Latest Breach Information
Below is a list of the last 25 known data breaches and any information we may have about them.
Condo.com
| Added Date: |
7/24/2024 |
| Breach Date: |
6/1/2019 |
| Updated Date: |
7/24/2024 |
| Breach Count: |
1,481,555 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
condo.com |
Description:
In June 2019, now defunct website Condo.com suffered a data breach that was later redistributed as part of a larger corpus of data. The impacted data included 1.5M email addresses alongside names, phone numbers and for a small number of records, physical addresses.
Verified: 
,
Fabricated: 
,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Explore Talent
| Added Date: |
7/24/2024 |
| Breach Date: |
2/28/2022 |
| Updated Date: |
7/24/2024 |
| Breach Count: |
5,371,574 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
exploretalent.com |
Description:
In July 2024, a data breach attributed to Explore Talent was publicly posted to a popular hacking forum. Containing 5.7M rows with 5.4M unique email addresses, the incident has been described by various sources as occurring between early 2022 to 2023 and also contains names, phone numbers and physical addresses.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Life360
| Added Date: |
7/20/2024 |
| Breach Date: |
3/1/2024 |
| Updated Date: |
7/22/2024 |
| Breach Count: |
442,519 |
| Content: |
Email addresses, Names, Phone numbers |
| Domain: |
life360.com |
Description:
In July 2024, data scraped from a misconfigured Life360 API was posted online after being obtained several months earlier. The records included 443k unique email addresses and in most cases, corresponding names and phone numbers (some records were null or obfuscated). Life360 promptly notified impacted users after the incident was discovered.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
mSpy (2024)
| Added Date: |
7/11/2024 |
| Breach Date: |
6/9/2024 |
| Updated Date: |
7/12/2024 |
| Breach Count: |
2,394,179 |
| Content: |
Email addresses, IP addresses, Names, Photos |
| Domain: |
mspy.com |
Description:
In June 2024, a huge trove of data from spyware maker mSpy was obtained by hacktivists and published online. Comprising of 142GB of user data and support tickets along with 176GB of more than half a million attachments, the data contained 2.4M unique email addresses, IP addresses names and photos. The data was predominantly support tickets seeking help to install the spyware on target devices, whilst the attachments contained various data including screen grans of financial transactions, photos of credit cards and nude selfies.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
The Heritage Foundation
| Added Date: |
7/10/2024 |
| Breach Date: |
7/9/2024 |
| Updated Date: |
7/10/2024 |
| Breach Count: |
72,004 |
| Content: |
Email addresses, IP addresses, Names, Passwords, Usernames |
| Domain: |
heritage.org |
Description:
In July 2024, hacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal. The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the comments left) and by content contributors (along with usernames and passwords stored as either MD5 or phpass hashes).
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Neiman Marcus
| Added Date: |
7/9/2024 |
| Breach Date: |
4/14/2024 |
| Updated Date: |
7/9/2024 |
| Breach Count: |
31,152,842 |
| Content: |
Dates of birth, Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases |
| Domain: |
neimanmarcus.com |
Description:
In May 2024, the American luxury retailer Neiman Marcus suffered a data breach which was later posted to a popular hacking forum. The data included 31M unique email addresses, names, phone numbers, dates of birth, physical addresses and partial credit card data (note: this is insufficient to make purchases). The breach was traced back to a series of attacks against the Snowflake cloud service which impacted 165 organisations worldwide.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Husky Owners
| Added Date: |
7/7/2024 |
| Breach Date: |
7/4/2024 |
| Updated Date: |
7/7/2024 |
| Breach Count: |
16,502 |
| Content: |
Dates of birth, Email addresses, Time zones, Usernames |
| Domain: |
husky-owners.com |
Description:
In July 2024, the Husky Owners forum website was defaced and linked to a breach of user data containing 16k records. The exposed data included usernames, email addresses, dates of birth and time zones.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
FNTECH
| Added Date: |
7/5/2024 |
| Breach Date: |
7/4/2024 |
| Updated Date: |
7/10/2024 |
| Breach Count: |
10,386 |
| Content: |
Email addresses, IP addresses, Names |
| Domain: |
fntech.com |
Description:
In July 2024, the events management platform FNTECH suffered a data breach that exposed 10k unique email addresses. The data contained registrants from various events, including participants of the Roblox Developer Conference registration list. The data also included names and IP addresses.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Date Hot Brunettes
| Added Date: |
7/4/2024 |
| Breach Date: |
1/12/2021 |
| Updated Date: |
7/4/2024 |
| Breach Count: |
1,494,078 |
| Content: |
Bios, Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
datehotbrunettes.com |
Description:
In January 2021, the now defunct website Date Hot Brunettes which provided a service to "Date Neglected Women Who Can Keep a Secret", suffered a data breach. The incident exposed 1.5M unique email addresses along with IP addresses, usernames, user-entered bios and MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Ticketek
| Added Date: |
6/27/2024 |
| Breach Date: |
5/31/2024 |
| Updated Date: |
7/17/2024 |
| Breach Count: |
17,643,173 |
| Content: |
Dates of birth, Email addresses, Genders, Names, Passwords, Salutations |
| Domain: |
ticketek.com.au |
Description:
In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform. The following month, the data appeared for sale on a popular hacking forum and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Advance Auto Parts
| Added Date: |
6/24/2024 |
| Breach Date: |
6/5/2024 |
| Updated Date: |
6/24/2024 |
| Breach Count: |
79,243,727 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
advanceautoparts.com |
Description:
In June 2024, Advance Auto Parts confirmed they had suffered a data breach which was posted for sale to a popular hacking forum. Linked to unauthorised access to Snowflake cloud services, the breach exposed a large number of records related to both customers and employees. In total, 79M unique email addresses were included in the breach, alongside names, phone numbers, addresses and further data attributes related to company employees.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Zadig & Voltaire
| Added Date: |
6/17/2024 |
| Breach Date: |
11/16/2023 |
| Updated Date: |
6/17/2024 |
| Breach Count: |
586,895 |
| Content: |
Email addresses, Genders, Names, Phone numbers, Physical addresses |
| Domain: |
zadig-et-voltaire.com |
Description:
In June 2024, a data brach sourced from French fashion brand Zadig & Voltaire was publicly posted to a popular hacking forum. The data included names, email and physical addresses, phone numbers and genders. When contacted about the incident, Zadig & Voltaire advised the incident had occurred more than 6 months ago and that "all measures were taken quickly".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Combolists Posted to Telegram
| Added Date: |
6/3/2024 |
| Breach Date: |
5/28/2024 |
| Updated Date: |
6/11/2024 |
| Breach Count: |
361,468,099 |
| Content: |
Email addresses, Passwords, Usernames |
| Domain: |
n/a |
Description:
In May 2024, 2B rows of data with 361M unique email addresses were collated from malicious Telegram channels. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Operation Endgame
| Added Date: |
5/29/2024 |
| Breach Date: |
5/30/2024 |
| Updated Date: |
5/30/2024 |
| Breach Count: |
16,466,858 |
| Content: |
Email addresses, Passwords |
| Domain: |
n/a |
Description:
In May 2024, a coalition of international law enforcement agencies took down a series of botnets in a campaign they coined "Operation Endgame". Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
pcTattletale
| Added Date: |
5/25/2024 |
| Breach Date: |
5/25/2024 |
| Updated Date: |
7/11/2024 |
| Breach Count: |
138,751 |
| Content: |
Device information, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, SMS messages, Usernames |
| Domain: |
pctattletale.com |
Description:
In May 2024, the spyware service pcTattletale suffered a data breach that defaced the website and posted tens of gigabytes of data to the homepage, allegedly due to pcTattletale not responding to a previous security vulnerability report. The breach exposed data including membership records, infected PC names, captured messages and extensive logs of IP addresses and device information.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Dota2
| Added Date: |
5/23/2024 |
| Breach Date: |
7/10/2016 |
| Updated Date: |
5/23/2024 |
| Breach Count: |
1,907,205 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
dev.dota2.com |
Description:
In July 2016, the Dota2 official developers forum suffered a data breach that exposed almost 2 million users. The hack of the vBulletin forum led to the disclosure of email and IP addresses, usernames and passwords stored as salted MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
The Post Millennial
| Added Date: |
5/9/2024 |
| Breach Date: |
5/2/2024 |
| Updated Date: |
5/14/2024 |
| Breach Count: |
56,973,345 |
| Content: |
Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames |
| Domain: |
thepostmillennial.com |
Description:
In May 2024, the conservative news website The Post Millennial suffered a data breach. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from thousands of mailing lists alleged to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Tappware
| Added Date: |
5/8/2024 |
| Breach Date: |
4/23/2024 |
| Updated Date: |
5/8/2024 |
| Breach Count: |
94,734 |
| Content: |
Dates of birth, Email addresses, Genders, Government issued IDs, Job titles, Names, Phone numbers, Physical addresses, Religions |
| Domain: |
tappware.com |
Description:
In April 2024, a substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum. Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens including names, physical addresses, job titles, dates of birth, genders and scans of government issued national identity (NID) cards.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
MovieBoxPro
| Added Date: |
4/29/2024 |
| Breach Date: |
4/15/2024 |
| Updated Date: |
4/29/2024 |
| Breach Count: |
6,009,014 |
| Content: |
Email addresses, Usernames |
| Domain: |
movieboxpro.app |
Description:
In April 2024, over 6M records from the streaming service MovieBoxPro were scraped from a vulnerable API. Of questionable legality, the service provided no contact information to disclose the incident, although reportedly the vulnerability was rectified after being mass enumerated.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Piping Rock
| Added Date: |
4/25/2024 |
| Breach Date: |
4/24/2024 |
| Updated Date: |
4/25/2024 |
| Breach Count: |
2,103,100 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
pipingrock.com |
Description:
In April 2024, 2.1M email addresses from the online health products store Piping Rock were publicly posted to a popular hacking forum. The data also included names, phone numbers and physical addresses. The account posting the data had previously posted multiple other data breaches which all appear to have been obtained from the Shopify service used by the respective websites.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List: