Latest Breach Information

Below is a list of the last 25 known data breaches and any information we may have about them.


Not Acxiom

Added Date: 11/22/2022
Breach Date: 6/21/2020
Updated Date: 11/22/2022
Breach Count: 51,730,831
Content: Email addresses, IP addresses, Names, Phone numbers, Physical addresses
Domain: n/a

Description:

In 2020, a corpus of data containing almost a quarter of a billion records spanning over 400 different fields was misattributed to database marketing company Acxiom and subsequently circulated within the hacking community. On review, Acxiom concluded that "the claims are indeed false and that the data, which has been readily available across multiple environments, does not come from Acxiom and is in no way the subject of an Acxiom breach". The data contained almost 52M unique email addresses.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Get Revenge On Your Ex

Added Date: 11/14/2022
Breach Date: 9/9/2022
Updated Date: 11/14/2022
Breach Count: 79,195
Content:
Domain: getrevengeonyourex.com

Description:

In September 2022, the revenge website Get Revenge On Your Ex suffered a data breach that exposed almost 80k unique email addresses. The data spanned both customers and victims including names, IP and physical addresses, phone numbers, purchase histories and plain text passwords. The data was subsequently shared on a public hacking forum, Get Revenge On Your Ex did not reply when contacted.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

GGCorp

Added Date: 11/8/2022
Breach Date: 8/11/2022
Updated Date: 11/8/2022
Breach Count: 2,376,330
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: ggcorp.me

Description:

In August 2022, the MMORPG website GGCorp suffered a data breach that exposed almost 2.4M unique email addresses. The data also included IP addresses, usernames and MD5 password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Lolzteam

Added Date: 11/5/2022
Breach Date: 5/13/2018
Updated Date: 11/5/2022
Breach Count: 398,011
Content: Email addresses, Usernames
Domain: lolzteam.net

Description:

In May 2018, the Russian hacking forum Lolzteam suffered a data breach that exposed 400k members. The impacted data included usernames and email addresses which were later redistributed via another hacking forum. The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Doomworld

Added Date: 10/24/2022
Breach Date: 10/12/2022
Updated Date: 10/24/2022
Breach Count: 34,478
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: doomworld.com

Description:

In October 2022, the Doomworld fourm suffered a data breach that exposed 34k member records. The data included email and IP addresses, usernames and bcrypt password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

E-Pal

Added Date: 10/23/2022
Breach Date: 4/15/2022
Updated Date: 10/23/2022
Breach Count: 108,887
Content: Email addresses, Purchases, Usernames
Domain: epal.gg

Description:

In October 2022, the service dedicated to finding friends on Discord known as E-Pal disclosed a data breach. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Wakanim

Added Date: 10/6/2022
Breach Date: 8/28/2022
Updated Date: 10/6/2022
Breach Count: 6,706,951
Content: Browser user agent details, Email addresses, IP addresses, Names, Physical addresses, Usernames
Domain: wakanim.tv

Description:

In August 2022, the European streaming service Wakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Bhinneka

Added Date: 10/6/2022
Breach Date: 1/27/2020
Updated Date: 10/6/2022
Breach Count: 1,274,340
Content: Dates of birth, Email addresses, Genders, Names, Passwords, Phone numbers, Physical addresses
Domain: bhinneka.com

Description:

In early 2020, the Indonesian consumer electronics website Bhinneka suffered a data breach that exposed almost 1.3M customer records. The data included email and physical addresses, names, genders, dates of birth, phone numbers and salted password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

TAP Air Portugal

Added Date: 9/23/2022
Breach Date: 8/25/2022
Updated Date: 9/23/2022
Breach Count: 5,067,990
Content: Dates of birth, Email addresses, Genders, Names, Nationalities, Phone numbers, Physical addresses, Salutations, Spoken languages
Domain: flytap.com

Description:

In August 2022, the Portuguese airline TAP Air Portugal was the target of a ransomware attack perpetrated by the Ragnar Locker gang who later leaked the compromised data via a public dark web site. Over 5M unique email addresses were exposed alongside other personal data including names, genders, DoBs, phone numbers and physical addresses.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Brand New Tube

Added Date: 9/8/2022
Breach Date: 8/14/2022
Updated Date: 9/8/2022
Breach Count: 349,627
Content: Email addresses, Genders, IP addresses, Passwords, Private messages, Usernames
Domain: brandnewtube.com

Description:

In August 2022, the streaming website Brand New Tube suffered a data breach that exposed the personal information of almost 350k subscribers. The impacted data included email and IP addresses, usernames, genders, passwords stored as unsalted SHA-1 hashes and private messages.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Stripchat

Added Date: 8/31/2022
Breach Date: 11/5/2021
Updated Date: 8/31/2022
Breach Count: 10,001,355
Content: Email addresses, IP addresses, Usernames
Domain: stripchat.com

Description:

In November 2021, the live sex cams and adult chat website Stripchat left several databases exposed and unsecured. In June the following year, over 10M Stripchat records appeared on a popular hacking forum. The exposed data included usernames, email addresses and IP addresses.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

START

Added Date: 8/29/2022
Breach Date: 6/1/2021
Updated Date: 8/29/2022
Breach Count: 7,455,386
Content: Email addresses, Geographic locations, Names, Passwords
Domain: start.film

Description:

In August 2022, news broke of an attack against the Russian streaming service "START". The incident led to the exposure of 44M records containing 7.4M unique email addresses. The impacted data also included the subscriber's country and password hash. START subsequently acknowledged the incident in a Telegram post and stated that the data dated back to 2021.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Banorte

Added Date: 8/18/2022
Breach Date: 8/18/2014
Updated Date: 8/18/2022
Breach Count: 2,107,000
Content: Account balances, Email addresses, Genders, Government issued IDs, Names, Phone numbers, Physical addresses
Domain: banorte.com

Description:

In August 2022, millions of records from Mexican bank "Banorte" were publicly dumped on a popular hacking forum including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances. Banorte have stated that the data is "outdated", although have not yet indicated how far back it dates to. Anecdotal feedback from HIBP subscribers suggests the data may date back 8 years to 2014.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

SitePoint

Added Date: 8/17/2022
Breach Date: 6/20/2020
Updated Date: 8/17/2022
Breach Count: 1,021,790
Content: Bios, Email addresses, IP addresses, Names, Passwords, Usernames
Domain: sitepoint.com

Description:

In June 2020, the web development site SitePoint suffered a data breach that exposed over 1M customer records. Impacted data included email and IP addresses, names, usernames, bios and passwords stored as bcrypt hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Shitexpress

Added Date: 8/16/2022
Breach Date: 8/8/2022
Updated Date: 8/16/2022
Breach Count: 23,817
Content: Email addresses, IP addresses, Names, Physical addresses, Private messages, Purchases
Domain: shitexpress.com

Description:

In August 2022, the online faeces delivery service Shitexpress suffered a data breach that exposed 24k unique email addresses. The addresses spanned invoices, gift cards, promotions and PayPal records. The breach also exposed the IP and email addresses of senders, physical addresses of recipients and messages accompanying the shit delivery.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Twitter

Added Date: 8/12/2022
Breach Date: 1/1/2022
Updated Date: 8/12/2022
Breach Count: 6,682,453
Content: Bios, Email addresses, Geographic locations, Names, Phone numbers, Profile photos, Usernames
Domain: twitter.com

Description:

In January 2022, a vulnerability in Twitter's platform allowed an attacker to build a database of the email addresses and phone numbers of millions of users of the social platform. In a disclosure notice later shared in August 2022, Twitter advised that the vulnerability was related to a bug introduced in June 2021 and that they are directly notifying impacted customers. The impacted data included either email address or phone number alongside other public information including the username, display name, bio, location and profile photo. The data included 6.7M unique email addresses across both active and suspended accounts, the latter appearing in a separate list of 1.4M addresses.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

QuestionPro

Added Date: 8/4/2022
Breach Date: 5/21/2022
Updated Date: 8/5/2022
Breach Count: 22,229,637
Content: Browser user agent details, Email addresses, IP addresses, Survey results
Domain: questionpro.com

Description:

In May 2022, the survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IP addresses, browser user agents and results relating to surveys. QuestionPro would not confirm whether a breach had occurred (although they did confirm they were the target of an extortion attempt), so the data was initially flagged as "unverified". Subsequent verification by impacted HIBP subscribers later led to the removal of the unverified flag.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Tuned Global

Added Date: 8/2/2022
Breach Date: 3/16/2016
Updated Date: 8/2/2022
Breach Count: 985,586
Content: Email addresses, Names, Passwords, Phone numbers, Physical addresses
Domain: tunedglobal.com

Description:

In January 2021, data from a number of breached services including Tuned Global were released to a public hacking forum. The breach appears to date back to 2016 and includes 985k records containing email addresses, names, a small number of physical addresses and phone numbers and passwords stored in plain text.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Mecho Download

Added Date: 8/1/2022
Breach Date: 10/31/2013
Updated Date: 8/1/2022
Breach Count: 437,928
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: mechodownload.com

Description:

In October 2013, the (now defunct) downloads website "Mecho Download" suffered a data breach that exposed 438k records. Data from the vBulletin based website included email and IP addresses, usernames and passwords stored as salted MD5 hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Battlefy

Added Date: 7/28/2022
Breach Date: 1/11/2016
Updated Date: 7/28/2022
Breach Count: 83,610
Content: Email addresses, Passwords, Usernames
Domain: battlefy.com

Description:

In January 2016, the esports website Battlefy suffered a data breach that exposed 83k customer records. The impacted data included email addresses, usernames and passwords stored as bcrypt hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

























Account Search

This site simply searches online databases of compromised account information in an attempt to help you keep your accounts safe and secure. We do not actually have or store any information -- including the usernames and email addresses you enter above.

Share This!


Make a Donation To Keep Us Running