","AddedDate":"2021-03-01T22:37:54Z","ModifiedDate":"2023-06-21T20:28:24Z","PwnCount":1921722,"Description":"In August 2020, the Dutch ticketing service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/european-e-ticketing-platform-ticketcounter-extorted-in-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETicketcounter inadvertently published a database backup to a publicly accessible location where it was then found and downloaded in February 2021\u003C/a\u003E. The data contained 1.9M unique email addresses which were offered for sale on a hacking forum and in some cases included names, physical and IP addresses, genders, dates of birth, payment histories and bank account numbers. Ticketcounter was later held to ransom with the threat of the breached being released publicly. The data was provided to HIBP by a source who requested it be attributed to redredred@riseup.net.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ticketcounter.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Genders","IP addresses","Names","Payment histories","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ticketek","Title":"Ticketek","Domain":"ticketek.com.au","BreachDate":"2024-05-31","AddedDate":"2024-06-28T01:17:02Z","ModifiedDate":"2024-07-17T20:43:22Z","PwnCount":17643173,"Description":"In May 2024, \u003Ca href=\u0022https://www.abc.net.au/news/2024-05-31/ticketek-australia-cyber-security-data-breach-names-emails-leak/103921986\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform\u003C/a\u003E. The following month, \u003Ca href=\u0022https://techcrunch.com/2024/06/21/hacker-claims-to-have-30-million-customer-records-from-australian-ticket-seller-giant-teg/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe data appeared for sale on a popular hacking forum\u003C/a\u003E and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ticketek.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Salutations"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":true,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ticketfly","Title":"Ticketfly","Domain":"ticketfly.com","BreachDate":"2018-05-31","AddedDate":"2018-06-03T06:14:14Z","ModifiedDate":"2021-07-23T03:15:33Z","PwnCount":26151608,"Description":"In May 2018, the website for the ticket distribution service \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/mbk3nx/ticketfly-website-database-hacked-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETicketfly was defaced by an attacker and was subsequently taken offline\u003C/a\u003E. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location. The data included over 26 million unique email addresses along with names, physical addresses and phone numbers. Whilst there were no passwords in the publicly leaked data, \u003Ca href=\u0022https://support.ticketfly.com/customer/en/portal/articles/2941983-ticketfly-cyber-incident-update\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETicketfly later issued an incident update\u003C/a\u003E and stated that \u0026quot;It is possible, however, that hashed values of password credentials could have been accessed\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ticketfly.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tigo","Title":"Tigo","Domain":"tigo.chat","BreachDate":"2023-03-31","AddedDate":"2023-07-24T23:25:32Z","ModifiedDate":"2023-07-24T23:25:32Z","PwnCount":700394,"Description":"In Mid-2023, 300GB of data containing over 100M records from \u003Ca href=\u0022https://tigo.chat/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Chinese video chat platform \u0026quot;Tigo\u0026quot;\u003C/a\u003E dating back to March that year was discovered. The data contained over 700k unique names, usernames, email and IP addresses, genders, profile photos and private messages. Tigo did not respond to multiple attempts to disclose the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tigo.png","DataClasses":["Device information","Email addresses","Genders","Geographic locations","IP addresses","Names","Private messages","Profile photos","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TNAFlix","Title":"TNAFlix","Domain":"tnaflix.com","BreachDate":"2022-06-01","AddedDate":"2024-10-30T23:01:03Z","ModifiedDate":"2024-10-30T23:01:03Z","PwnCount":1374344,"Description":"In June 2022, the adult website TNAFlix suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The data included 1.4M records of email and IP addresses, usernames and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TNAFlix.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tokopedia","Title":"Tokopedia","Domain":"tokopedia.com","BreachDate":"2020-04-17","AddedDate":"2020-05-02T23:45:21Z","ModifiedDate":"2020-07-17T00:53:20Z","PwnCount":71443698,"Description":"In April 2020, Indonesia\u0027s largest online store \u003Ca href=\u0022https://www.zdnet.com/article/hacker-leaks-15-million-records-from-tokopedia-indonesias-largest-online-store/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETokopedia suffered a data breach\u003C/a\u003E. The incident resulted in 15M rows of data being posted to a popular hacking forum. An additional 76M rows were later provided to HIBP in July 2020. In total, the data included over 71M unique email addresses alongside names, genders, birth dates and passwords stored as SHA2-384 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tokopedia.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ToonDoo","Title":"ToonDoo","Domain":"toondoo.com","BreachDate":"2019-08-21","AddedDate":"2019-11-11T06:19:53Z","ModifiedDate":"2019-11-11T06:19:53Z","PwnCount":6002694,"Description":"In August 2019, the comic strip creation website \u003Ca href=\u0022https://www.zataz.com/6-000-000-de-donnees-personnelles-piratees-pour-le-site-toondoo/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EToonDoo suffered a data breach\u003C/a\u003E. The data was subsequently redistributed on a popular hacking forum in November where the personal information of over 6M subscribers was shared. Impacted data included email and IP addresses, usernames, genders, the location of the individual and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ToonDoo.png","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TorrentInvites","Title":"Torrent Invites","Domain":"torrent-invites.com","BreachDate":"2013-12-12","AddedDate":"2017-03-22T01:14:11Z","ModifiedDate":"2017-03-22T01:14:11Z","PwnCount":352120,"Description":"In December 2013, the torrent site \u003Ca href=\u0022https://www.reddit.com/r/trackers/comments/1sqqf7/torrentinvites_hacked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETorrent Invites was hacked\u003C/a\u003E and over 352k accounts were exposed. The vBulletin forum contained usernames, email and IP addresses, birth dates and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TorrentInvites.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Toumei","Title":"Toumei","Domain":"toumei.co.jp","BreachDate":"2023-10-18","AddedDate":"2023-10-27T07:16:19Z","ModifiedDate":"2023-10-27T07:16:19Z","PwnCount":76682,"Description":"In October 2023, the Japanese consultancy firm \u003Ca href=\u0022https://www.toumei.co.jp/news/2023/10/information_privacy/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EToumei suffered a data breach\u003C/a\u003E. The breach exposed over 100M lines and 10GB of data including 77k unique email addresses along with names, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Toumei.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tout","Title":"Tout","Domain":"tout.com","BreachDate":"2014-09-11","AddedDate":"2020-01-25T06:12:28Z","ModifiedDate":"2020-01-25T06:12:28Z","PwnCount":652683,"Description":"In approximately September 2014, the now defunct social networking service \u003Ca href=\u0022https://en.wikipedia.org/wiki/Tout_(company)\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETout\u003C/a\u003E suffered a data breach. The breach subsequently appeared years later and included 653k unique email addresses, names, IP addresses, the location of the user, their bio and passwords stored as bcrypt hashes. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;nmapthis@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tout.png","DataClasses":["Bios","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tracki","Title":"Tracki","Domain":"tracki.com","BreachDate":"2024-08-15","AddedDate":"2024-08-19T07:52:19Z","ModifiedDate":"2024-08-19T07:52:19Z","PwnCount":372557,"Description":"In August 2024, \u003Ca href=\u0022https://maia.crimew.gay/posts/gps-track-deez-nuts/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki\u003C/a\u003E. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tracki.png","DataClasses":["Email addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Traderie","Title":"Traderie","Domain":"traderie.com","BreachDate":"2022-09-24","AddedDate":"2024-08-25T20:08:07Z","ModifiedDate":"2024-08-25T20:08:07Z","PwnCount":364898,"Description":"In September 2022, \u003Ca href=\u0022https://techcrunch.com/2023/09/07/traderie-a-marketplace-for-in-game-items-alerts-users-to-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records\u003C/a\u003E (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;oathnet.ru\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Traderie.png","DataClasses":["Email addresses","IP addresses","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TravelOK","Title":"Travel Oklahoma","Domain":"travelok.com","BreachDate":"2020-12-17","AddedDate":"2021-03-10T22:48:23Z","ModifiedDate":"2021-03-10T22:48:23Z","PwnCount":637279,"Description":"In December 2020, \u003Ca href=\u0022https://tulsaworld.com/news/local/state-tourism-department-reports-data-breach-no-social-security-financial-data-compromised/article_105b0d18-6595-11eb-998b-1b96c12d2d14.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Oklahoma state Tourism and Recreation Department suffered a data breach\u003C/a\u003E. The incident exposed 637k email addresses across a variety of tables including age ranges against brochure orders and dates of birth against contest entries. Genders, names and physical addresses were also exposed. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;badhou3a\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TravelOK.png","DataClasses":["Age groups","Dates of birth","Email addresses","Genders","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Travelio","Title":"Travelio","Domain":"travelio.com","BreachDate":"2021-11-23","AddedDate":"2022-04-08T00:05:43Z","ModifiedDate":"2022-04-08T00:05:43Z","PwnCount":471376,"Description":"In November 2021, the Indonesian real estate website \u003Ca href=\u0022https://www.riskbasedsecurity.com/2021/12/14/dark-web-roundup-november-2021/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETravelio suffered a data breach that exposed over 470k customer accounts\u003C/a\u003E. The data included email addresses, names, password hashes, phone numbers and for some accounts, dates of birth, physical address and Facebook auth tokens. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Travelio.png","DataClasses":["Auth tokens","Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Trello","Title":"Trello","Domain":"trello.com","BreachDate":"2024-01-16","AddedDate":"2024-01-22T19:41:05Z","ModifiedDate":"2024-01-22T19:41:05Z","PwnCount":15111945,"Description":"In January 2024, \u003Ca href=\u0022https://twitter.com/H4ckManac/status/1747527579559411959\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata was scraped from Trello and posted for sale on a popular hacking forum\u003C/a\u003E. Containing over 15M email addresses, names and usernames, the data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorised access had occurred.