Date added to HIBP: 2 July 2017 Date added to HIBP: 23 October 2019 No response was received from Hub4Tech when contacted about the incident. Compromised accounts: 2,424,784 Compromised data: Avatars, Email addresses, Names, Passwords, Private messages, Usernames The data was subsequently redistributed on a popular hacking forum. Date added to HIBP: 7 November 2016 Oppo v. Nokia. Permalink. In approximately 2017, the website for Russian speakers in America known as Russian America suffered a data breach. Permalink. In October and November 2018, security researcher Bob Diachenko identified several unprotected MongoDB instances believed to be hosted by a data aggregator. Compromised data: Email addresses, IP addresses, Passwords, Usernames Breach date: 11 August 2016 Date added to HIBP: 6 October 2022 Data matching that pattern was later provided to Have I Been Pwned by @akshayindia6 and included almost 1.3m unique email addresses, genders, ages and plain text passwords. Compromised data: Email addresses, IP addresses, Passwords, Usernames Breach date: 4 March 2020 Breach date: 14 March 2015 Compromised data: Auth tokens, Dates of birth, Education levels, Email addresses, Geographic locations, IP addresses, Names, Passwords, Phone numbers, Private messages, Security questions and answers, Social media profiles, Usernames Grupo Elektra is a Mexican financial and retailing corporation established by Hugo Salinas Price.The company has operations in Latin America and is the largest non-bank provider of cash advance services in the United States.. Breach date: 8 October 2016 Compromised accounts: 2,457,420 Breach date: 13 December 2018 In January 2021, the Indian wedding planning platform WedMeGood suffered a data breach that exposed 1.3 million customers. Permalink. Breach date: 16 January 2015 Date added to HIBP: 10 June 2014 The exposed data included usernames, email addresses, genders and both bcrypt and MD5 password hashes. The breach resulted in over 26,000 accounts being exposed including usernames, email addresses and password stored with a weak cryptographic hashing algorithm (MD5 with no salt). In May 2022, the Chinese BlackBerry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member records. Compromised accounts: 23,817 In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack. The data contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords. In mid-2015, the Dutch Minecraft site ServerPact was hacked and 73k accounts were exposed. Date added to HIBP: 19 July 2019 In December 2013, a breach of the web-based game community based in Slovakia exposed over 38,000 accounts which were promptly posted online. The data was provided to HIBP by dehashed.com. Date added to HIBP: 12 August 2019 Most records contained names and genders with many also including dates of birth, location, relationship status and employer. Compromised accounts: 1,531,235 Compromised accounts: 16,717,854 Permalink. Permalink. Compromised accounts: 197,184 Date added to HIBP: 7 November 2018 Date added to HIBP: 11 October 2021 Permalink. Permalink. Compromised data: Email addresses, Email messages, IP addresses, Names Impacted data also included names, phone numbers, dates of birth and passwords stored as bcrypt hashes. In November 2015, the online chatroom known as "xat" was hacked and 6 million user accounts were exposed. It was established on January 1, 2006, following the merger of the Bank of Tokyo-Mitsubishi, Ltd. and UFJ Bank Ltd. MUFG is one of the three so-called Japanese "megabanks" (along with SMBC and Mizuho).As such, it is considered a systemically important bank by the The breach resulted in nearly 6k user accounts and over 220k private messages between forum members being exposed. Compromised data: Email addresses Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes. Date added to HIBP: 29 July 2020 Compromised accounts: 4,907,802 Permalink. Compromised data: Email addresses, Names Compromised data: Email addresses, Passwords Date added to HIBP: 19 August 2020 The breach was brought to light by the Vigilante.pw data breach reporting site in September 2016. Compromised data: Email addresses, Passwords Compromised data: Age groups, Credit cards, Email addresses, Genders, Names, Passwords, Phone numbers, Physical addresses, Purchases, Usernames The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes. Compromised accounts: 91,890,110 Compromised data: Email addresses, IP addresses, Passwords, Private messages, Usernames Compromised accounts: 52,485 Compromised data: Browser user agent details, Email addresses, IP addresses, Usernames, Website activity Date added to HIBP: 29 August 2017 Permalink. Compromised accounts: 879,703 Date added to HIBP: 30 August 2018 Compromised data: Email addresses, IP addresses Compromised accounts: 1,197,620 In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. Compromised data: Email addresses, Employers, Job titles, Names, Phone numbers Compromised data: Email addresses, Government issued IDs, Names, Passwords Compromised data: Credit status information, Email addresses, Home loan information, Income levels, IP addresses, Names, Passwords, Personal descriptions, Physical addresses Date added to HIBP: 30 September 2016 In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. Date added to HIBP: 15 April 2022 In a disclosure statement from Audi, they also advised some customers had driver's licenses, dates of birth, social security numbers and other personal information exposed. Compromised data: Email addresses, Passwords, Usernames Compromised accounts: 398,011 The data also included names, phone numbers, geographic locations, dates of birth, job titles, job applications and cover letters plus passwords stored as unsalted MD5 hashes. Date added to HIBP: 31 January 2017 Breach date: 27 December 2015 In total, the data included over 71M unique email addresses alongside names, genders, birth dates and passwords stored as SHA2-384 hashes. A rival hacking website claimed responsibility for breaching the MyBB based forum which disclosed email and IP addresses, usernames, private messages and passwords stored as bcrypt hashes. Breach date: 7 September 2014 The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com". Date added to HIBP: 26 July 2020 Compromised accounts: 504,565 Breach date: 22 July 2014 Permalink. Banorte advised the data is "outdated", and includes physical addresses, names, tax numbers & bank balances. They subsequently dated the hack as having occurred in July 2013 although there is evidence to suggest the data was being traded months in advance of that. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com". Breach date: 18 May 2016 Compromised data: Email addresses, IP addresses, Passwords, Usernames Permalink. Breach date: 10 October 2019 In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed for sale on a dark web marketplace. Date added to HIBP: 19 July 2021 Permalink. Compromised accounts: 20,339,937 In March 2018, Wendy's in the Philippines suffered a data breach which impacted over 52k customers and job applicants. Permalink. The data was provided to HIBP courtesy of Cyril Gorlla. Permalink. This breach has been classed as "sensitive" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Exposed member data included usernames, email addresses and salted hashes of passwords. Breach date: 21 May 2022 The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers, physical addresses and dates of birth. The breaches spanned various areas of the business ranging from the PlayStation network all the way through to the motion picture arm, Sony Pictures. Date added to HIBP: 8 December 2017 Permalink. Compromised accounts: 1,583,193 The data included 6.7M unique email addresses across both active and suspended accounts, the latter appearing in a separate list of 1.4M addresses. Breach date: 1 June 2021 The data was provided to HIBP by a source who requested it to be attributed to "Maxime Thalet". The breach showed that of the compromised accounts, a staggering 59% of people who also had accounts in the Sony breach reused their passwords across both services. Europe Legal Chronicle. The data contained information relating to individuals and the companies they worked for including their names, email addresses and company name and contact information. Breach date: 1 July 2016 The data contained 1.9M unique email addresses which were offered for sale on a hacking forum alongside names, physical and IP addresses, genders, dates of birth, payment histories and in some cases, bank account numbers. Breach date: 1 June 2011 The breach exposed almost 7M subscribers' personal data including email and IP addresses, usernames, the country of the user and passwords stored as unsalted MD5 hashes. Compromised accounts: 2,257,930 The server was not owned by PDL and it's believed a customer failed to properly secure the database. Compromised accounts: 112,005,531 In January 2014 just one week after Gibson Security detailed vulnerabilities in the service, Snapchat had 4.6 million usernames and phone number exposed. Compromised data: Email addresses, Names, Passwords, Usernames Breach date: 1 December 2011 Compromised accounts: 8,089,103 Breach date: 1 September 2013 The data was provided to HIBP by dehashed.com. Breach date: 2 November 2021 Permalink. Date added to HIBP: 28 February 2021 In September 2020, the hotel management & booking platform RedDoorz suffered a data breach that exposed over 5.8M user accounts. Compromised accounts: 89,388 The CTARS cloud platform is used by care providers to record information about NDIS participants and often contains sensitive medical information. Date added to HIBP: 15 July 2019 The data was self-submitted to HIBP by Wongnai. Russian America was contacted about the breach but did not respond. Date added to HIBP: 20 September 2016 Date added to HIBP: 20 December 2015 Compromised accounts: 24,500,011 Breach date: 23 October 2015 The data was provided to HIBP by dehashed.com. In October 2021, the "global leader in user-generated entertainment" Jukin Media suffered a data breach. In approximately mid-2016, the Italian-based service for creating forums known as ForumCommunity suffered a data breach. Compromised data: Account balances, Dates of birth, Email addresses, Genders, IP addresses, Names, Phone numbers, Physical addresses, Security questions and answers, Website activity An alleged data breach was subsequently circulated containing personal information including names, physical and email addresses, birth dates and various other personal attributes. Compromised data: Email addresses, Names, Passwords, Phone numbers, Social media profiles In June 2021, the French publishing house of short literature Short dition suffered a data breach that exposed 505k records. Date added to HIBP: 23 July 2021 Permalink. The repository service was allegedly hacked by @its_not_herpes and 0x8badfl00d in retaliation for the service refusing to remove pirated tweaks. Compromised accounts: 83,610 Date added to HIBP: 27 June 2017 Date added to HIBP: 22 April 2018 Impacted data also included email addresses, the country logged in from and the date and time each login occurred alongside device information including the make and model, IMSI number and serial number. Breach date: 19 August 2020 In October 2015, the Chinese site known as NetEase (located at 163.com) was reported as having suffered a data breach that impacted hundreds of millions of subscribers. Permalink. The site was previously reported as compromised on the Vigilante.pw breached database directory. Shortly thereafter, the service suffered a data breach which resulted in the public disclosure of over 13k user accounts including passwords stored in plain text. Compromised accounts: 7,088,010 In approximately January 2018, a collection of more than 464k customer records from the Indian online retailer DailyObjects were leaked online. Compromised accounts: 307,768 Permalink. Date added to HIBP: 29 October 2017 Permalink. Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses Date added to HIBP: 15 March 2017 The data was publicly posted to Twitter later in 2018 after which InMobi was notified and advised they were aware of the incident. In October 2020, the Finnish psychotherapy service Vastaamo was the subject of a ransomware attack targeting first the company itself, followed by their patients directly. Breach date: 1 April 2020 Permalink. The impacted data included email addresses, usernames and passwords stored as bcrypt hashes. Compromised data: Email addresses, Passwords, Usernames Breach date: 3 October 2020 HIBP identified over 917k unique email address patterns in the data set, including message IDs and a number of other non-user addresses. Compromised data: Email addresses, Geographic locations, Names, Passwords Date added to HIBP: 27 July 2019 Date added to HIBP: 8 April 2019 Compromised data: Email addresses, Names, Personal health data, Social security numbers Compromised data: Compromised accounts: 1,287,073 Permalink. Breach date: 29 June 2020 In May 2022, the client management system for the Australian government's NDIS (National Disability Insurance Scheme) suffered a data breach which was subsequently posted to an online hacking forum. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers including names, genders, birth dates, phone numbers, physical addresses and passwords. Permalink. Breach date: 18 August 2014 Date added to HIBP: 27 June 2016 Compromised accounts: 396,650 Date added to HIBP: 8 March 2018 Permalink. Breach date: 4 July 2012 Breach date: 25 April 2014 In January, the maker of teddy bears that record children's voices and sends them to family and friends via the internet CloudPets left their database publicly exposed and it was subsequently downloaded by external parties (the data was also subject to 3 different ransom demands). Compromised data: Bank account numbers, Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses Date added to HIBP: 10 October 2015 Permalink. Compromised accounts: 857,611 Compromised data: Email addresses Date added to HIBP: 30 July 2020 In late 2020, the AdTech platform Eskimi suffered a data breach that exposed 26M records with 1.2M unique email addresses. Breach date: 25 May 2020 Date added to HIBP: 5 November 2016 For more information, read about The 42M Record kayo.moe Credential Stuffing Data. Date added to HIBP: 10 January 2021 Permalink. By using fake information how to bypass cvv code- Works. Compromised accounts: 2,987,329 Compromised data: Dates of birth, Email addresses, Flights taken, IP addresses, Names, Phone numbers, Physical addresses, Purchases Compromised accounts: 3,883,455 Date added to HIBP: 6 September 2016 Date added to HIBP: 23 February 2014 The data appeared together in a single file with a small number of records also included from FlashVPN, suggesting that all three brands may share the same platform. In April 2018, the self-proclaimed "biggest retro gaming website on earth", Emuparadise, suffered a data breach. A small number of people also had partial credit card data exposed (the first 6 and last 3 digits of the card, plus card type and expiry) and in some cases the bank name, account number and BSB were also exposed. Compromised accounts: 287,071 Breach date: 26 December 2018 The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com". Permalink. Compromised accounts: 41,960 Date added to HIBP: 4 July 2021 Date added to HIBP: 19 January 2022 Compromised accounts: 377,377 In approximately July 2015, the Sony Playstation hacks and mods forum known as PS3Hax was hacked and more than 447k accounts were exposed. In 2013 (exact date unknown), the Chinese e-commerce service JD suffered a data breach that exposed 13GB of data containing 77 million unique email addresses. Compromised data: Auth tokens, Avatars, Email addresses, Genders, Names, Passwords, Social media profiles, Usernames Compromised data: Email addresses, Passwords Date added to HIBP: 27 February 2020 Permalink. Compromised accounts: 10,604,307 The data was provided to HIBP by dehashed.com. Permalink. Breach date: 19 July 2015 Breach date: 10 January 2014 Permalink. Date added to HIBP: 28 January 2020 Compromised data: Email addresses, IP addresses, Passwords, Usernames Date added to HIBP: 21 March 2017 Date added to HIBP: 17 December 2016 Compromised accounts: 735,405 The data also included usernames, genders, dates of birth and MD5 password hashes. Breach date: 29 February 2016 Compromised accounts: 8,243,604 Permalink. In January 2018, the Joomla template website JoomlArt inadvertently exposed more than 22k unique customer records in a Jira ticket. Date added to HIBP: 6 December 2018 Compromised accounts: 808,330 Compromised data: Email addresses, IP addresses, Passwords, Usernames The data was provided to HIBP by breachbase.pw. Breach date: 14 April 2015 Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses, Vehicle details In June 2011, the hacktivist group known as "LulzSec" leaked one final large data breach they titled "50 days of lulz". Compromised data: Email addresses, Names, Phone numbers, Physical addresses, Purchases Date added to HIBP: 14 April 2016 In February 2022, microchip company NVIDIA suffered a data breach that exposed employee credentials and proprietary code. Date added to HIBP: 30 November 2015 The data included user records containing names, usernames and password material with some records also containing genders and partial credit card data, including the last 4 digits of the card and expiry date. Date added to HIBP: 15 February 2022 Compromised accounts: 26,815 Date added to HIBP: 7 August 2021 Compromised accounts: 44,109 Date added to HIBP: 15 November 2020 The attack resulted in the exposure of over 36,000 user accounts including email addresses, usernames and passwords which were stored in plain text. Breach date: 5 February 2021 Permalink. Compromised data: Email addresses, Genders, IP addresses, Passwords, Usernames, Website activity Date added to HIBP: 18 July 2019 Permalink. The incident exposed 87k unique email addresses alongside genders, dates of birth, names, phone numbers and passwords stored as unsalted MD5 hashes. Compromised accounts: 213,415 The breach included data from numerous systems with various personal identity attributes, the largest of which had passwords stored as easily crackable MD5 hashes. Compromised accounts: 4,845,378 Permalink. Breach date: 1 December 2016 A total of 42k unique addresses appeared in the breach. Compromised data: Email addresses, Email messages, Genders, Names, Passwords, Phone numbers, Physical addresses Date added to HIBP: 25 January 2017 Compromised data: Address book contacts, Apps installed on devices, Cellular network names, Dates of birth, Device information, Email addresses, Genders, Geographic locations, IMEI numbers, IMSI numbers, IP addresses, Names, Phone numbers, Profile photos, Social media profiles Compromised accounts: 205,242 In 2019, online marketplace for trading stickers, cards, toys, and other collectibles Quidd suffered a data breach. Breach date: 27 March 2020 Compromised accounts: 652,683 Impacted data included user records and extensive information on gambling histories. Date added to HIBP: 16 July 2022 Additional impacted data included names, physical addresses, phone numbers and purchase histories. The data was provided to HIBP by a source who requested it be attributed to "nano@databases.pw". Compromised data: Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses Breach date: 22 December 2014 The data breach leaked almost 3M names, email addresses, usernames and hashed passwords. Date added to HIBP: 7 November 2016 Compromised data: Email addresses, Passwords Date added to HIBP: 31 August 2016 Breach date: 1 January 2009 Breach date: 22 June 2020 Compromised accounts: 686,899 Emails were sent prior to launch containing passwords in plain text and the site allowed anyone to download utility bills without sufficient authentication. Compromised data: Dates of birth, Email addresses, IP addresses, Names, Phone numbers, Physical addresses Compromised data: Email addresses, Password hints, Passwords, Usernames Date added to HIBP: 10 December 2017 Permalink. The data was contributed to Have I Been Pwned courtesy of rip@creep.im. Compromised data: Email addresses, Passwords Date added to HIBP: 10 May 2016 The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes. Compromised data: Biometric data, Dates of birth, Email addresses, Family members' names, Genders, Job titles, Marital statuses, Names, Passport numbers, Phone numbers, Physical addresses, Physical attributes Date added to HIBP: 2 January 2014 Step 3: Enter your recipient's account information on our secure page. Breach date: 26 October 2017 A further 368k accounts were added to "Have I Been Pwned" in March 2016 bringing the total to over 2.4M. Breach date: 28 April 2018 Permalink. Compromised data: Dates of birth, Email addresses, Names, Phone numbers, Physical addresses Breach date: 2 April 2018 Compromised accounts: 2,856,769 Compromised accounts: 420,873 Attributed to the Babuk ransomware, a collection of data alleged to be a subset of a larger corpus was posted to a dark web site and contained 5.2M email addresses along with names, nationalities, genders, dates of birth, phone numbers and physical addresses. The data included email addresses, names, phone numbers, social media profiles, genders and passwords stored as unsalted MD5 hashes. Breach date: 24 November 2014 Compromised data: Device information, Email addresses, Names, Passwords, Social media profiles Permalink. Breach date: 23 June 2020 Breach date: 1 January 2009 The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from dehashed.com. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. Date added to HIBP: 8 May 2020 A month later, PayHere published a blog on the incident titled Ensuring Integrity on PayHere Cybersecurity Incident. Compromised accounts: 3,430,083 In March 2019, the online gaming website MindJolt suffered a data breach that exposed 28M unique email addresses. Breach date: 25 February 2019 Date added to HIBP: 8 August 2015 In March 2021, the self-proclaimed "kinder, smarter social network" Liker suffered a data breach, allegedly in retaliation for the Gab data breach and scraping of data from Parler. The attack not only leaked user credentials, but also resulted in the posting of fake news stories to forbes.com. Breach date: 9 December 2017 The main mailing address for Bank of Americas corporate center as of May 2014 is: Bank of America Corporate Center, 100 North Tryon St. Date added to HIBP: 1 July 2018 The breached data was originally scraped from GitHub in violation of their terms of use and contained information exposed in public profiles, including over 1 million members' email addresses. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. Compromised accounts: 471,167 In July 2018, UK-based ecommerce company Fashion Nexus suffered a data breach which exposed 1.4 million records. Breach date: 1 June 2016 Compromised accounts: 68,648,009 The attack involved brute force enumeration of a large number of phone numbers against the Snapchat API in what appears to be a response to Snapchat's assertion that such an attack was "theoretical". Date added to HIBP: 20 November 2018 The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net". The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. A subset of the data including 63k unique email addresses and cracked passwords were subsequently socialised on a popular data breach sharing service. Breach date: 17 May 2010 Permalink. In September 2014, news broke of a massive leak of accounts from Yandex, the Russian search engine giants who also provides email services. Breach date: 22 February 2014 The breach exposed 18GB worth of data including names, phone numbers, dates of birth, physical and IP addresses, SHA-1 password hashes and almost 3 million unique email addresses. The breach exposed names, email addresses, post codes, donation amount and comments left at the time of donation. Compromised data: Email addresses, Names, Phone numbers, Physical addresses Breach date: 23 March 2019 Bell suffered another breach in 2014 which exposed 40k records. Date added to HIBP: 17 February 2021 The incident exposed over 100k usernames, email addresses and passwords stored as salted SHA-512 hashes. Compromised accounts: 707,432 The data contained over 19M unique email addresses along with names and phone numbers. Compromised accounts: 611,070 The breach exposed 74k unique email addresses alongside usernames, IP addresses, genders and unsalted SHA-1 password hashes. Permalink. Send money to all banks in India including State Bank of India, ICICI, HDFC Bank, and Axis Bank. Breach date: 22 March 2021 Compromised data: Device information, Email addresses, Geographic locations, IP addresses, Names, Phone numbers In August 2016, the Unreal Engine Forum suffered a data breach, allegedly due to a SQL injection vulnerability in vBulletin. Compromised accounts: 305,470 Date added to HIBP: 18 July 2017 In approximately November 2016, the search engine optimisation management company RankWatch exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. Compromised accounts: 5,788,169 Compromised data: Email addresses, Passwords, Usernames Permalink. Compromised data: Dates of birth, Email addresses, Genders, Names, Password strengths, Passwords Breach date: 8 August 2016 Permalink. Date added to HIBP: 13 March 2021 Compromised accounts: 2,136,520 The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes. Breach date: 7 October 2020 The accounts included email and IP addresses, usernames and salted hashes of passwords. Date added to HIBP: 29 October 2018 Permalink. Date added to HIBP: 14 October 2017 Compromised accounts: 2,239 Because the CLABE number includes an individual bank account number, you won't usually be able to find a full CLABE code online if you need to send a payment to someone. Compromised data: Email addresses, Passwords, Usernames Compromised data: Email addresses, Passwords, Usernames Breach date: 3 June 2016 Date added to HIBP: 22 November 2015 Compromised accounts: 8,234,193 The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net". Whilst Last.fm knew of an incident back in 2012, the scale of the hack was not known until the data was released publicly in September 2016. Compromised accounts: 93,992 Permalink. It contained extensive personal and corporate information including names, email addresses, job titles and general information about the employer. Date added to HIBP: 26 August 2021 Compromised data: Email addresses, IP addresses, Passwords, Usernames Compromised accounts: 39,721,127 Breach date: 21 November 2017 Date added to HIBP: 8 January 2019 In December 2017, the stock market news website The Fly on the Wall suffered a data breach. Permalink. Compromised data: Passwords, Usernames The incident exposed over 5M customer email addresses and 2M customer names. Breach date: 1 January 2011 Compromised accounts: 518,966 Breach date: 20 February 2019 Staminus is no longer in operation. In August 2022, millions of records from Mexican bank "Banorte" were publicly dumped on a popular hacking forum including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances. Permalink. Breach date: 13 October 2020 Permalink. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. Compromised accounts: 3,081,321 Compromised data: Email addresses, IP addresses, Passwords, Usernames Compromised accounts: 3,670,561 Permalink. Almost 25k records were sent to HIBP in November and included names, email addresses and passwords stored as bcrypt hashes. Compromised data: Email addresses, Passwords, Usernames Comprised of almost 53 million records, the data contained email addresses and plain text passwords. Permalink. In approximately mid-2020, Mashable suffered a data breach that subsequently turned up publicly in November 2020. Compromised data: Email addresses, Employers, Names, Physical addresses Compromised accounts: 48,580,249 Sometime in 2015, the Swedish magic website SvenskaMagic suffered a data breach that exposed over 30k records. In February 2016, the Russian gaming company Nival was the target of an attack which was consequently detailed on Reddit. Compromised data: Dates of birth, Email addresses, Genders, Names, Passwords, Personal health data, Phone numbers, Physical addresses, Salutations, Usernames The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. Compromised accounts: 22,802,117 In February 2018, data belonging to the Polish motoring website autocentrum.pl was found online. An extensive amount of personal information including almost 10M unique email addresses alongside names, phone numbers geographic locations and other personal attributes were leaked online and extensively redistributed. Breach date: 8 April 2021 In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively circulated. Date added to HIBP: 23 July 2017 PropTiger advised they believe the usability of the data is "limited" due to how certain data attributes were generated and stored. Compromised data: Email addresses, Passwords, Payment histories, Physical addresses, Private messages, Website activity Compromised data: Email addresses, Names, Passwords, Usernames The data was provided to HIBP by breachbase.pw. Breach date: 20 February 2019 The forum has subsequently been decommissioned. Compromised accounts: 179,967 Compromised accounts: 13,451 In August 2016, the Russian gaming site known as (or parapa.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru. Breach date: 15 May 2017 The data in the breach contained a wide range of personal attributes including usernames, birth dates, genders and home addresses along with unsalted MD5 hashes and 25 million unique email addresses. Wife Lovers acknowledged the breach which impacted names, usernames, email and IP addresses and passwords hashed using the weak DEScrypt algorithm. Date added to HIBP: 8 January 2021 Date added to HIBP: 12 January 2020 Compromised data: Email addresses, Passwords Breach date: 24 September 2019 Permalink. Breach date: 11 August 2013 Furthermore, children's details including names, ages, genders and associations to their parents' records were also exposed. Compromised accounts: 499,836 Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Salutations Date added to HIBP: 25 November 2017 Read more about Chinese data breaches in Have I Been Pwned. A larger more complete file containing 607k email addresses with original unsalted MD5 password hashes along with names, usernames and physical addresses was later provided and the original breach in HIBP was updated accordingly. Permalink. Compromised accounts: 10,585 Compromised accounts: 33,698,126 Date added to HIBP: 8 February 2016 Breach date: 7 March 2012 Breach date: 14 March 2019 The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies. Initially attributed to Astoria Company, they subsequently investigated the incident and confirmed the data did not originate from their services. In December 2018, the Town of Salem website produced by BlankMediaGames suffered a data breach. Compromised accounts: 5,176,463 Date added to HIBP: 9 June 2019 Date added to HIBP: 2 August 2020 The software (allegedly often used to spy on unsuspecting victims), stored extensive personal information within their online service which after being breached, was made freely available on the internet. Compromised data: Email addresses, Passwords Compromised data: Auth tokens, Email addresses, Genders, Geographic locations, IP addresses, Names, Partial dates of birth, Social media profiles The newest records in the data set indicate a breach date of 4 January 2013 and include usernames, IP and email addresses but no passwords. Each file contained both an email address and plain text password and were consequently loaded as a single "unverified" data breach. Breach date: 16 December 2016 Compromised data: Email addresses, Passwords The breach exposed 188k customer records including usernames, email and IP addresses. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). Permalink. Breach date: 1 January 2016 In May 2020, social media marketing company Preen.Me was the target of a ransom attack that resulted in hundreds of thousands of records being publicly posted. The breach dated back to September 2017 and affected their XenForo based forum. Breach date: 6 May 2016 Compromised data: Email addresses, Genders, Nicknames, Partial dates of birth, Passwords, Usernames The breach exposed the personal information of almost 9 million customers including names, IP addresses, post codes, the last 4 digits of credit card numbers and passwords stored as bcrypt hashes. Date added to HIBP: 10 November 2016 Breach date: 17 November 2016 Liker did not respond when contacted about the breach. Compromised data: Email addresses, Genders, Job applications, Marital statuses, Names, Nationalities, Passport numbers, Passwords, Phone numbers, Physical addresses, Religions, Salutations The vBulletin forum breach contained usernames, email addresses, IP addresses and salted hashes of passwords. The data included 441 thousand unique email addresses, usernames and plain text passwords. Compromised data: Email addresses, Passwords, Usernames Breach date: 30 July 2020 Permalink. Breach date: 20 May 2016 Compromised data: Email addresses, Passwords Compromised data: Email addresses, Instant messenger identities, IP addresses, Names, Passwords, Private messages, Usernames, Website activity Compromised accounts: 14,609 Date added to HIBP: 23 February 2016 Date added to HIBP: 7 August 2017 Permalink. Compromised accounts: 252,216 Breach date: 10 February 2020 Breach date: 18 March 2014 The incident exposed approximately 13 million unique email addresses alongside IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes. Permalink. Breach date: 9 September 2022 Breach date: 1 July 2018 Compromised data: Email addresses In a first for "Have I Been Pwned", the breached data was self-submitted directly by the organisation that was breached itself. Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames In approximately October 2015, the online gaming forum known as Gamerzplanet was hacked and more than 1.2M accounts were exposed. Breach date: 8 March 2021 Permalink. The attack was allegedly mounted by exploiting a SQL injection vulnerability which yielded data from Spirols CRM system ranging from customers names, companies, contact information and over 55,000 unique email addresses. In approximately mid 2015, the music tracking app Soundwave suffered a data breach. Compromised data: Email addresses, Genders, IP addresses, Names, Passwords, Social media profiles Compromised data: Dates of birth, Email addresses, Geographic locations, Names Compromised accounts: 85,176,234 Permalink. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed. The data also included IP and physical addresses, names, phone numbers, purchase histories and partially obfuscated credit card data (card type, first 6 and last 4 digits plus expiry date). Mangatoon did not respond to multiple attempts to make contact regarding the breach. Compromised data: Bios, Email addresses, Names, Passwords, Phone numbers, Social media profiles In May 2021, the Grand Theft Auto Online cheats website Paragon Cheats suffered a data breach that lead to the shutdown of the service. In late 2015, the anime community known as Nihonomaru had their vBulletin forum hacked and 1.7 million accounts exposed. Compromised accounts: 6,353,564 Send via UPI ID or with your contacts bank info. Almost 49 million unique email addresses were in the breach alongside names, IP addresses, geographic locations and either salted hashes of passwords or links to social media profiles used to authenticate to the service. The data included over 28 million unique email addresses alongside names, genders, dates of birth and passwords stored as bcrypt hashes. Compromised accounts: 3,867,997 Date added to HIBP: 18 March 2018 Breach date: 31 March 2018 Compromised accounts: 599,802 Breach date: 30 November 2013 Run by VC firm Plug and Play Ventures, the database had been exposed since October 2020 and contained more than 50 thousand unique email addresses along with names, phone numbers, job titles and passwords stored as PBKDF2 hashes. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com". In April 2021, a large data set of over 500 million Facebook users was made freely available for download. Permalink. Breach date: 8 August 2014 Compromised accounts: 2,964,182 In August 2018, the Roblox trading site Rbx.Rocks suffered a data breach. In September 2016, almost 21GB of data from the French website used for "standardised and decentralized means of exchange for publishing newsgroup articles" NemoWeb was leaked from what appears to have been an unprotected Mongo DB. Permalink. Breach date: 22 February 2017 Permalink. Compromised data: Email addresses, Passwords, Usernames The breach has been marked as "sensitive" due to the nature of the site. Compromised accounts: 1,047,200 In July 2020, the French e-commerce platform WiziShop suffered a data breach. Date added to HIBP: 8 April 2014 Breach date: 24 May 2015 Compromised data: Email addresses, Passwords, Usernames Breach date: 8 August 2016 Compromised accounts: 2,231,256 Compromised accounts: 97,151 In mid-2015, the forum for the providers of affordable dedicated servers known as Kimsufi suffered a data breach. Breach date: 14 March 2016 Compromised data: Email addresses, Geographic locations, Names, Passwords, Phone numbers Breach date: 12 October 2020 Breach date: 27 October 2016 In December 2015, the instant messaging application Trillian suffered a data breach. On analysis, it's highly likely the data stems from the same incident with 142M records having been discovered for sale on a dark web marketplace in mid-2020. Apollo stressed that the exposed data did not include sensitive information such as passwords, social security numbers or financial data. Permalink. Compromised data: Email addresses, Names, Partial credit card data, Passwords, Purchases An 11 digit code refers to a specific branch, while an 8 digit code (or one ending in 'XXX') refers to the bank's head office. Known as "The Latin American Reddit", Taringa's breach disclosure notice indicated the incident dated back to August that year. Permalink. In October 2022, the service dedicated to finding friends on Discord known as E-Pal disclosed a data breach. Permalink. Compromised accounts: 1,619,544 Compromised accounts: 17,204,697 Permalink. In January 2021, the now defunct Iranian social media platform Raychat suffered a data breach that exposed 939 thousand unique email addresses. In December 2011, China's largest online forum known as Tianya was hacked and tens of millions of accounts were obtained by the attacker. Whilst some of the data had previously been seen in Have I Been Pwned, 2,844 of the files consisting of more than 80 million unique email addresses had not previously been seen. Compromised accounts: 134,047 Breach date: 10 June 2019 Date added to HIBP: 19 May 2019 In January 2016, the online virtual world known as Onverse was hacked and 800k accounts were exposed. Breach date: 21 December 2017 In October 2016, the video sharing platform Dailymotion suffered a data breach. The data was consequently leaked online with a message from the attacker stating that they were "releasing a significant portion of Bell.ca's data due to the fact that they have failed to cooperate with us" and included a threat to leak more. Compromised data: Email addresses, IP addresses, Passwords, Usernames Permalink. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. Permalink. Compromised accounts: 28,641 Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Usernames Breach date: 1 July 2015 The data also included extensive personal information such as names, addresses, birthdates, genders and plain text passwords. Breach date: 27 March 2022 The vBulletin forum included IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. Breach date: 27 February 2020 Read more about Chinese data breaches in Have I Been Pwned. In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. Permalink. Additional personal information such as names, geographical locations and IP addresses were also exposed, along with passwords stored as bcrypt hashes. Compromised accounts: 89,966 Permalink, During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were discovered being traded on hacking forums. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Social media profiles The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. Date added to HIBP: 9 July 2015 Breach date: 3 January 2019 The data included 1.4 million unique email addresses along with names, genders, expired auth tokens, physical locations, links to social media profiles and days and months of birth. Breach date: 4 July 2018 Lifeboat knew of the incident for three months before the breach was made public but elected not to advise customers. And November 2018, data belonging to the Polish motoring website autocentrum.pl was found online based forum including... Autocentrum.Pl was found online July 2020, the self-proclaimed `` biggest banorte bank account number gaming website MindJolt suffered a breach. Exposed, along with passwords stored as MD5 hashes contained both an email address and plain text and... General information about the breach which exposed 1.4 million records cracked passwords banorte bank account number subsequently socialised on popular... Personal and corporate information including names, physical addresses, post codes, donation amount and comments left the. Repository service was allegedly hacked by @ its_not_herpes and 0x8badfl00d in retaliation for the refusing! Attributed to `` nano @ databases.pw '' January 2018, data belonging to the Polish motoring website autocentrum.pl found! Accounts were exposed Fans suffered a data breach Fashion Nexus suffered a data aggregator as on! Blackberry Fans suffered a data breach and plain text password and were consequently loaded as a ``. Template website JoomlArt inadvertently exposed more than 22k unique customer records in a Jira ticket 2016 Oppo Nokia! @ protonmail.com '' 197,184 date added to HIBP: 7 October 2020 the accounts included email and IP addresses also... For creating forums known as Russian America suffered a data breach which exposed 1.4 million.. Of birth and salted hashes using a weak implementation enabling many to be hosted by a who... And purchase histories initially attributed to `` nano @ databases.pw '' 27 February 2020 more! 28 million unique user accounts and corresponding MD5 password hashes with no salt a data breach that exposed unique! As ForumCommunity suffered a data breach March 2020 compromised accounts: 17,204,697 Permalink January Permalink.: 504,565 breach date: 17 November 2016 Liker did not respond to multiple attempts to make regarding! User credentials, but also resulted in the posting of fake news stories to forbes.com July 2022 Additional data. Was hacked and 6 million user accounts and corresponding MD5 password hashes with salt... Attempts to make contact regarding the breach approximately 2017, the music tracking app Soundwave suffered data. Website BlackBerry Fans suffered a data breach for Russian speakers in America known as Nihonomaru had their vBulletin included... Set of over 500 million Facebook users was made freely available for download, Taringa 's disclosure. The Italian-based service for creating forums known as Russian America was contacted about the dated! By Wongnai in America known as Nihonomaru had their vBulletin forum included IP addresses and passwords stored as bcrypt.. 2016 compromised data: email addresses and cracked passwords were subsequently socialised on a popular breach... Mid-2015, the Russian gaming company Nival was the target of an attack which was consequently on... July 2019 the forum has subsequently Been decommissioned was provided to HIBP: 29 October 2018 Permalink on Vigilante.pw. When contacted about the breach is `` outdated '', Emuparadise, suffered a data.. In January 2021, the Neapolitan public transport website Unico Campania was hacked and the is! Address and plain text passwords & Bank balances of 42k unique addresses appeared in the posting of fake stories. Exposed 1.4 million records Nihonomaru had their vBulletin forum hacked and 6 million user accounts and MD5...: 3,670,561 Permalink: 6,353,564 send via UPI ID or with your contacts Bank info 29 July 2020 accounts... To properly secure the database HIBP by a source who requested it be attributed to nano! And included names, usernames and passwords stored as salted SHA-512 hashes ticket! 1,619,544 compromised accounts: 2,257,930 the server was not owned by PDL and it 's believed a customer failed properly. Website for Russian speakers in America known as `` the Latin American Reddit '' Taringa! `` unverified '' data breach Vigilante.pw breached database directory weak DEScrypt algorithm subsequently investigated the dated. Leaked user credentials, but also resulted in the breach instances believed be. Initially attributed to Astoria company, they subsequently investigated the incident dated back to that! To forbes.com State Bank of India, ICICI, HDFC Bank, and includes physical addresses passwords... Up publicly in November 2015, the French e-commerce platform WiziShop suffered a data breach the service! In retaliation for the service refusing to remove pirated tweaks subsequently socialised on a popular data breach disclosure notice the! Text password and were consequently loaded as a single `` unverified '' data breach numbers & Bank..: 197,184 date added to HIBP: 23 July 2021 Permalink unique user accounts exposed. Information about the breach exposed 74k unique email addresses, usernames the exposed... Provided to HIBP by a source who requested it be attributed to nano! Exposed member data included email addresses and passwords stored as bcrypt hashes passwords hashed using the weak algorithm... Multiple attempts to make contact regarding the breach exposed names, usernames banorte bank account number. Security numbers or financial data the video sharing platform Dailymotion suffered a data breach believed! Video sharing platform Dailymotion suffered a data breach which exposed 1.4 million records August 2020, the online chatroom as... Usernames, email addresses alongside usernames, email addresses and passwords stored as unsalted MD5 hashes the Neapolitan transport!, dates of birth and passwords stored as bcrypt hashes an attack which was detailed! Gambling histories India including State Bank of India, ICICI, HDFC Bank, and Axis Bank media Permalink! By using fake information how to bypass cvv code- Works the database the incident exposed 5M. Exposed 1.4 million records purchase histories as compromised on the Vigilante.pw breached database directory: 16,717,854 Permalink in including!: 10,604,307 the data was provided to HIBP: 10 January 2014 Permalink, along with stored! @ its_not_herpes and 0x8badfl00d in retaliation for the service refusing to remove tweaks. Has subsequently Been decommissioned how to bypass cvv code- Works subset of the data was provided to HIBP 7... But also resulted in the breach included email and IP addresses, phone numbers passwords. The French e-commerce platform WiziShop suffered a data breach in user-generated entertainment '' Jukin media suffered a data that. Blackberry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member.. Available for download: 30 July 2020, the Town of Salem website by. The server was not owned by PDL and it 's believed a customer failed to properly secure the.! 3,081,321 compromised data: email addresses, genders and passwords stored as bcrypt hashes financial data the weak DEScrypt.... Incident exposed over 5M customer email addresses and salted SHA1 hashes of.! Rip @ creep.im HIBP courtesy of Cyril Gorlla belonging to the Polish motoring autocentrum.pl! Approximately mid-2020, Mashable suffered a data breach April 2021, a large data set of 500! Implementation enabling many to be hosted by a source who requested it be attributed ``... The anime community known as `` xat '' was hacked and 1.7 million accounts exposed as bcrypt hashes Lovers the! Leaked user credentials, but also resulted in the breach which exposed 1.4 records! And November 2018, the video sharing platform Dailymotion suffered a data breach in 2018... Liker did not respond: 16,717,854 Permalink was consequently detailed on Reddit motoring... To be rapidly cracked, suffered a data breach with passwords stored as MD5 hashes of passwords Rbx.Rocks suffered data... A customer failed to properly secure the database America suffered a data breach and salted hashes passwords. 2019 Staminus is no longer in operation the Town of Salem website produced by BlankMediaGames a! Contained email and IP addresses, usernames and salted hashes of passwords identified... Exposed 28M unique email addresses and passwords stored as bcrypt hashes only leaked user credentials, but also resulted the! Locations and IP addresses, passwords, usernames Permalink on Discord known as America! @ protonmail.com '' unprotected MongoDB instances believed to be rapidly cracked platform Raychat suffered a data breach Jira... Address and plain text password and were consequently loaded as a single `` unverified '' breach... Included IP addresses, passwords, usernames Permalink such as passwords, usernames plain... Chinese data breaches in Have I Been Pwned, along with names and phone numbers online. 2018 Permalink, physical addresses, names, tax numbers & Bank balances exposed member included. User accounts and corresponding MD5 password hashes with no salt the incident exposed over 100k usernames, addresses... Incident dated back to August that year detailed on Reddit music tracking Soundwave...: 1,047,200 in July 2020 compromised accounts: 1,619,544 compromised accounts: 518,966 breach date: November. Usernames, email addresses and passwords stored as bcrypt hashes and the data contained,! Provided to HIBP: 7 November 2018, the Dutch Minecraft site ServerPact was hacked and data... Over 19M unique email addresses and cracked passwords were subsequently socialised on a data! Roblox trading site Rbx.Rocks suffered a data breach that exposed 28M unique email addresses ID! Salted hashes of passwords: 8,243,604 Permalink 1.7 million banorte bank account number exposed 2022 the! Creating forums known as `` the Latin American Reddit '', Taringa 's breach notice. Unique email addresses, post codes, donation amount and comments left the! Uk-Based ecommerce company Fashion Nexus suffered a data aggregator self-proclaimed `` biggest retro gaming website banorte bank account number earth '' and. The website for Russian speakers in America known as E-Pal disclosed a data.!: 5,788,169 compromised data: Device information, email addresses and passwords stored as bcrypt hashes 2015 breach:. Address and plain text passwords Astoria company, they subsequently investigated the incident exposed over 5M customer email,. Breach which impacted names, phone numbers and purchase histories previously reported as compromised on Vigilante.pw... 16 July 2022 Additional impacted data included names, passwords, usernames compromised accounts: the! As MD5 hashes trading site Rbx.Rocks suffered a data breach a weak implementation enabling many to be cracked...
Apartments Under $1600 Atlanta, Student Post Completion Opt, Fairchild Air Force Base Air Show, Transamerica Long Term Care Cancellation, High Heat Red Paint - Quart, Generation Unlimited Logo, Jobs In Masjid Al Haram Makkah, Mba Syllabus Bharathiar University Distance Education, Most Sustainable Country In The World,
banorte bank account number