Latest Breach Information
Below is a list of the last 25 known data breaches and any information we may have about them.
Le Slip Français
| Added Date: |
4/18/2024 |
| Breach Date: |
4/13/2024 |
| Updated Date: |
4/18/2024 |
| Breach Count: |
1,495,127 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
leslipfrancais.fr |
Description:
In April 2024, the French underwear maker Le Slip Français suffered a data breach. The breach included 1.5M email addresses, physical addresses, names and phone numbers.
Verified: 
,
Fabricated: 
,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Giant Tiger
| Added Date: |
4/12/2024 |
| Breach Date: |
3/4/2024 |
| Updated Date: |
4/12/2024 |
| Breach Count: |
2,842,669 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
gianttiger.com |
Description:
In March 2024, Canadian discount store Giant Tiger suffered a data breach that exposed 2.8M customer records. Attributed to a vendor of the retailer, the breach included physical and email addresses, names and phone numbers.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Salvadoran Citizens
| Added Date: |
4/10/2024 |
| Breach Date: |
4/2/2024 |
| Updated Date: |
4/10/2024 |
| Breach Count: |
946,989 |
| Content: |
Dates of birth, Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses, Profile photos |
| Domain: |
n/a |
Description:
In April 2024, nearly 6 million records of Salvadoran citizens were published to a popular hacking forum. The data included names, dates of birth, phone numbers, physical addresses and nearly 1M unique email addresses. Further, over 5M corresponding profile photos were also included in the breach.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Kaspersky Club
| Added Date: |
4/9/2024 |
| Breach Date: |
3/24/2024 |
| Updated Date: |
4/9/2024 |
| Breach Count: |
55,971 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
kasperskyclub.ru |
Description:
In March 2024, the independent fan forum Kaspersky Club suffered a data breach. The incident exposed 56k unique email addresses alongside usernames, IP addresses and passwords stored as either MD5 or bcrypt hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
boAt
| Added Date: |
4/8/2024 |
| Breach Date: |
3/25/2024 |
| Updated Date: |
4/8/2024 |
| Breach Count: |
7,528,985 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
boat-lifestyle.com |
Description:
In March 2024, the Indian audio and wearables brand boAt suffered a data breach that exposed 7.5M customer records. The data included physical and email address, names and phone numbers, all of which were subsequently published to a popular clear web hacking forum.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
SurveyLama
| Added Date: |
4/2/2024 |
| Breach Date: |
2/1/2024 |
| Updated Date: |
4/2/2024 |
| Breach Count: |
4,426,879 |
| Content: |
Dates of birth, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses |
| Domain: |
surveylama.com |
Description:
In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already "notified the users by email".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Pandabuy
| Added Date: |
4/1/2024 |
| Breach Date: |
3/31/2024 |
| Updated Date: |
4/1/2024 |
| Breach Count: |
1,348,407 |
| Content: |
Email addresses, IP addresses, Names, Phone numbers, Physical addresses |
| Domain: |
pandabuy.com |
Description:
In March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to "Sanggiero" and "IntelBroker".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Washington State Food Worker Card
| Added Date: |
3/30/2024 |
| Breach Date: |
11/17/2022 |
| Updated Date: |
3/30/2024 |
| Breach Count: |
1,594,305 |
| Content: |
Dates of birth, Driver's licenses, Email addresses, Geographic locations, Names |
| Domain: |
foodworkercard.wa.gov |
Description:
In June 2023, the Tacoma-Pierce County Health Department announced a data breach of their Washington State Food Worker Card online training system. The breach was published to a popular hacking forum the year before and dated back to a 2018 database backup. Included in the data were 1.6M unique email addresses along with names, post codes, dates of birth and approximately 9.5k driver's licence numbers.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
England Cricket
| Added Date: |
3/28/2024 |
| Breach Date: |
3/23/2024 |
| Updated Date: |
3/28/2024 |
| Breach Count: |
43,299 |
| Content: |
Email addresses, Passwords |
| Domain: |
ecb.co.uk |
Description:
In March 2024, English Cricket's icoachcricket website suffered a data breach that exposed over 40k records. The data included email addresses and passwords stored as either bcrypt hashes, salted MD5 hashes or both. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Exvagos
| Added Date: |
3/28/2024 |
| Breach Date: |
7/21/2022 |
| Updated Date: |
3/28/2024 |
| Breach Count: |
2,121,789 |
| Content: |
Dates of birth, Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
exvagos.org |
Description:
In July 2022, the direct download website Exvagos suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
GSM Hosting
| Added Date: |
3/27/2024 |
| Breach Date: |
8/1/2016 |
| Updated Date: |
3/27/2024 |
| Breach Count: |
2,607,440 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
gsmhosting.com |
Description:
In August 2016, breached data from the vBulletin forum for GSM-Hosting appeared for sale alongside dozens of other hacked services. The breach impacted 2.6M users of the service and included email and IP addresses, usernames and salted MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
SwordFantasy
| Added Date: |
3/26/2024 |
| Breach Date: |
1/20/2017 |
| Updated Date: |
3/26/2024 |
| Breach Count: |
2,690,657 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
swordfantasy.com |
Description:
In January 2019, the now defunct MMO and RPG game SwordFantasy suffered a data breach that exposed 2.7M unique email addresses. Other impacted data included username, IP address and salted MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
MediaWorks
| Added Date: |
3/22/2024 |
| Breach Date: |
3/15/2023 |
| Updated Date: |
3/22/2024 |
| Breach Count: |
162,710 |
| Content: |
Dates of birth, Email addresses, Genders, Phone numbers, Physical addresses |
| Domain: |
mediaworks.co.nz |
Description:
In March 2024, millions of rows of data from the New Zealand media company MediaWorks was publicly posted to a popular hacking forum. The incident exposed 163k unique email addresses provided by visitors who filled out online competitions and included names, physical addresses, phone numbers, dates of birth, genders and the responses to questions in the competition. Some victims of the breach subsequently received ransom demands requesting payment to have their data deleted.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
AT&T
| Added Date: |
3/19/2024 |
| Breach Date: |
8/20/2021 |
| Updated Date: |
3/30/2024 |
| Breach Count: |
49,102,176 |
| Content: |
Dates of birth, Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses |
| Domain: |
n/a |
Description:
In March 2024, tens of millions of records allegedly breached from AT&T were posted to a popular hacking forum. Dating back to August 2021, the data was originally posted for sale before later being freely released. At the time, AT&T maintained that there had not been a breach of their systems and that the data originated from elsewhere. 12 days later, AT&T acknowledged that data fields specific to them were in the breach and that it was not yet known whether the breach occurred at their end or that of a vendor. AT&T also proceeded to reset customer account passcodes, an indicator that there was sufficient belief passcodes had been compromised. The incident exposed names, email and physical addresses, dates of birth, phone numbers and US social security numbers.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
ClickASnap
| Added Date: |
3/12/2024 |
| Breach Date: |
9/24/2022 |
| Updated Date: |
3/12/2024 |
| Breach Count: |
3,262,980 |
| Content: |
Email addresses, Names, Passwords, Physical addresses, Purchases, Social media profiles, Usernames |
| Domain: |
clickasnap.com |
Description:
In September 2022, the online photo sharing platform ClickASnap suffered a data breach. The incident exposed almost 3.3M personal records including email addresses, usernames and passwords stored as SHA-512 hashes. Further, a collection of paid subscriptions were also included and contained names, physical addresses and amounts paid.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Flipkart
| Added Date: |
3/12/2024 |
| Breach Date: |
9/2/2022 |
| Updated Date: |
3/12/2024 |
| Breach Count: |
552,094 |
| Content: |
Email addresses, Geographic locations, Names, Phone numbers |
| Domain: |
flipkart.com |
Description:
In September 2022, over 500k customer records from the Indian e-commerce service Flipkart appeared on a popular hacking forum. The breach exposed email addresses, latitudes and longitudes, names and phone numbers.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Habib's
| Added Date: |
3/9/2024 |
| Breach Date: |
8/5/2021 |
| Updated Date: |
3/9/2024 |
| Breach Count: |
3,517,679 |
| Content: |
Dates of birth, Email addresses, IP addresses, Names, Phone numbers, Social media profiles |
| Domain: |
habibs.com.br |
Description:
In August 2021, the Brazilian fast food company "Habib's" suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 3.5M unique email addresses along with IP addresses, names, phone numbers, dates of birth and links to social media profiles.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
APK.TW
| Added Date: |
3/8/2024 |
| Breach Date: |
9/3/2022 |
| Updated Date: |
3/8/2024 |
| Breach Count: |
2,451,197 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
apk.tw |
Description:
In September 2022, the Taiwanese Android forum APK.TW suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.5M unique email addresses along with IP addresses, usernames and salted MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Online Trade (Онлайн Трейд)
| Added Date: |
3/7/2024 |
| Breach Date: |
9/19/2022 |
| Updated Date: |
3/7/2024 |
| Breach Count: |
3,805,265 |
| Content: |
Dates of birth, Email addresses, IP addresses, Names, Passwords, Phone numbers |
| Domain: |
onlinetrade.ru |
Description:
In September 2022, the Russian e-commerce website Online Trade (Онлайн Трейд) suffered a data breach that exposed 3.8M customer records. The data included email and IP addresses, names, phone numbers, dates of birth and MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
WoTLabs
| Added Date: |
3/6/2024 |
| Breach Date: |
3/3/2024 |
| Updated Date: |
3/6/2024 |
| Breach Count: |
21,994 |
| Content: |
Dates of birth, Email addresses, IP addresses, Time zones, Usernames |
| Domain: |
wotlabs.net |
Description:
In March 2024, WoTLabs (World of Tanks Statistics and Resources) suffered a data breach and website defacement attributed to "chromebook breachers". The breach exposed 22k forum members' personal data including email and IP addresses, usernames, dates of birth and time zones.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List: