Latest Breach Information
Below is a list of the last 25 known data breaches and any information we may have about them.
Operation Endgame 2.0
| Added Date: |
5/23/2025 |
| Breach Date: |
6/23/2025 |
| Updated Date: |
5/23/2025 |
| Breach Count: |
15,436,844 |
| Content: |
Email addresses, Passwords |
| Domain: |
n/a |
Description:
In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier, with the latest action resulting in 15.3M victim email addresses being provided to HIBP by law enforcement. A further 43.8M victim passwords were also provided for HIBP's Pwned Passwords service.
Verified: 
,
Fabricated: 
,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Fédération Francaise de Rugby
| Added Date: |
5/22/2025 |
| Breach Date: |
7/6/2023 |
| Updated Date: |
5/23/2025 |
| Breach Count: |
281,977 |
| Content: |
Dates of birth, Email addresses, Names, Phone numbers |
| Domain: |
ffr.fr |
Description:
In June 2023, the Fédération Francaise de Rugby (French Rugby Federation) suffered a data breach and attempted ransom. The breach exposed 282k unique email addresses along with names, dates of birth and phone numbers. The Federation subsequently published a disclosure notice and stated that the attack primarily affected email servers. The data was provided to HIBP by a source who requested it be attributed to "atix".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
OnRPG
| Added Date: |
5/8/2025 |
| Breach Date: |
7/1/2016 |
| Updated Date: |
5/8/2025 |
| Breach Count: |
1,047,640 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
onrpg.com |
Description:
In July 2016, the now defunct free online games list website OnRPG suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed just over 1M email and IP addresses alongside usernames and passwords stored as salted MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
TehetségKapu
| Added Date: |
5/1/2025 |
| Breach Date: |
3/26/2025 |
| Updated Date: |
5/1/2025 |
| Breach Count: |
54,357 |
| Content: |
Email addresses, Names, Usernames |
| Domain: |
tehetsegkapu.hu |
Description:
In March 2025, almost 55k records were breached from the Hungarian education office website TehetségKapu. The data was subsequently published to a popular hacking forum and included email addresses, names and usernames.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Samsung Germany Customer Tickets
| Added Date: |
4/12/2025 |
| Breach Date: |
3/30/2025 |
| Updated Date: |
4/13/2025 |
| Breach Count: |
216,333 |
| Content: |
Email addresses, Names, Physical addresses, Purchases, Salutations, Shipment tracking numbers, Support tickets |
| Domain: |
samsung.de |
Description:
In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses along with names, physical addresses, items purchased from Samsung Germany and related support tickets and shipping tracking numbers.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Qraved
| Added Date: |
4/9/2025 |
| Breach Date: |
7/9/2021 |
| Updated Date: |
4/9/2025 |
| Breach Count: |
984,519 |
| Content: |
Dates of birth, Email addresses, Names, Passwords, Phone numbers |
| Domain: |
qraved.com |
Description:
In July 2021, the Indonesian restaurant website Qraved suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed almost 1M unique email addresses along with names, phone numbers, dates of birth and passwords stored as MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Boulanger
| Added Date: |
4/8/2025 |
| Breach Date: |
9/6/2024 |
| Updated Date: |
4/10/2025 |
| Breach Count: |
2,077,078 |
| Content: |
Email addresses, Geographic locations, Names, Phone numbers, Physical addresses |
| Domain: |
boulanger.com |
Description:
In September 2024, French electronics retailer Boulanger suffered a data breach that exposed over 27M rows of data. The data included 2M unique email addresses along with names, physical addresses, phone numbers and latitude and longitude. The data was later publicly published to a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to "leidhall".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
German Doner Kebab
| Added Date: |
3/30/2025 |
| Breach Date: |
3/27/2025 |
| Updated Date: |
3/30/2025 |
| Breach Count: |
162,373 |
| Content: |
Email addresses, Names, Phone numbers, Physical addresses |
| Domain: |
germandonerkebab.com |
Description:
In March 2025, data allegedly sourced from German Doner Kebab was published on a popular hacking forum. The data included 162k unique email addresses alongside names, phone numbers and physical addresses. German Doner Kebab subsequently sent a disclosure notice to impacted individuals.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Troy Hunt's Mailchimp List
| Added Date: |
3/25/2025 |
| Breach Date: |
3/25/2025 |
| Updated Date: |
3/29/2025 |
| Breach Count: |
16,627 |
| Content: |
Email addresses, Geographic locations, IP addresses |
| Domain: |
troyhunt.com |
Description:
In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog. The exported list contained 16k email addresses and other data automatically collected by Mailchimp including IP address and a derived latitude, longitude and time zone.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
SpyX
| Added Date: |
3/19/2025 |
| Breach Date: |
6/24/2024 |
| Updated Date: |
3/19/2025 |
| Breach Count: |
1,977,011 |
| Content: |
Device information, Email addresses, Geographic locations, IP addresses, Passwords |
| Domain: |
spyx.com |
Description:
