Latest Breach Information

Below is a list of the last 25 known data breaches and any information we may have about them.


IndiaMART

Added Date: 8/27/2021
Breach Date: 5/23/2021
Updated Date: 8/27/2021
Breach Count: 20,154,583
Content: Email addresses, Names, Phone numbers, Physical addresses
Domain: indiamart.com

Description:

In August 2021, 38 million records from Indian e-commerce company IndiaMART were found being traded on a popular hacking forum. Dated several months earlier, the data included over 20 million unique email addresses alongside names, phone numbers and physical addresses. It's unclear whether IndiaMART intentionally exposed the data attributes as part of the intended design of the platform or whether the data was obtained by exploiting a vulnerability in the service.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Imavex

Added Date: 8/26/2021
Breach Date: 8/20/2021
Updated Date: 8/26/2021
Breach Count: 878,209
Content: Email addresses, Genders, Names, Partial credit card data, Passwords, Phone numbers, Physical addresses, Purchases, Usernames
Domain: imavex.com

Description:

In August 2021, the website development company Imavex suffered a data breach that exposed 878 thousand unique email addresses. The data included user records containing names, usernames and password material with some records also containing genders and partial credit card data, including the last 4 digits of the card and expiry date. Hundreds of thousands of form submissions and orders via Imavex customers were also exposed and contained further personal information of submitters and the contents of the form.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

SubaGames

Added Date: 8/25/2021
Breach Date: 11/1/2016
Updated Date: 8/25/2021
Breach Count: 6,137,666
Content: Email addresses, Passwords, Usernames
Domain: subagames.com

Description:

In November 2016, the game developer Suba Games suffered a data breach which led to the exposure of 6.1M unique email addresses. Impacted data also included usernames and passwords, most of which appeared circulating in the breached file in plain text after being cracked from salted MD5 hashes. The data was provided to HIBP by dehashed.com.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Eatigo

Added Date: 8/24/2021
Breach Date: 10/16/2018
Updated Date: 8/24/2021
Breach Count: 2,789,609
Content: Email addresses, Genders, Names, Passwords, Phone numbers, Social media profiles
Domain: eatigo.com

Description:

In October 2018, the restaurant reservation service Eatigo suffered a data breach that exposed 2.8 million accounts. The data included email addresses, names, phone numbers, social media profiles, genders and passwords stored as unsalted MD5 hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

OrderSnapp

Added Date: 8/7/2021
Breach Date: 6/29/2020
Updated Date: 8/7/2021
Breach Count: 1,304,447
Content: Dates of birth, Email addresses, Names, Passwords, Phone numbers
Domain: ordersnapp.com

Description:

In June 2020, the restaurant solutions provider OrderSnapp suffered a data breach which exposed 1.3M unique email addresses. Impacted data also included names, phone numbers, dates of birth and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

MMG Fusion

Added Date: 8/7/2021
Breach Date: 12/20/2020
Updated Date: 8/7/2021
Breach Count: 2,660,295
Content: Appointments, Dates of birth, Email addresses, Genders, Marital statuses, Names, Passwords, Phone numbers, Physical addresses
Domain: mmgfusion.com

Description:

In December 2020, the dental practice management service MMG Fusion was the victim of a data breach which exposed 2.6M unique email addresses. The data also included patient appointments, names, phone numbers, dates of birth, genders and physical addresses. A small number of records also included passwords stored as bcrypt hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Audi

Added Date: 7/23/2021
Breach Date: 8/14/2019
Updated Date: 7/23/2021
Breach Count: 2,743,539
Content: Dates of birth, Driver's licenses, Email addresses, Names, Phone numbers, Physical addresses, Social security numbers, Vehicle details
Domain: audiusa.com

Description:

In August 2019, Audi USA suffered a data breach after a vendor left data unsecured and exposed on the internet. The data contained 2.7M unique email addresses along with names, phone numbers, physical addresses and vehicle information including VIN. In a disclosure statement from Audi, they also advised some customers had driver's licenses, dates of birth, social security numbers and other personal information exposed.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Guntrader

Added Date: 7/21/2021
Breach Date: 7/17/2021
Updated Date: 7/21/2021
Breach Count: 112,031
Content: Browser user agent details, Email addresses, Geographic locations, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Salutations
Domain: guntrader.uk

Description:

In July 2021, the United Kingdom based website Guntrader suffered a data breach that exposed 112k unique email addresses. Extensive personal information was also exposed including names, phone numbers, geolocation data, IP addresses and various physical address attributes (cities for all users, complete addresses for some). Passwords stored as bcrypt hashes were also exposed.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Short Édition

Added Date: 7/18/2021
Breach Date: 6/26/2021
Updated Date: 7/18/2021
Breach Count: 505,466
Content: Dates of birth, Email addresses, Genders, Names, Passwords, Phone numbers, Physical addresses, Social media profiles, Usernames
Domain: short-edition.com

Description:

In June 2021, the French publishing house of short literature Short Édition suffered a data breach that exposed 505k records. Impacted data included email and physical addresses, names, usernames, phone numbers, dates of birth, genders and passwords stored as either salted SHA-1 or salted SHA-512 hashes. Short Édition self-submitted the impacted data to HIBP.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Vastaamo

Added Date: 7/16/2021
Breach Date: 3/31/2019
Updated Date: 8/27/2021
Breach Count: 30,433
Content: Email addresses, Names, Personal health data, Social security numbers
Domain: vastaamo.fi

Description:

In October 2020, the Finnish psychotherapy service Vastaamo was the subject of a ransomware attack targeting first the company itself, followed by their patients directly. The original security incident dates back to a period between late 2018 and early 2019 and exposed data including 30k unique email addresses, names, social security numbers and notes on individuals' psychotherapy sessions. This breach has been flagged as "sensitive" and is only searchable by owners of the email addresses and domains exposed in the incident.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Raychat

Added Date: 7/3/2021
Breach Date: 1/31/2021
Updated Date: 7/3/2021
Breach Count: 938,981
Content: Browser user agent details, Email addresses, IP addresses, Names, Passwords
Domain: raychat.ir

Description:

In January 2021, the now defunct Iranian social media platform Raychat suffered a data breach that exposed 939 thousand unique email addresses. The data included names, IP addresses, browser user agent strings and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Teespring

Added Date: 6/25/2021
Breach Date: 4/1/2020
Updated Date: 6/25/2021
Breach Count: 8,234,193
Content: Email addresses, Geographic locations, Names, Social media profiles
Domain: teespring.com

Description:

In April 2020, the custom printed apparel website Teespring suffered a data breach that exposed 8.2 million customer records. The data included email addresses, names, geographic locations and social media IDs.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

yotepresto.com

Added Date: 6/25/2021
Breach Date: 6/22/2020
Updated Date: 6/25/2021
Breach Count: 1,444,629
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: yotepresto.com

Description:

In June 2020, the Mexican lending platform yotepresto.com suffered a data breach. Over 1.4 million customers were impacted by the breach which disclosed email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

University of California

Added Date: 6/20/2021
Breach Date: 12/24/2020
Updated Date: 7/3/2021
Breach Count: 547,422
Content: Dates of birth, Education levels, Email addresses, Ethnicities, Genders, Job titles, Names, Phone numbers, Physical addresses, Social security numbers
Domain: universityofcalifornia.edu

Description:

In December 2020, the University of California suffered a data breach due to vulnerability in in a third-party provider, Accellion. The breach exposed extensive personal data on both students and staff including 547 thousand unique email addresses, names, dates of birth, genders, social security numbers, ethnicities and other academic related data attributes. Further analysis is available in Exploring the Impact of the UC Data Breach. The data was provided to HIBP courtesy of Cyril Gorlla.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Fotolog

Added Date: 6/14/2021
Breach Date: 12/1/2018
Updated Date: 6/14/2021
Breach Count: 16,717,854
Content: Email addresses, Passwords, Usernames
Domain: fotolog.com

Description:

In December 2018, the photo sharing social network Fotolog suffered a data breach that exposed 16.7 million unique email addresses. The data also included usernames and unsalted SHA-256 password hashes. The site was dissolved the following year and repurposed as a news website based in Brcko, Bosnia and Herzegovina.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Nameless Malware

Added Date: 6/9/2021
Breach Date: 1/1/2020
Updated Date: 6/9/2021
Breach Count: 1,121,484
Content: Email addresses
Domain: n/a

Description:

In January 2021, NordLocker provided HIBP 1.1 million email addresses collected by nameless malware. The malware campaign ran between 2018 and 2020 and infected 3.25 million computers, stealing files, credentials and taking screenshots and photos using the computer's webcam. Read more in NordLocker's writeup about the Nameless malware that stole 1.2 TB of private data.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Domino's India

Added Date: 6/2/2021
Breach Date: 3/24/2021
Updated Date: 6/19/2021
Breach Count: 22,527,655
Content: Email addresses, Names, Phone numbers, Physical addresses, Purchases
Domain: dominos.co.in

Description:

In April 2021, 13TB of compromised Domino's India appeared for sale on a hacking forum after which the company acknowledged a major data breach they dated back to March. The compromised data included 22.5 million unique email addresses, names, phone numbers, order histories and physical addresses.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

JD

Added Date: 6/2/2021
Breach Date: 1/1/2013
Updated Date: 6/2/2021
Breach Count: 77,449,341
Content: Email addresses, Passwords, Phone numbers, Usernames
Domain: jd.com

Description:

In 2013 (exact date unknown), the Chinese e-commerce service JD suffered a data breach that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

MobiFriends

Added Date: 5/22/2021
Breach Date: 1/6/2020
Updated Date: 5/22/2021
Breach Count: 3,512,952
Content: Dates of birth, Email addresses, Genders, Passwords, Usernames
Domain: mobifriends.com

Description:

In January 2020, the Barcelona-based dating app MobiFriends suffered a data breach that exposed 3.5 million unique email addresses. The data also included usernames, genders, dates of birth and MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Moneycontrol

Added Date: 5/22/2021
Breach Date: 9/7/2017
Updated Date: 5/22/2021
Breach Count: 762,874
Content: Email addresses, Genders, Geographic locations, Passwords, Phone numbers
Domain: moneycontrol.com

Description:

In April 2021, hackers posted data for sale originating from the online Indian financial platform, Moneycontrol. The data included 763 thousand unique email addresses (allegedly a subset of a larger 40 million account breach), alongside geographic locations, phone numbers, genders, dates of birth and plain text passwords. The date of the original breach is unclear, although the breached data indicates the file was created in September 2017 and Moneycontrol has stated that the breach is "an old data set".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

























Account Search

This site simply searches online databases of compromised account information in an attempt to help you keep your accounts safe and secure. We do not actually have or store any information -- including the usernames and email addresses you enter above.

Share This!


Make a Donation To Keep Us Running