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Trello.png","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TrikSpamBotnet","Title":"Trik Spam Botnet","Domain":"","BreachDate":"2018-06-12","AddedDate":"2018-06-14T08:05:50Z","ModifiedDate":"2022-01-05T04:11:30Z","PwnCount":43432346,"Description":"In June 2018, the command and control server of a malicious botnet known as the \u0026quot;Trik Spam Botnet\u0026quot; \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/trik-spam-botnet-leaks-43-million-email-addresses/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewas misconfigured such that it exposed the email addresses of more than 43 million people\u003C/a\u003E. The researchers who discovered the exposed Russian server believe the list of addresses was used to distribute various malware strains via malspam campaigns (emails designed to deliver malware).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Email.png","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":true,"IsMalware":true,"IsSubscriptionFree":false},{"Name":"Trillian","Title":"Trillian","Domain":"trillian.im","BreachDate":"2015-12-27","AddedDate":"2016-07-15T11:14:44Z","ModifiedDate":"2016-07-15T11:14:44Z","PwnCount":3827238,"Description":"In December 2015, the instant messaging application \u003Ca href=\u0022https://www.trillian.im/help/trillian-blog-and-forums-security-incident/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETrillian suffered a data breach\u003C/a\u003E. The breach became known in July 2016 and exposed various personal data attributes including names, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Trillian.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TruckersMP","Title":"TruckersMP","Domain":"truckersmp.com","BreachDate":"2016-02-25","AddedDate":"2016-04-24T21:27:05Z","ModifiedDate":"2016-04-24T21:27:05Z","PwnCount":83957,"Description":"In February 2016, the online trucking simulator mod \u003Ca href=\u0022http://truckersmp.com/en_US/blog/8\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETruckersMP suffered a data breach\u003C/a\u003E which exposed 84k user accounts. In a first for \u0022Have I Been Pwned\u0022, \u003Ca href=\u0022https://www.troyhunt.com/100-data-breaches-later-have-i-been-pwned-gets-its-first-self-submission/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe breached data was self-submitted directly by the organisation that was breached itself\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TruckersMP.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TrueFire","Title":"TrueFire","Domain":"truefire.com","BreachDate":"2020-02-21","AddedDate":"2020-08-02T20:46:26Z","ModifiedDate":"2020-08-02T20:46:26Z","PwnCount":599667,"Description":"In February 2020, the guitar tuition website \u003Ca href=\u0022https://guitar.com/news/industry-news/truefire-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETrueFire suffered a data breach\u003C/a\u003E which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TrueFire.png","DataClasses":["Account balances","Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TruthFinder","Title":"Truth Finder","Domain":"truthfinder.com","BreachDate":"2019-04-12","AddedDate":"2023-02-04T07:02:52Z","ModifiedDate":"2023-02-04T07:02:52Z","PwnCount":8159573,"Description":"In 2019, the public records search service \u003Ca href=\u0022https://www.truthfinder.com/security-incident-alert/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETruthFinder suffered a data breach that later came to light in early 2023\u003C/a\u003E. The data included over 8M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TruthFinder.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tumblr","Title":"tumblr","Domain":"tumblr.com","BreachDate":"2013-02-28","AddedDate":"2016-05-29T22:59:04Z","ModifiedDate":"2016-05-29T22:59:04Z","PwnCount":65469298,"Description":"In early 2013, \u003Ca href=\u0022https://staff.tumblr.com/post/144263069415/we-recently-learned-that-a-third-party-had\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Etumblr suffered a data breach\u003C/a\u003E which resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tumblr.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"TunedGlobal","Title":"Tuned Global","Domain":"tunedglobal.com","BreachDate":"2016-03-16","AddedDate":"2022-08-03T00:00:15Z","ModifiedDate":"2022-08-03T03:10:14Z","PwnCount":985586,"Description":"In January 2021, \u003Ca href=\u0022https://siliconangle.com/2021/01/20/shinyhunters-publishes-1-9m-stolen-user-credentials-photo-editing-site-pixlr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from a number of breached services including Tuned Global were released to a public hacking forum\u003C/a\u003E. The breach appears to date back to 2016 and includes 985k records containing email addresses, names, a small number of physical addresses and phone numbers and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TunedGlobal.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Tunngle","Title":"Tunngle","Domain":"tunngle.net","BreachDate":"2016-07-01","AddedDate":"2023-10-21T21:20:33Z","ModifiedDate":"2023-10-21T21:20:33Z","PwnCount":8192928,"Description":"In 2016, the now defunct global LAN gaming network \u003Ca href=\u0022https://web.archive.org/web/20160305044242/http://www.tunngle.net/en/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETunngle\u003C/a\u003E suffered a data breach that exposed 8.2M unique email addresses. The compromised data also included usernames, IP addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Tunngle.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Twitter","Title":"Twitter","Domain":"twitter.com","BreachDate":"2022-01-01","AddedDate":"2022-08-13T02:29:52Z","ModifiedDate":"2022-08-13T02:40:49Z","PwnCount":6682453,"Description":"In January 2022, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-selling-twitter-account-data-of-54-million-users-for-30k/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea vulnerability in Twitter\u0027s platform allowed an attacker to build a database of the email addresses and phone numbers of millions of users of the social platform\u003C/a\u003E. In a disclosure notice later shared in August 2022, \u003Ca href=\u0022https://privacy.twitter.com/en/blog/2022/an-issue-affecting-some-anonymous-accounts\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ETwitter advised that the vulnerability was related to a bug introduced in June 2021\u003C/a\u003E and that they are directly notifying impacted customers. The impacted data included either email address or phone number alongside other public information including the username, display name, bio, location and profile photo. The data included 6.7M unique email addresses across both active and suspended accounts, the latter appearing in a separate list of 1.4M addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Twitter.png","DataClasses":["Bios","Email addresses","Geographic locations","Names","Phone numbers","Profile photos","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Twitter200M","Title":"Twitter (200M)","Domain":"twitter.com","BreachDate":"2021-01-01","AddedDate":"2023-01-05T20:49:16Z","ModifiedDate":"2023-01-05T20:49:16Z","PwnCount":211524284,"Description":"In early 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/200-million-twitter-users-email-addresses-allegedly-leaked-online/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eover 200M records scraped from Twitter appeared on a popular hacking forum\u003C/a\u003E. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Twitter.png","DataClasses":["Email addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ubook","Title":"Ubook","Domain":"ubook.com","BreachDate":"2024-07-28","AddedDate":"2024-07-30T22:25:42Z","ModifiedDate":"2024-07-30T22:25:42Z","PwnCount":699908,"Description":"In July 2024, \u003Ca href=\u0022https://gbhackers.com/ubook-suffered-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum\u003C/a\u003E. Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to profile photos.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ubook.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Profile photos"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Uiggy","Title":"Uiggy","Domain":"uiggy.com","BreachDate":"2016-06-01","AddedDate":"2016-06-27T08:07:18Z","ModifiedDate":"2016-06-27T08:07:18Z","PwnCount":2682650,"Description":"In June 2016, the Facebook application known as \u003Ca href=\u0022http://www.uiggy.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUiggy\u003C/a\u003E was hacked and 4.3M accounts were exposed, 2.7M of which had email addresses against them. The leaked accounts also exposed names, genders and the Facebook ID of the owners.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Uiggy.png","DataClasses":["Email addresses","Genders","Names","Social connections","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Ulmon","Title":"Ulmon","Domain":"ulmon.com","BreachDate":"2020-01-26","AddedDate":"2020-05-08T02:10:50Z","ModifiedDate":"2020-05-08T02:14:52Z","PwnCount":777769,"Description":"In January 2020, the travel app creator \u003Ca href=\u0022https://www.ulmon.com/blogging/2020/5/4/information-on-ulmon-user-account-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUlmon suffered a data breach\u003C/a\u003E. The service had almost 1.3M records with 777k unique email addresses, names, passwords stored as bcrypt hashes and in some cases, social media profile IDs, telephone numbers and bios. The data was subsequently posted to a popular hacking forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Ulmon.png","DataClasses":["Bios","Email addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"IGF","Title":"UN Internet Governance Forum","Domain":"intgovforum.org","BreachDate":"2014-02-20","AddedDate":"2014-02-23T04:32:08Z","ModifiedDate":"2014-02-23T04:32:08Z","PwnCount":3200,"Description":"In February 2014, the Internet Governance Forum (formed by the United Nations for policy dialogue on issues of internet governance) was \u003Ca href=\u0022http://www.cyberwarnews.info/2014/02/20/united-nations-internet-governance-forum-hacked-3215-accounts-leaked/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eattacked by hacker collective known as Deletesec\u003C/a\u003E. Although tasked with \u0026quot;ensuring the security and stability of the Internet\u0026quot;, the IGF\u2019s website was still breached and resulted in the leak of 3,200 email addresses, names, usernames and cryptographically stored passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/IGF.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UnderworldEmpire","Title":"Underworld Empire","Domain":"underworldempireforums.com","BreachDate":"2017-04-25","AddedDate":"2018-02-19T10:28:11Z","ModifiedDate":"2018-02-19T10:28:11Z","PwnCount":428779,"Description":"In April 2017, \u003Ca href=\u0022http://underworldempireforums.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe vBulletin forum for the Underworld Empire game\u003C/a\u003E suffered a data breach that exposed 429k accounts. The data was then posted to a hacking forum in mid-February 2018 where it was made available to download. The source data contained IP and email addresses, usernames and salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UnderworldEmpire.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UnicoCampania","Title":"Unico Campania","Domain":"unicocampania.it","BreachDate":"2020-08-19","AddedDate":"2020-08-19T23:29:21Z","ModifiedDate":"2020-08-19T23:29:21Z","PwnCount":166031,"Description":"In August 2020, the Neapolitan public transport website \u003Ca href=\u0022https://www.fanpage.it/napoli/unico-campania-hackerato-il-sito-65mila-email-e-password-di-utenti-in-rete-subito-disattivati/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUnico Campania was hacked and the data extensively circulated\u003C/a\u003E. The breach contained 166k user records with email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UnicoCampania.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Universarium","Title":"Universarium","Domain":"universarium.org","BreachDate":"2019-11-01","AddedDate":"2020-01-03T09:40:01Z","ModifiedDate":"2020-01-03T09:54:20Z","PwnCount":564962,"Description":"In approximately November 2019, the Russian \u0026quot;Remote preparatory faculty for IT specialties\u0026quot; \u003Ca href=\u0022https://universarium.org/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUniversarium\u003C/a\u003E suffered a data breach. The incident exposed 565k email addresses and passwords in plain text. Universarium did not respond to multiple attempts to make contact over a period of many weeks. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Universarium.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UC","Title":"University of California","Domain":"universityofcalifornia.edu","BreachDate":"2020-12-24","AddedDate":"2021-06-20T07:44:34Z","ModifiedDate":"2021-07-04T01:03:54Z","PwnCount":547422,"Description":"In December 2020, \u003Ca href=\u0022https://portswigger.net/daily-swig/uc-berkeley-confirms-data-breach-becomes-latest-victim-of-accellion-cyber-attack\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe University of California suffered a data breach due to vulnerability in in a third-party provider, Accellion\u003C/a\u003E. The breach exposed extensive personal data on both students and staff including 547 thousand unique email addresses, names, dates of birth, genders, social security numbers, ethnicities and other academic related data attributes. Further analysis is available in \u003Ca href=\u0022https://cgorlla.github.io/project/uc\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EExploring the Impact of the UC Data Breach\u003C/a\u003E. The data was provided to HIBP courtesy of Cyril Gorlla.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UC.png","DataClasses":["Dates of birth","Education levels","Email addresses","Ethnicities","Genders","Job titles","Names","Phone numbers","Physical addresses","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UnrealEngine","Title":"Unreal Engine","Domain":"unrealengine.com","BreachDate":"2016-08-11","AddedDate":"2016-11-07T09:04:54Z","ModifiedDate":"2016-11-07T09:04:54Z","PwnCount":530147,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/epic-games-unreal-engine-forums-hacked-in-latest-data-breach\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Unreal Engine Forum suffered a data breach\u003C/a\u003E, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 530k accounts including usernames, email addresses and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UnrealEngine.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Astoria","Title":"Unverified Data Source","Domain":"astoriacompany.com","BreachDate":"2021-01-26","AddedDate":"2021-03-24T01:47:35Z","ModifiedDate":"2021-04-12T22:58:35Z","PwnCount":11498146,"Description":"In January 2021, over 11M unique email addresses were discovered by Night Lion Security alongside an extensive amount of personal information including names, physical and IP addresses, phone numbers and dates of birth. Some records also contained social security numbers, driver\u0027s license details, personal financial information and health-related data, depending on where the information was sourced from. Initially attributed to Astoria Company, \u003Ca href=\u0022https://astoriacompany.com/cyber-update/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethey subsequently investigated the incident and confirmed the data did not originate from their services\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Bank account numbers","Credit status information","Dates of birth","Email addresses","Employers","Health insurance information","Income levels","IP addresses","Names","Personal health data","Phone numbers","Physical addresses","Smoking habits","Social security numbers"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Upstox","Title":"Upstox","Domain":"upstox.com","BreachDate":"2021-04-08","AddedDate":"2022-01-19T03:29:03Z","ModifiedDate":"2022-01-19T03:29:03Z","PwnCount":111002,"Description":"In April 2021, Indian brokerage firm \u003Ca href=\u0022https://www.hackread.com/shinyhunters-broker-firm-upstox-database-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EUpstox suffered a data breach\u003C/a\u003E. The incident exposed extensive personal information on over 100k customers including names, genders, dates of birth, physical addresses, banking information and passwords stored as bcrypt hashes. Extensive \u0026quot;know your customer\u0026quot; information was also exposed including scans of bank statements, cheques and identity documents complete with Aadhaar numbers. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;white_peacock@riseup.net\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Upstox.png","DataClasses":["Bank account numbers","Dates of birth","Email addresses","Family members\u0027 names","Genders","Government issued IDs","Income levels","Marital statuses","Nationalities","Occupations","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"UtahGunExchange","Title":"Utah Gun Exchange","Domain":"utahgunexchange.com","BreachDate":"2020-07-17","AddedDate":"2020-08-19T07:56:09Z","ModifiedDate":"2020-08-19T08:05:00Z","PwnCount":235233,"Description":"In July 2020, \u003Ca href=\u0022https://www.forbes.com/sites/daveywinder/2020/08/15/gun-owners-beware-hacker-offers-240000-stolen-records-on-dark-web-report-utah-gun-exchange-amazon-cloud/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Utah Gun Exchange website suffered a data breach\u003C/a\u003E which included several other associated websites. In total, 235k unique email addresses were exposed before being traded online alongside names, usernames, genders, IP addresses and password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/UtahGunExchange.png","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"uTorrent","Title":"uTorrent","Domain":"utorrent.com","BreachDate":"2016-01-14","AddedDate":"2016-11-05T22:32:39Z","ModifiedDate":"2016-11-05T22:32:39Z","PwnCount":395044,"Description":"In early 2016, the forum for the uTorrent BitTorrent client \u003Ca href=\u0022https://torrentfreak.com/utorrent-forums-hacked-passwords-compromised-160608/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esuffered a data breach\u003C/a\u003E which came to light later in the year. The database from the IP.Board based forum contained 395k accounts including usernames, email addresses and MD5 password hashes without a salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/uTorrent.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"uuu9","Title":"uuu9","Domain":"uuu9.com","BreachDate":"2016-09-06","AddedDate":"2016-12-27T10:05:41Z","ModifiedDate":"2016-12-27T10:05:41Z","PwnCount":7485802,"Description":"In September 2016, data was allegedly obtained from the Chinese website known as \u003Ca href=\u0022http://www.uuu9.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Euuu9.com\u003C/a\u003E and contained 7.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and user names. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/uuu9.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vakinha","Title":"Vakinha","Domain":"vakinha.com.br","BreachDate":"2020-06-22","AddedDate":"2020-08-01T05:56:06Z","ModifiedDate":"2020-08-01T05:56:06Z","PwnCount":4775203,"Description":"In June 2020, the Brazilian fund raising service \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVakinha suffered a data breach\u003C/a\u003E which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vakinha.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vastaamo","Title":"Vastaamo","Domain":"vastaamo.fi","BreachDate":"2019-03-31","AddedDate":"2021-07-17T01:51:01Z","ModifiedDate":"2021-08-27T05:37:20Z","PwnCount":30433,"Description":"In October 2020, the Finnish psychotherapy service \u003Ca href=\u0022https://www.wired.com/story/vastaamo-psychotherapy-patients-hack-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVastaamo was the subject of a ransomware attack targeting first the company itself, followed by their patients directly\u003C/a\u003E. The original security incident dates back to a period between late 2018 and early 2019 and exposed data including 30k unique email addresses, names, social security numbers and notes on individuals\u0027 psychotherapy sessions. This breach has been flagged as \u0026quot;sensitive\u0026quot; and is only searchable by owners of the email addresses and domains exposed in the incident.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vastaamo.png","DataClasses":["Email addresses","Names","Personal health data","Social security numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VBulletin","Title":"vBulletin","Domain":"vbulletin.com","BreachDate":"2015-11-03","AddedDate":"2016-01-24T13:15:11Z","ModifiedDate":"2016-01-24T13:15:11Z","PwnCount":518966,"Description":"In November 2015, the forum software maker \u003Ca href=\u0022http://www.theregister.co.uk/2015/11/03/vbulletin_forum_software_hacked_defaced/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EvBulletin suffered a serious data breach\u003C/a\u003E. The attack lead to the release of both forum user and customer accounts totalling almost 519k records. The breach included email addresses, birth dates, security questions and answers for customers and salted hashes of passwords for both sources.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VBulletin.png","DataClasses":["Dates of birth","Email addresses","Homepage URLs","Instant messenger identities","IP addresses","Passwords","Security questions and answers","Spoken languages","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vedantu","Title":"Vedantu","Domain":"vedantu.com","BreachDate":"2019-07-08","AddedDate":"2019-11-01T05:13:40Z","ModifiedDate":"2019-11-01T05:13:40Z","PwnCount":686899,"Description":"In mid-2019, the Indian interactive online tutoring platform \u003Ca href=\u0022https://www.vedantu.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVedantu\u003C/a\u003E suffered a data breach which exposed the personal data of 687k users. The JSON formatted database dump exposed extensive personal information including email and IP address, names, phone numbers, genders and passwords stored as bcrypt hashes. When contacted about the incident, Vedantu advised that they were aware of the breach and were in the process of informing their customers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vedantu.png","DataClasses":["Browser user agent details","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Spoken languages","Time zones","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VerificationsIO","Title":"Verifications.io","Domain":"verifications.io","BreachDate":"2019-02-25","AddedDate":"2019-03-09T19:29:54Z","ModifiedDate":"2019-03-09T20:49:51Z","PwnCount":763117241,"Description":"In February 2019, the email address validation service \u003Ca href=\u0022https://securitydiscovery.com/800-million-emails-leaked-online-by-email-verification-service\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Everifications.io suffered a data breach\u003C/a\u003E. Discovered by \u003Ca href=\u0022https://twitter.com/mayhemdayone\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EBob Diachenko\u003C/a\u003E and \u003Ca href=\u0022https://twitter.com/vinnytroia\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVinny Troia\u003C/a\u003E, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders. No passwords were included in the data. The Verifications.io website went offline during the disclosure process, although \u003Ca href=\u0022https://web.archive.org/web/20190227230352/https://verifications.io/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ean archived copy remains viewable\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VerificationsIO.png","DataClasses":["Dates of birth","Email addresses","Employers","Genders","Geographic locations","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Verified","Title":"Verified","Domain":"verified.cm","BreachDate":"2014-01-10","AddedDate":"2014-07-06T04:16:37Z","ModifiedDate":"2014-07-06T04:16:37Z","PwnCount":16919,"Description":"In January 2014, \u003Ca href=\u0022http://securityaffairs.co/wordpress/21120/cyber-crime/verified-communities-hacked.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eone of the largest communities of Eastern Europe cybercriminals known as \u0022Verified\u0022 was hacked\u003C/a\u003E. The breach exposed nearly 17k users of the vBulletin forum including their personal messages and other potentially personally identifiable information.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Verified.png","DataClasses":["Email addresses","Historical passwords","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vermillion","Title":"Vermillion","Domain":"v3rmillion.net","BreachDate":"2014-08-30","AddedDate":"2023-07-11T08:14:42Z","ModifiedDate":"2023-07-11T08:14:42Z","PwnCount":8106,"Description":"In August 2014, the Roblox hacking forum Vermillion suffered a data breach that exposed over 8k subscriber records. The breach of the MyBB forum exposed email and IP addresses, usernames, dates of birth and salted password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vermillion.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vianet","Title":"Vianet","Domain":"vianet.com.np","BreachDate":"2020-04-08","AddedDate":"2020-04-22T03:00:17Z","ModifiedDate":"2020-04-22T03:00:17Z","PwnCount":94353,"Description":"In April 2020, the Nepalese internet service provider \u003Ca href=\u0022https://myrepublica.nagariknetwork.com/news/hackers-leak-personal-info-of-vianet-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVianet suffered a data breach\u003C/a\u003E. The attack on the ISP led to the exposure of 177k customer records including 94k unique email addresses. Also exposed were names, phone numbers and physical addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vianet.png","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VictoryPhones","Title":"Victory Phones","Domain":"victoryphones.com","BreachDate":"2017-01-01","AddedDate":"2017-10-11T21:01:33Z","ModifiedDate":"2017-10-11T21:01:33Z","PwnCount":166046,"Description":"In January 2017, the automated telephony services company \u003Ca href=\u0022http://www.zdnet.com/article/republican-polling-firm-hacked-exposing-donor-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVictory Phones left a Mongo DB database publicly facing without a password\u003C/a\u003E. Subsequently, 213GB of data was downloaded by an unauthorised party including names, addresses, phone numbers and over 166k unique email addresses.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VictoryPhones.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ViewFines","Title":"ViewFines","Domain":"viewfines.co.za","BreachDate":"2018-05-07","AddedDate":"2018-05-24T09:11:55Z","ModifiedDate":"2018-05-24T09:11:55Z","PwnCount":777649,"Description":"In May 2018, the South African website for viewing traffic fines online known as \u003Ca href=\u0022https://www.iafrikan.com/2018/05/24/south-africas-viewfines-suffered-major-data-leak/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EViewFines suffered a data breach\u003C/a\u003E. Over 934k records containing 778k unique email addresses were exposed and included names, phone numbers, government issued IDs and passwords stored in plain text.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ViewFines.png","DataClasses":["Email addresses","Government issued IDs","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VimeWorld","Title":"VimeWorld","Domain":"vimeworld.com","BreachDate":"2018-10-01","AddedDate":"2024-10-30T07:02:43Z","ModifiedDate":"2024-10-30T07:02:43Z","PwnCount":3118964,"Description":"In October 2018, the Russian Minecraft service VimeWorld suffered a data breach \u003Ca href=\u0022https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethat was later redistributed as part of a larger corpus of data\u003C/a\u003E. The data included 3.1M records of usernames, email and IP addresses and passwords stored as either MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VimeWorld.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VivaAir","Title":"Viva Air","Domain":"vivaair.com","BreachDate":"2022-03-14","AddedDate":"2023-09-11T07:11:30Z","ModifiedDate":"2024-06-04T18:43:45Z","PwnCount":932232,"Description":"In March 2022, the now defunct Colombian airline \u003Ca href=\u0022https://muchohacker.lol/2023/01/viva-air-leak-26-millones-de-datos-privados-de-clientes-de-la-aerolinea-de-bajo-costo-estarian-en-linea-desde-hace-nueve-meses/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EViva Air suffered a data breach and subsequent ransomware attack\u003C/a\u003E. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VivaAir.png","DataClasses":["Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VK","Title":"VK","Domain":"vk.com","BreachDate":"2012-01-01","AddedDate":"2016-06-09T09:16:36Z","ModifiedDate":"2016-06-09T09:16:36Z","PwnCount":93338602,"Description":"In approximately 2012, the Russian social media site known as \u003Ca href=\u0022http://motherboard.vice.com/read/another-day-another-hack-100-million-accounts-for-vk-russias-facebook\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVK was hacked\u003C/a\u003E and almost 100 million accounts were exposed. The data emerged in June 2016 where it was being sold via a dark market website and included names, phone numbers email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VK.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VNG","Title":"VNG","Domain":"zing.vn","BreachDate":"2015-05-19","AddedDate":"2018-04-28T07:49:02Z","ModifiedDate":"2018-04-28T07:49:02Z","PwnCount":24853850,"Description":"In April 2018, \u003Ca href=\u0022https://congnghe.tuoitre.vn/lo-thong-tin-hang-tram-trieu-tai-khoan-khach-hang-vng-xin-loi-20180427225719109.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive data breach impacting the Vietnamese company known as VNG\u003C/a\u003E after data was discovered being traded on a popular hacking forum where it was extensively redistributed. The breach dated back to an incident in May of 2015 and included of over 163 million customers. The data in the breach contained a wide range of personal attributes including usernames, birth dates, genders and home addresses along with unsalted MD5 hashes and 25 million unique email addresses. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VNG.png","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Marital statuses","Names","Occupations","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Vodafone","Title":"Vodafone","Domain":"vodafone.is","BreachDate":"2013-11-30","AddedDate":"2013-11-30T00:00:00Z","ModifiedDate":"2019-05-13T12:22:01Z","PwnCount":56021,"Description":"In November 2013, \u003Ca href=\u0022http://thehackernews.com/2013/11/vodafone-iceland-hacked-and-exposed.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVodafone in Iceland suffered an attack\u003C/a\u003E attributed to the Turkish hacker collective \u0026quot;Maxn3y\u0026quot;. The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Vodafone.png","DataClasses":["Credit cards","Email addresses","Government issued IDs","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","SMS messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VoidTO","Title":"Void.to","Domain":"void.to","BreachDate":"2019-06-13","AddedDate":"2019-09-11T06:47:08Z","ModifiedDate":"2019-09-11T06:47:08Z","PwnCount":95431,"Description":"In June 2019, the hacking website \u003Ca href=\u0022https://void.to/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVoid.to\u003C/a\u003E suffered a data breach. There were 95k unique email addresses spread across 86k forum users and other tables in the database. A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as either salted MD5 or bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VoidTO.png","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VTech","Title":"VTech","Domain":"vtechda.com","BreachDate":"2015-11-13","AddedDate":"2015-11-25T07:00:57Z","ModifiedDate":"2015-11-25T07:00:57Z","PwnCount":4833678,"Description":"In November 2015, \u003Ca href=\u0022http://www.troyhunt.com/2015/11/when-children-are-breached-inside.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackers extracted more than 4.8 million parents\u0027 and 227k children\u0027s accounts from VTech\u0027s Learning Lodge website\u003C/a\u003E. The Hong Kong company produces learning products for children including software sold via the compromised website. The data breach exposed extensive personal details including home addresses, security questions and answers and passwords stored as weak MD5 hashes. Furthermore, children\u0027s details including names, ages, genders and associations to their parents\u0027 records were also exposed.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VTech.png","DataClasses":["Dates of birth","Email addresses","Family members\u0027 names","Genders","IP addresses","Names","Passwords","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":true,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"VTightGel","Title":"V-Tight Gel","Domain":"vtightgel.com","BreachDate":"2016-02-13","AddedDate":"2017-11-17T07:31:16Z","ModifiedDate":"2017-11-17T07:47:39Z","PwnCount":2013164,"Description":"In approximately February 2016, data surfaced which was allegedly obtained from \u003Ca href=\u0022http://vtightgel.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EV-Tight Gel (vaginal tightening gel)\u003C/a\u003E. Whilst the data set was titled V-Tight, within there were \u003Ca href=\u0022https://pastebin.com/raw/pN7nyjJ7\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E50 other (predominantly wellness-related) domain names\u003C/a\u003E, most owned by the same entity. Multiple HIBP subscribers confirmed that although they couldn\u0027t recall providing data specifically to V-Tight, their personal information including name, phone and physical address was accurate. V-Tight Gel did not reply to multiple requests for comment.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/VTightGel.png","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wakanim","Title":"Wakanim","Domain":"wakanim.tv","BreachDate":"2022-08-28","AddedDate":"2022-10-06T22:44:01Z","ModifiedDate":"2022-10-06T22:44:01Z","PwnCount":6706951,"Description":"In August 2022, the European streaming service \u003Ca href=\u0022https://www.animenewsnetwork.com/news/2022-09-07/wakanim-streaming-service-delays-content-after-possible-data-breach/.189234\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum\u003C/a\u003E. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wakanim.png","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wanelo","Title":"Wanelo","Domain":"wanelo.com","BreachDate":"2018-12-13","AddedDate":"2019-09-30T17:15:11Z","ModifiedDate":"2019-10-01T05:39:41Z","PwnCount":23165793,"Description":"In approximately December 2018, the digital mall \u003Ca href=\u0022https://www.zdnet.com/article/a-hacker-has-dumped-nearly-one-billion-user-records-over-the-past-two-months/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWanelo suffered a data breach\u003C/a\u003E. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes. After the initial HIBP load, further data containing names, shipping addresses and IP addresses were also provided to HIBP, albeit without direct association to the email addresses and passwords. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wanelo.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WarInc","Title":"War Inc.","Domain":"thewarinc.com","BreachDate":"2012-07-04","AddedDate":"2016-11-07T11:07:25Z","ModifiedDate":"2016-11-07T11:07:25Z","PwnCount":1020136,"Description":"In mid-2012, the real-time strategy game \u003Ca href=\u0022http://thewarinc.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWar Inc.\u003C/a\u003E suffered a data breach. The attack resulted in the exposure of over 1 million accounts including usernames, email addresses and salted MD5 hashes of passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WarInc.png","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Warframe","Title":"Warframe","Domain":"warframe.com","BreachDate":"2014-11-24","AddedDate":"2016-07-21T02:25:49Z","ModifiedDate":"2016-07-21T02:25:49Z","PwnCount":819478,"Description":"In November 2014, the online game \u003Ca href=\u0022http://motherboard.vice.com/read/gaming-site-warframe-hacked\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWarframe was hacked\u003C/a\u003E and 819k unique email addresses were exposed. Allegedly due to a SQL injection flaw in Drupal, the attack exposed usernames, email addresses and data in a \u0022pass\u0022 column which adheres to the salted SHA12 password hashing pattern used by Drupal 7. Digital Extremes (the developers of Warframe), asserts the salted hashes are of \u0022alias names\u0022 rather than passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Warframe.png","DataClasses":["Email addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Warmane","Title":"Warmane","Domain":"warmane.com","BreachDate":"2016-12-01","AddedDate":"2018-09-08T07:54:18Z","ModifiedDate":"2018-09-08T07:57:44Z","PwnCount":1116256,"Description":"In approximately December 2016, the online service for World of Warcraft private servers \u003Ca href=\u0022https://www.warmane.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWarmane\u003C/a\u003E suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes. The data was subsequently extensively circulated online and was later provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Warmane.png","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WashingtonStateFoodWorkerCard","Title":"Washington State Food Worker Card","Domain":"foodworkercard.wa.gov","BreachDate":"2022-11-17","AddedDate":"2024-03-31T02:34:15Z","ModifiedDate":"2024-03-31T02:38:36Z","PwnCount":1594305,"Description":"In June 2023, \u003Ca href=\u0022https://tpchd.org/news/data-breach-exposed-food-worker-card-records-we-are-notifying-those-affected/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Tacoma-Pierce County Health Department announced a data breach of their Washington State Food Worker Card online training system\u003C/a\u003E. The breach was published to a popular hacking forum the year before and dated back to a 2018 database backup. Included in the data were 1.6M unique email addresses along with names, post codes, dates of birth and approximately 9.5k driver\u0027s licence numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/TacomaPierceCountyHealthDepartment.png","DataClasses":["Dates of birth","Driver\u0027s licenses","Email addresses","Geographic locations","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wattpad","Title":"Wattpad","Domain":"wattpad.com","BreachDate":"2020-06-29","AddedDate":"2020-07-19T22:49:19Z","ModifiedDate":"2020-07-19T22:49:19Z","PwnCount":268765495,"Description":"In June 2020, the user-generated stories website \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/wattpad-data-breach-exposes-account-info-for-millions-of-users/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWattpad suffered a huge data breach that exposed almost 270 million records\u003C/a\u003E. The data was initially sold then published on a public hacking forum where it was broadly shared. The incident exposed extensive personal information including names and usernames, email and IP addresses, genders, birth dates and passwords stored as bcrypt hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wattpad.png","DataClasses":["Bios","Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Social media profiles","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WeHeartIt","Title":"We Heart It","Domain":"weheartit.com","BreachDate":"2013-11-03","AddedDate":"2017-10-14T20:14:58Z","ModifiedDate":"2017-10-14T20:14:58Z","PwnCount":8600635,"Description":"In November 2013, the image-based social network \u003Ca href=\u0022http://help.weheartit.com/customer/portal/articles/2889018\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWe Heart It suffered a data breach\u003C/a\u003E. The incident wasn\u0027t discovered until October 2017 when 8.6 million user records were sent to HIBP. The data contained user names, email addresses and password hashes, 80% of which were salted SHA-256 with the remainder being MD5 with no salt.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WeHeartIt.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WedMeGood","Title":"WedMeGood","Domain":"wedmegood.com","BreachDate":"2021-01-06","AddedDate":"2021-05-13T00:08:20Z","ModifiedDate":"2021-05-13T00:08:20Z","PwnCount":1306723,"Description":"In January 2021, the Indian wedding planning platform \u003Ca href=\u0022https://www.thenewsminute.com/article/wedmegood-and-two-more-sites-hacked-103-crore-users-card-data-leaked-140996\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWedMeGood suffered a data breach that exposed 1.3 million customers\u003C/a\u003E. The breach exposed 41.5GB of data including email and physical addresses, names, genders, phone numbers and password hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WedMeGood.png","DataClasses":["Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Weee","Title":"Weee","Domain":"sayweee.com","BreachDate":"2022-07-11","AddedDate":"2023-02-08T23:17:51Z","ModifiedDate":"2023-02-08T23:17:51Z","PwnCount":1117405,"Description":"In February 2023, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/weee-grocery-service-confirms-data-breach-11-million-affected/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata belonging to the Asian and Hispanic food delivery service Weee appeared on a popular hacking forum\u003C/a\u003E. Dating back to mid-2022, the data included 1.1M unique email addresses from 11M rows of orders containing names, phone numbers and delivery instructions.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Weee.png","DataClasses":["Delivery instructions","Email addresses","Names","Phone numbers","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WeLeakInfo","Title":"WeLeakInfo","Domain":"weleakinfo.com","BreachDate":"2021-03-08","AddedDate":"2021-03-15T22:48:25Z","ModifiedDate":"2021-05-03T11:08:29Z","PwnCount":11788,"Description":"In March 2021, \u003Ca href=\u0022https://krebsonsecurity.com/2021/03/weleakinfo-leaked-customer-payment-info/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Stripe account of the now-defunct WeLeakInfo service was taken over by \u0026quot;pompompurin\u0026quot;\u003C/a\u003E after acquiring an expired domain name with an email address used to manage the account. Access to Stripe then exposed almost 12k unique email addresses from customers who\u0027d made credit card payments in order to obtain breached data hosted by WeLeakInfo. The data was subsequently leaked publicly and also included names, payment histories, IP addresses, billing addresses, partial credit card data and the organisation making the purchase.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WeLeakInfo.png","DataClasses":["Browser user agent details","Email addresses","Employers","IP addresses","Names","Partial credit card data","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wendys","Title":"Wendy\u0027s","Domain":"wendys.com.ph","BreachDate":"2018-03-31","AddedDate":"2022-05-24T23:50:35Z","ModifiedDate":"2022-05-24T23:50:35Z","PwnCount":52485,"Description":"In March 2018, \u003Ca href=\u0022https://www.rappler.com/technology/202040-wendys-philippines-data-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWendy\u0027s in the Philippines suffered a data breach\u003C/a\u003E which impacted over 52k customers and job applicants. The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wendys.png","DataClasses":["Education levels","Email addresses","IP addresses","Job applications","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Whitepages","Title":"Whitepages","Domain":"whitepages.com","BreachDate":"2016-06-27","AddedDate":"2019-03-27T01:50:45Z","ModifiedDate":"2019-03-27T01:50:45Z","PwnCount":11657763,"Description":"In mid-2016, the telephone and address directory service \u003Ca href=\u0022https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWhitepages was among a raft of sites that were breached and their data then sold in early-2019\u003C/a\u003E. The data included over 11 million unique email addresses alongside names and passwords stored as either a SHA-1 or bcrypt hash. The data was provided to HIBP by a source who requested it to be attributed to \u0026quot;BenjaminBlue@exploit.im\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Whitepages.png","DataClasses":["Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WHMCS","Title":"WHMCS","Domain":"whmcs.com","BreachDate":"2012-05-21","AddedDate":"2016-06-28T23:47:07Z","ModifiedDate":"2016-06-28T23:47:07Z","PwnCount":134047,"Description":"In May 2012, the web hosting, billing and automation company \u003Ca href=\u0022http://news.softpedia.com/news/UGNazi-Leaks-1-7-GB-of-Data-from-WHMCS-Servers-270914.shtml\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWHMCS suffered a data breach\u003C/a\u003E that exposed 134k email addresses. The breach included extensive information about customers and payment histories including partial credit card numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WHMCS.png","DataClasses":["Email addresses","Email messages","Employers","IP addresses","Names","Partial credit card data","Passwords","Payment histories","Physical addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WienerBuchereien","Title":"Wiener B\u00FCchereien","Domain":"","BreachDate":"2019-06-10","AddedDate":"2019-06-28T07:51:50Z","ModifiedDate":"2019-06-28T07:51:50Z","PwnCount":224119,"Description":"In June 2019, \u003Ca href=\u0022https://futurezone.at/digital-life/wiener-buechereien-gehackt-daten-von-77000-nutzern-im-netz/400524190\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe library of Vienna (Wiener B\u00FCchereien) suffered a data breach\u003C/a\u003E. The compromised data included 224k unique email addresses, names, physical addresses, phone numbers and dates of birth. The breached data was subsequently posted to Twitter by the alleged perpetrator of the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WienerBuchereien.png","DataClasses":["Dates of birth","Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WifeLovers","Title":"Wife Lovers","Domain":"wifelovers.com","BreachDate":"2018-10-07","AddedDate":"2018-10-20T20:26:13Z","ModifiedDate":"2018-10-23T06:00:07Z","PwnCount":1274051,"Description":"In October 2018, the site dedicated to posting naked photos and other erotica of wives \u003Ca href=\u0022https://arstechnica.com/information-technology/2018/10/hack-on-8-adult-websites-exposes-oodles-of-intimate-user-data/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWife Lovers suffered a data breach\u003C/a\u003E. The underlying database supported a total of 8 different adult websites and contained over 1.2M unique email addresses. \u003Ca href=\u0022https://web.archive.org/web/20181020185005/http://wifelovers.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWife Lovers acknowledged the breach\u003C/a\u003E which impacted names, usernames, email and IP addresses and passwords hashed using the weak DEScrypt algorithm. The breach has been marked as \u0026quot;sensitive\u0026quot; due to the nature of the site.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WifeLovers.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WIIUISO","Title":"WIIU ISO","Domain":"wiiuiso.com","BreachDate":"2015-09-25","AddedDate":"2016-09-06T05:51:12Z","ModifiedDate":"2016-09-06T05:51:12Z","PwnCount":458155,"Description":"In September 2015, the Nintendo Wii U forum known as \u003Ca href=\u0022http://www.wiiuiso.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWIIU ISO\u003C/a\u003E was hacked and 458k accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WIIUISO.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WildStar","Title":"WildStar","Domain":"wildstar-online.com","BreachDate":"2015-07-11","AddedDate":"2016-03-06T21:41:16Z","ModifiedDate":"2016-03-06T21:41:16Z","PwnCount":738556,"Description":"In July 2015, the IP.Board forum for the gaming website \u003Ca href=\u0022http://www.wildstar-online.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWildStar\u003C/a\u003E suffered a data breach that exposed over 738k forum members\u0027 accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WildStar.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Win7Vista","Title":"Win7Vista Forum","Domain":"win7vista.com","BreachDate":"2013-09-03","AddedDate":"2014-06-01T10:01:32Z","ModifiedDate":"2014-06-01T10:01:32Z","PwnCount":202683,"Description":"In September 2013, the \u003Ca href=\u0022http://www.win7vista.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWin7Vista\u003C/a\u003E Windows forum (since renamed to the \u0022Beyond Windows 9\u0022 forum) was hacked and later \u003Ca href=\u0022http://leak.sx/thread-186933\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehad its internal database dumped\u003C/a\u003E. The dump included over 200k members\u2019 personal information and other internal data extracted from the forum.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Win7Vista.png","DataClasses":["Email addresses","Instant messenger identities","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wishbone","Title":"Wishbone (2016)","Domain":"wishbone.io","BreachDate":"2016-08-07","AddedDate":"2017-03-15T19:29:52Z","ModifiedDate":"2020-05-28T03:55:18Z","PwnCount":2247314,"Description":"In August 2016, the mobile app to \u0026quot;compare anything\u0026quot; known as \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/popular-teen-quiz-app-wishbone-has-been-hacked-exposing-tons-of-user-information\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWishbone suffered a data breach\u003C/a\u003E. The data contained 9.4 million records with 2.2 million unique email addresses and was allegedly a subset of the complete data set. The exposed data included genders, birthdates, email addresses and phone numbers for an audience predominantly composed of teenagers and young adults.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wishbone.png","DataClasses":["Auth tokens","Dates of birth","Email addresses","Genders","Names","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wishbone2020","Title":"Wishbone (2020)","Domain":"wishbone.io","BreachDate":"2020-01-27","AddedDate":"2020-05-28T03:54:44Z","ModifiedDate":"2020-05-28T03:54:44Z","PwnCount":9705172,"Description":"In January 2020, the mobile app to \u0026quot;compare anything\u0026quot; \u003Ca href=\u0022https://www.infosecurity-magazine.com/news/wishbone-breach-40-million-records/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWishbone suffered another data breach\u003C/a\u003E which followed their breach from 2016. An extensive amount of personal information including almost 10M unique email addresses alongside names, phone numbers geographic locations and other personal attributes were leaked online and extensively redistributed. Passwords stored as unsalted MD5 hashes were also included in the breach. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;All3in\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wishbone.png","DataClasses":["Auth tokens","Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Profile photos","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WiziShop","Title":"WiziShop","Domain":"wizishop.fr","BreachDate":"2020-07-14","AddedDate":"2020-10-05T03:42:29Z","ModifiedDate":"2021-11-25T22:08:12Z","PwnCount":2856769,"Description":"In July 2020, the French e-commerce platform \u003Ca href=\u0022https://www.wizishop.fr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWiziShop\u003C/a\u003E suffered a data breach. The breach exposed 18GB worth of data including names, phone numbers, dates of birth, physical and IP addresses, SHA-1 password hashes and almost 3 million unique email addresses. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;pom@pompur.in\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WiziShop.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Wongnai","Title":"Wongnai","Domain":"wongnai.com","BreachDate":"2020-10-28","AddedDate":"2020-11-04T21:14:50Z","ModifiedDate":"2020-11-05T04:42:20Z","PwnCount":3924454,"Description":"In October 2020, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-is-selling-34-million-user-records-stolen-from-17-companies/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E17 previously undisclosed data breaches appeared for sale\u003C/a\u003E including the Thai restaurant, hotel and attraction finding service, Wongnai. The breach exposed almost 4M unique customer records from some time during 2020 along with names, phone numbers, links to social media profiles and passwords stored as MD5 hashes. The data was self-submitted to HIBP by Wongnai.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Wongnai.png","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WoTLabs","Title":"WoTLabs","Domain":"wotlabs.net","BreachDate":"2024-03-03","AddedDate":"2024-03-07T03:32:45Z","ModifiedDate":"2024-03-07T03:45:25Z","PwnCount":21994,"Description":"In March 2024, WoTLabs (World of Tanks Statistics and Resources) suffered a data breach and \u003Ca href=\u0022https://web.archive.org/web/20240303062156/http://forum.wotlabs.net/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ewebsite defacement attributed to \u0026quot;chromebook breachers\u0026quot;\u003C/a\u003E. The breach exposed 22k forum members\u0027 personal data including email and IP addresses, usernames, dates of birth and time zones.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WoTLabs.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Time zones","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WPSandbox","Title":"WPSandbox","Domain":"wpsandbox.io","BreachDate":"2018-11-04","AddedDate":"2018-11-06T07:26:07Z","ModifiedDate":"2018-11-06T07:26:07Z","PwnCount":858,"Description":"In November 2018, the WordPress sandboxing service that allows people to create temporary websites \u003Ca href=\u0022https://wpsandbox.io/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWP Sandbox\u003C/a\u003E discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. The phishing page requested both email addresses and passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WPSandbox.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"WPT","Title":"WPT Amateur Poker League","Domain":"wptapl.com","BreachDate":"2014-01-04","AddedDate":"2014-02-01T02:57:21Z","ModifiedDate":"2014-02-01T02:57:21Z","PwnCount":148366,"Description":"In January 2014, the \u003Ca href=\u0022http://www.wptapl.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EWorld Poker Tour (WPT) Amateur Poker League website\u003C/a\u003E was hacked by the Twitter user @smitt3nz. The attack resulted in the public disclosure of 175,000 accounts including 148,000 email addresses. The plain text password for each account was also included in the breach.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/WPT.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"xat","Title":"xat","Domain":"xat.com","BreachDate":"2015-11-04","AddedDate":"2016-08-05T06:53:35Z","ModifiedDate":"2016-08-05T06:53:35Z","PwnCount":5968783,"Description":"In November 2015, the online chatroom known as \u003Ca href=\u0022http://xat.com/databreach.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0026quot;xat\u0026quot; was hacked\u003C/a\u003E and 6 million user accounts were exposed. Used as a chat engine on websites, the leaked data included usernames, email and IP addresses along with hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/xat.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Xbox360ISO","Title":"Xbox 360 ISO","Domain":"xbox360iso.com","BreachDate":"2015-09-25","AddedDate":"2017-01-29T07:20:52Z","ModifiedDate":"2017-01-29T07:20:52Z","PwnCount":1296959,"Description":"In approximately September 2015, the XBOX 360 forum known as \u003Ca href=\u0022http://www.xbox360iso.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXBOX360 ISO\u003C/a\u003E was hacked and 1.2 million accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Xbox360ISO.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Xbox-Scene","Title":"Xbox-Scene","Domain":"xboxscene.com","BreachDate":"2015-02-01","AddedDate":"2016-02-07T20:26:56Z","ModifiedDate":"2016-02-07T20:26:56Z","PwnCount":432552,"Description":"In approximately February 2015, the Xbox forum known as \u003Ca href=\u0022http://xboxscene.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXbox-Scene\u003C/a\u003E was hacked and more than 432k accounts were exposed. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Xbox-Scene.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"xHamster","Title":"xHamster","Domain":"xhamster.com","BreachDate":"2016-11-28","AddedDate":"2018-03-08T02:09:26Z","ModifiedDate":"2018-03-08T02:09:26Z","PwnCount":377377,"Description":"In November 2016, news broke that \u003Ca href=\u0022https://motherboard.vice.com/en_us/article/kb7kqx/hackers-are-trading-hundreds-of-thousands-of-xhamster-porn-account-details\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehackers were trading hundreds of thousands of xHamster porn account details\u003C/a\u003E. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/xHamster.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Xiaomi","Title":"Xiaomi","Domain":"xiaomi.cn","BreachDate":"2012-08-01","AddedDate":"2019-07-21T21:45:31Z","ModifiedDate":"2019-07-21T21:45:31Z","PwnCount":7088010,"Description":"In August 2012, \u003Ca href=\u0022https://thehackernews.com/2014/10/xiaomi-data-breach-hacker.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Xiaomi user forum website suffered a data breach\u003C/a\u003E. In all, 7 million email addresses appeared in the breach although a significant portion of them were numeric aliases on the bbs_ml_as_uid.xiaomi.com domain. Usernames, IP addresses and passwords stored as salted MD5 hashes were also exposed. The data was provided with support from \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Xiaomi.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"XKCD","Title":"XKCD","Domain":"xkcd.com","BreachDate":"2019-07-01","AddedDate":"2019-09-01T08:58:32Z","ModifiedDate":"2019-09-01T08:58:32Z","PwnCount":561991,"Description":"In July 2019, \u003Ca href=\u0022https://forums.xkcd.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe forum for webcomic XKCD\u003C/a\u003E suffered a data breach that impacted 562k subscribers. The breached phpBB forum leaked usernames, email and IP addresses and passwords stored in MD5 phpBB3 format. The data was provided to HIBP by white hat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/XKCD.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"XPGameSaves","Title":"XPG","Domain":"xpgamesaves.com","BreachDate":"2016-01-01","AddedDate":"2017-07-01T15:28:17Z","ModifiedDate":"2017-07-01T15:28:17Z","PwnCount":890341,"Description":"In approximately early 2016, the gaming website \u003Ca href=\u0022http://www.xpgamesaves.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXpgamesaves\u003C/a\u003E (XPG) suffered a data breach resulting in the exposure of 890k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory. This data was provided by security researcher and data analyst, Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/XPGameSaves.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"XSplit","Title":"XSplit","Domain":"xsplit.com","BreachDate":"2013-11-07","AddedDate":"2015-08-08T04:28:48Z","ModifiedDate":"2015-08-08T04:28:48Z","PwnCount":2983472,"Description":"In November 2013, the makers of gaming live streaming and recording software \u003Ca href=\u0022https://www.xsplit.com/blog/xsplit-password-reset-alert\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EXSplit was compromised in an online attack\u003C/a\u003E. The data breach leaked almost 3M names, email addresses, usernames and hashed passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/XSplit.png","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yahoo","Title":"Yahoo","Domain":"yahoo.com","BreachDate":"2012-07-11","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":453427,"Description":"In July 2012, Yahoo! had their online publishing service \u0026quot;Voices\u0026quot; compromised via a SQL injection attack. The breach resulted in the disclosure of nearly half a million usernames and passwords stored in plain text. The breach showed that of the compromised accounts, a staggering \u003Ca href=\u0022http://www.troyhunt.com/2012/07/what-do-sony-and-yahoo-have-in-common.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E59% of people who also had accounts in the Sony breach reused their passwords across both services\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yahoo.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yam","Title":"Yam","Domain":"yam.com","BreachDate":"2013-06-02","AddedDate":"2021-05-22T08:02:31Z","ModifiedDate":"2021-05-22T08:02:31Z","PwnCount":13258797,"Description":"In June 2013, the Taiwanese website \u003Ca href=\u0022https://twitter.com/StillAzureH/status/1383234219153846276\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EYam.com suffered a data breach which was shared to a popular hacking forum in 2021\u003C/a\u003E. The data included 13 million unique email addresses alongside names, usernames, phone numbers, physical addresses, dates of birth and unsalted MD5 password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yam.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yandex","Title":"Yandex Dump","Domain":"forum.btcsec.com","BreachDate":"2014-09-07","AddedDate":"2014-09-12T04:50:32Z","ModifiedDate":"2014-09-12T04:50:32Z","PwnCount":1186564,"Description":"In September 2014, \u003Ca href=\u0022http://habrahabr.ru/post/235949/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Enews broke of a massive leak of accounts from Yandex\u003C/a\u003E, the Russian search engine giants who also provides email services. The purported million \u0026quot;breached\u0026quot; accounts were disclosed at the same time as nearly 5M mail.ru accounts with \u003Ca href=\u0022http://globalvoicesonline.org/2014/09/10/russia-email-yandex-mailru-passwords-hacking/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eboth companies claiming the credentials were acquired via phishing scams\u003C/a\u003E rather than being obtained as a result of direct attacks against their services.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yandex.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Yatra","Title":"Yatra","Domain":"yatra.com","BreachDate":"2013-09-01","AddedDate":"2018-07-04T23:15:57Z","ModifiedDate":"2018-07-04T23:15:57Z","PwnCount":5033997,"Description":"In September 2013, the Indian bookings website known as \u003Ca href=\u0022https://www.yatra.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EYatra\u003C/a\u003E had 5 million records exposed in a data breach. The data contained email and physical addresses, dates of birth and phone numbers along with both PINs and passwords stored in plain text. The site was previously reported as compromised on the \u003Ca href=\u0022https://vigilante.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EVigilante.pw\u003C/a\u003E breached database directory.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Yatra.png","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","PINs"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YoteprestoCom","Title":"yotepresto.com","Domain":"yotepresto.com","BreachDate":"2020-06-22","AddedDate":"2021-06-25T05:04:47Z","ModifiedDate":"2021-06-25T05:04:47Z","PwnCount":1444629,"Description":"In June 2020, the Mexican lending platform \u003Ca href=\u0022https://newsbeezer.com/mexicoeng/yotepresto-has-disclosed-the-emails-and-passwords-of-all-1-4-million-customers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eyotepresto.com suffered a data breach\u003C/a\u003E. Over 1.4 million customers were impacted by the breach which disclosed email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/YoteprestoCom.png","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Youku","Title":"Youku","Domain":"youku.com","BreachDate":"2016-12-01","AddedDate":"2017-04-15T11:02:35Z","ModifiedDate":"2017-04-15T11:02:35Z","PwnCount":91890110,"Description":"In late 2016, the online Chinese video service \u003Ca href=\u0022http://www.youku.com\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EYouku\u003C/a\u003E suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Youku.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YouNow","Title":"YouNow","Domain":"younow.com","BreachDate":"2019-02-15","AddedDate":"2019-07-18T08:59:45Z","ModifiedDate":"2019-07-18T08:59:45Z","PwnCount":18241518,"Description":"In February 2019, \u003Ca href=\u0022https://techcrunch.com/2019/02/14/hacker-strikes-again/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edata from the live broadcasting service YouNow appeared for sale on a dark web marketplace\u003C/a\u003E. Whilst it\u0027s not clear what date the actual breach occurred on, the impacted data included 18M unique email addresses, IP addresses, names, usernames and links to social media profiles. As authentication is performed via social providers, no passwords were exposed in the breach. Many records didn\u0027t have associated email addresses thus the unique number is lower than the reported total number of accounts. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;JimScott.Sec@protonmail.com\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/YouNow.png","DataClasses":["Email addresses","IP addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YouPorn","Title":"YouPorn","Domain":"youporn.com","BreachDate":"2012-02-21","AddedDate":"2015-07-30T05:32:00Z","ModifiedDate":"2018-05-20T05:24:11Z","PwnCount":1327567,"Description":"In February 2012, the adult website YouPorn \u003Ca href=\u0022http://www.huffingtonpost.com/2012/02/22/youporn-hacked-email-addresses-passwords_n_1294502.html\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ehad over 1.3M user accounts exposed in a data breach\u003C/a\u003E. The publicly released data included both email addresses and plain text passwords.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/YouPorn.png","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"YouveBeenScraped","Title":"You\u0027ve Been Scraped","Domain":"","BreachDate":"2018-10-05","AddedDate":"2018-12-06T19:11:27Z","ModifiedDate":"2018-12-06T19:11:27Z","PwnCount":66147869,"Description":"In October and November 2018, \u003Ca href=\u0022https://blog.hackenproof.com/industry-news/new-report-unknown-data-scraper-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Esecurity researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator\u003C/a\u003E. Containing a total of over 66M records, the owner of the data couldn\u0027t be identified but it is believed to have been scraped from LinkedIn hence the title \u0026quot;You\u0027ve Been Scraped\u0026quot;. The exposed records included names, both work and personal email addresses, job titles and links to the individuals\u0027 LinkedIn profiles.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/List.png","DataClasses":["Email addresses","Employers","Geographic locations","Job titles","Names","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zacks","Title":"Zacks","Domain":"zacks.com","BreachDate":"2020-05-10","AddedDate":"2023-06-10T23:10:02Z","ModifiedDate":"2023-06-10T23:23:18Z","PwnCount":8929503,"Description":"In December 2022, the investment research company \u003Ca href=\u0022https://www.zacks.com/breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZacks announced a data breach\u003C/a\u003E. The following month, \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/zacks-investment-research-data-breach-affects-820-000-clients/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereports emerged of the incident impacting 820k customers\u003C/a\u003E. However, in June 2023, a corpus of data with almost 9M Zacks customers appeared before being broadly circulated on a popular hacking forum. The most recent data was dated May 2020 and included names, usernames, email and physical addresses, phone numbers and passwords stored as unsalted SHA-256 hashes. On disclosure of the larger breach, Zacks advised that in addition to their original report \u0026quot;the unauthorised third parties also gained access to encrypted [sic] passwords of zacks.com customers, but only in the encrypted [sic] format\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zacks.png","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ZadigVoltaire","Title":"Zadig \u0026 Voltaire","Domain":"zadig-et-voltaire.com","BreachDate":"2023-11-16","AddedDate":"2024-06-17T06:02:11Z","ModifiedDate":"2024-06-17T06:02:11Z","PwnCount":586895,"Description":"In June 2024, \u003Ca href=\u0022https://x.com/h4ckmanac/status/1798228918006091819\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ea data brach sourced from French fashion brand Zadig \u0026 Voltaire was publicly posted to a popular hacking forum\u003C/a\u003E. The data included names, email and physical addresses, phone numbers and genders. When contacted about the incident, Zadig \u0026 Voltaire advised the incident had occurred more than 6 months ago and that \u0026quot;all measures were taken quickly\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ZadigVoltaire.png","DataClasses":["Email addresses","Genders","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ZAPHosting","Title":"ZAP-Hosting","Domain":"zap-hosting.com","BreachDate":"2021-11-22","AddedDate":"2022-03-19T23:48:45Z","ModifiedDate":"2022-03-19T23:48:45Z","PwnCount":746682,"Description":"In November 2021, web host \u003Ca href=\u0022https://twitter.com/zaphosting/status/1503346593591873543\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZAP-Hosting suffered a data breach\u003C/a\u003E that exposed over 60GB of data containing 746k unique email addresses. The breach also contained support chat logs, IP addresses, names, purchases, physical addresses and phone numbers.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ZAPHosting.png","DataClasses":["Browser user agent details","Chat logs","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zhenai","Title":"Zhenai.com","Domain":"zhenai.com","BreachDate":"2011-12-21","AddedDate":"2019-07-11T06:31:32Z","ModifiedDate":"2019-07-11T06:31:32Z","PwnCount":5024908,"Description":"In December 2011, the Chinese dating site known as \u003Ca href=\u0022http://nic.xjtu.edu.cn/info/1018/1909.htm\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZhenai.com suffered a data breach\u003C/a\u003E that impacted 5 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \u0026quot;unverified\u0026quot;. The data in the breach contains email addresses and plain text passwords. \u003Ca href=\u0022https://www.troyhunt.com/handling-chinese-data-breaches-in-have-i-been-pwned/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003ERead more about Chinese data breaches in Have I Been Pwned.\u003C/a\u003E","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zhenai.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"ZLib","Title":"Z-lib","Domain":"z-lib.is","BreachDate":"2024-06-20","AddedDate":"2024-11-04T04:12:07Z","ModifiedDate":"2024-11-04T04:12:07Z","PwnCount":9737374,"Description":"In June 2024, \u003Ca href=\u0022https://cybernews.com/security/zlibrary-copycat-exposes-millions-digital-pirates/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ealmost 10M user records from Z-lib were discovered exposed online\u003C/a\u003E. Now defunct, Z-lib was a malicious clone of Z-Library, a well-known shadow online platform for pirating books and academic papers. The exposed data included usernames, email addresses, countries of residence, Bitcoin and Monero cryptocurrency wallet addresses, purchases and bcrypt password hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/ZLib.png","DataClasses":["Cryptocurrency wallet addresses","Email addresses","Geographic locations","Passwords","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zomato","Title":"Zomato","Domain":"zomato.com","BreachDate":"2017-05-17","AddedDate":"2017-09-04T21:06:46Z","ModifiedDate":"2017-09-04T21:06:46Z","PwnCount":16472873,"Description":"In May 2017, the restaurant guide website \u003Ca href=\u0022https://www.hackread.com/zomato-hacked-17-million-accounts-sold-on-dark-web/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZomato was hacked\u003C/a\u003E resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zomato.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zoomcar","Title":"Zoomcar","Domain":"zoomcar.com","BreachDate":"2018-07-01","AddedDate":"2020-06-05T02:57:26Z","ModifiedDate":"2020-06-05T02:57:26Z","PwnCount":3589795,"Description":"In July 2018, the Indian self-drive car rental company \u003Ca href=\u0022https://tech.economictimes.indiatimes.com/news/internet/data-of-3-5-million-zoomcar-customers-up-for-sale/75896086\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZoomcar suffered a data breach which was subsequently sold on a dark web marketplace in 2020\u003C/a\u003E. The breach exposed over 3.5M records including names, email and IP addresses, phone numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zoomcar.png","DataClasses":["Email addresses","IP addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zoosk","Title":"Zoosk (2011)","Domain":"zoosk.com","BreachDate":"2011-01-01","AddedDate":"2017-02-08T07:59:39Z","ModifiedDate":"2020-08-06T21:54:13Z","PwnCount":52578183,"Description":"In approximately 2011, an alleged breach of the dating website \u003Ca href=\u0022https://www.zoosk.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZoosk\u003C/a\u003E began circulating. Comprised of almost 53 million records, the data contained email addresses and plain text passwords. However, during extensive verification in May 2016 \u003Ca href=\u0022https://www.troyhunt.com/heres-how-i-verify-data-breaches/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eno evidence could be found that the data was indeed sourced from the dating service\u003C/a\u003E. This breach has consequently been flagged as \u003Ca href=\u0022https://www.troyhunt.com/introducing-fabricated-data-breaches-to-have-i-been-pwned\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Efabricated\u003C/a\u003E; it\u0027s highly unlikely the data was sourced from Zoosk.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zoosk.png","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":true,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zoosk2020","Title":"Zoosk (2020)","Domain":"zoosk.com","BreachDate":"2020-01-12","AddedDate":"2020-08-07T03:46:38Z","ModifiedDate":"2020-08-07T03:46:38Z","PwnCount":23927853,"Description":"In January 2020, the online dating service \u003Ca href=\u0022https://grahamcluley.com/zoosk-hacking/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZoosk suffered a data breach\u003C/a\u003E which was subsequently shared extensively across online hacking communities. The breach contained 24 million unique email addresses alongside extensive personal information including genders, sexualities, dates of birth, physical attributes such as height and weight, religions, ethnicities and political views. The breach also allegedly exposed MD5 password hashes, although the data circulating in hacking circles had this field nulled out. The breach was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zoosk.png","DataClasses":["Dates of birth","Drinking habits","Education levels","Email addresses","Ethnicities","Family structure","Genders","Geographic locations","Income levels","Names","Nicknames","Physical attributes","Political views","Relationship statuses","Religions","Sexual orientations","Smoking habits"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zooville","Title":"Zooville","Domain":"zooville.org","BreachDate":"2019-09-27","AddedDate":"2019-10-19T21:22:44Z","ModifiedDate":"2019-10-20T21:58:16Z","PwnCount":71407,"Description":"In September 2019, the zoophilia and bestiality forum \u003Ca href=\u0022https://www.zooville.org/threads/security-incident-and-site-rebuild-september-2019.9/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZooville suffered a data breach\u003C/a\u003E. The usernames and email addresses of 71k members were accessed via an unpatched vulnerability in the vBulletin forum software then subsequently distributed online. A second data set was later provided to HIBP which contained a complete vBulletin database dump including IP addresses, dates of birth and passwords stored as bcrypt hashes. The site administrator advised that following the breach, all data had been deleted from the forum and a new one had been stood up on the XenForo platform. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;burger vault\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zooville.png","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zurich","Title":"Zurich","Domain":"zurich.co.jp","BreachDate":"2023-01-08","AddedDate":"2023-01-22T22:30:56Z","ModifiedDate":"2023-01-22T22:30:56Z","PwnCount":756737,"Description":"In January 2023, \u003Ca href=\u0022https://therecord.media/millions-of-aflac-zurich-insurance-customers-in-japan-have-data-leaked-after-breach/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses\u003C/a\u003E. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles. The data was provided to HIBP by a source who requested it be attributed to \u0026quot;IntelBroker\u0026quot;.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zurich.png","DataClasses":["Dates of birth","Email addresses","Genders","Names","Vehicle details"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Zynga","Title":"Zynga","Domain":"zynga.com","BreachDate":"2019-09-01","AddedDate":"2019-12-19T04:54:45Z","ModifiedDate":"2020-01-11T00:41:51Z","PwnCount":172869660,"Description":"In September 2019, game developer \u003Ca href=\u0022https://www.cnet.com/news/words-with-friends-hack-reportedly-exposes-data-of-more-than-200m-players/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003EZynga (the creator of Words with Friends) suffered a data breach\u003C/a\u003E. The incident exposed 173M unique email addresses alongside usernames and passwords stored as salted SHA-1 hashes. The data was provided to HIBP by \u003Ca href=\u0022https://dehashed.com/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Edehashed.com\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Zynga.png","DataClasses":["Email addresses","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"Parapa","Title":"\u041F\u0430\u0440\u0430 \u041F\u0430","Domain":"parapa.mail.ru","BreachDate":"2016-08-08","AddedDate":"2016-12-28T07:03:17Z","ModifiedDate":"2016-12-28T07:03:17Z","PwnCount":4946850,"Description":"In August 2016, \u003Ca href=\u0022http://www.zdnet.com/article/over-25-million-accounts-stolen-after-mail-ru-forums-raided-by-hackers/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ethe Russian gaming site known as \u041F\u0430\u0440\u0430 \u041F\u0430 (or parapa.mail.ru) was hacked\u003C/a\u003E along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 4.9 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/Parapa.png","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"SprashivaiRu","Title":"\u0421\u043F\u0440\u0430\u0448\u0438\u0432\u0430\u0439.\u0440\u0443","Domain":"sprashivai.ru","BreachDate":"2015-05-11","AddedDate":"2015-05-12T23:50:08Z","ModifiedDate":"2015-05-12T23:50:08Z","PwnCount":3474763,"Description":"In May 2015, \u003Ca href=\u0022http://sprashivai.ru/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E\u0421\u043F\u0440\u0430\u0448\u0438\u0432\u0430\u0439.\u0440\u0443\u003C/a\u003E (a the Russian website for anonymous reviews) was \u003Ca href=\u0022http://tjournal.ru/p/sprashivairu-passwords-leak\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ereported to have had 6.7 million user details exposed\u003C/a\u003E by a hacker known as \u0026quot;w0rm\u0026quot;. Intended to be a site for expressing anonymous opinions, the leaked data included email addresses, birth dates and other personally identifiable data about almost 3.5 million unique email addresses found in the leak.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/SprashivaiRu.png","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false},{"Name":"DecoratingTheHouse","Title":"\uC9D1\uAFB8\uBBF8\uAE30","Domain":"ggumim.co.kr","BreachDate":"2020-03-27","AddedDate":"2020-08-02T05:34:42Z","ModifiedDate":"2020-08-02T05:34:42Z","PwnCount":1298651,"Description":"In March 2020, the Korean interior decoration website \u003Ca href=\u0022https://www.bleepingcomputer.com/news/security/hacker-leaks-386-million-user-records-from-18-companies-for-free/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003E???? (Decorating the House) suffered a data breach\u003C/a\u003E which impacted almost 1.3 million members. Served via the URL \u003Ca href=\u0022https://www.ggumim.co.kr/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Eggumim.co.kr\u003C/a\u003E, the exposed data included email addresses, names, usernames and phone numbers, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by \u003Ca href=\u0022https://breachbase.pw/\u0022 target=\u0022_blank\u0022 rel=\u0022noopener\u0022\u003Ebreachbase.pw\u003C/a\u003E.","LogoPath":"https://haveibeenpwned.com/Content/Images/PwnedLogos/DecoratingTheHouse.png","DataClasses":["Email addresses","Names","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false}] \ No newline at end of file