In June 2024, spyware maker SpyX suffered a data breach that exposed almost 2M unique email addresses. The breach also exposed IP addresses, countries of residence, device information and 6-digit PINs in the password field. Further, a collection of iCloud credentials likely used to monitor targets directly via the cloud were also in the breach and contained the target's email address and plain text Apple password.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Lexipol
| Added Date: |
3/18/2025 |
| Breach Date: |
2/11/2025 |
| Updated Date: |
3/18/2025 |
| Breach Count: |
672,546 |
| Content: |
Email addresses, Names, Passwords, Phone numbers, Usernames |
| Domain: |
lexipol.com |
Description:
In February 2025, the public safety policy management systems company Lexipol suffered a data breach. Attributed to the self-proclaimed "Puppygirl Hacker Polycule", the breach exposed an extensive number of documents and user records which were subsequently published publicly. The breach included over 670k unique email addresses in the user records, along with names, phone numbers, system-generated usernames and passwords stored as either MD5 or SHA-256 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Color Dating
| Added Date: |
3/2/2025 |
| Breach Date: |
9/5/2018 |
| Updated Date: |
3/2/2025 |
| Breach Count: |
220,503 |
| Content: |
Bios, Dates of birth, Email addresses, Geographic locations, Names, Passwords, Profile photos |
| Domain: |
colordatingapp.com |
Description:
In September 2018, the dating app to match people with different ethnicities Color Dating suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 220k unique email addresses along with bios, names, profile photos and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to "ANK (Veles)".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Flat Earth Sun, Moon and Zodiac App
| Added Date: |
3/1/2025 |
| Breach Date: |
10/15/2024 |
| Updated Date: |
3/1/2025 |
| Breach Count: |
33,294 |
| Content: |
Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Usernames |
| Domain: |
flatearthdave.com |
Description:
In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Spyzie
| Added Date: |
2/27/2025 |
| Breach Date: |
2/22/2024 |
| Updated Date: |
2/27/2025 |
| Breach Count: |
518,643 |
| Content: |
Email addresses |
| Domain: |
spyzie.io |
Description:
In February 2025, the spyware service Spyzie suffered a data breach along with sibling spyware services, Spyic and Cocospy. The Spyzie breach alone exposed almost 519k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Orange Romania
| Added Date: |
2/26/2025 |
| Breach Date: |
2/24/2025 |
| Updated Date: |
2/26/2025 |
| Breach Count: |
556,557 |
| Content: |
Email addresses, Partial credit card data, Phone numbers |
| Domain: |
orange.ro |
Description:
In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone number]@as1.romtelecom.net), phone numbers, subscription details, partial credit card data (type, last 4 digits, expiration date and issuing bank). The breach also exposed an extensive number of internal documents.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
ALIEN TXTBASE Stealer Logs
| Added Date: |
2/25/2025 |
| Breach Date: |
2/15/2025 |
| Updated Date: |
2/25/2025 |
| Breach Count: |
284,132,969 |
| Content: |
Email addresses, Passwords |
| Domain: |
n/a |
Description:
In February 2025, 23 billion rows of stealer logs were obtained from a Telegram channel known as ALIEN TXTBASE. The data contained 284M unique email addresses alongside the websites they were entered into and the passwords used. This data is now searchable in HIBP by both email domain and the domain of the target website.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Spyic
| Added Date: |
2/20/2025 |
| Breach Date: |
2/14/2025 |
| Updated Date: |
2/20/2025 |
| Breach Count: |
875,999 |
| Content: |
Email addresses |
| Domain: |
spyic.com |
Description:
In February 2025, the spyware service Spyic suffered a data breach along with sibling spyware service, Cocospy. The Spyic breach alone exposed almost 876k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Cocospy
| Added Date: |
2/20/2025 |
| Breach Date: |
2/14/2025 |
| Updated Date: |
2/20/2025 |
| Breach Count: |
1,798,059 |
| Content: |
Email addresses |
| Domain: |
cocospy.com |
Description:
In February 2025, the spyware service Cocospy suffered a data breach along with sibling spyware service, Spyic. The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Storenvy
| Added Date: |
2/16/2025 |
| Breach Date: |
4/4/2019 |
| Updated Date: |
2/16/2025 |
| Breach Count: |
11,052,071 |
| Content: |
Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Passwords, Usernames |
| Domain: |
storenvy.com |
Description:
In mid-2019, the e-commerce website Storenvy suffered a data breach that exposed millions of customer records. A portion of the breached records were subsequently posted to a hacking forum with cracked password hashes, whilst the entire corpus of 23M rows was put up for sale. The data contained 11M unique email addresses alongside usernames, IP addresses, the user's city, gender date of birth and original salted SHA-1 password hash.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Doxbin (TOoDA)
| Added Date: |
2/13/2025 |
| Breach Date: |
2/12/2024 |
| Updated Date: |
2/13/2025 |
| Breach Count: |
136,461 |
| Content: |
Email addresses, Usernames |
| Domain: |
doxbin.com |
Description:
In February 2025, the "doxing" website Doxbin was compromised by a group calling themselves "TOoDA" and the data dumped publicly. Included in the breach were 336k unique email addresses alongside usernames. The data was provided to HIBP by a source who requested it be attributed to "emo.rip".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List: