Latest Breach Information
Below is a list of the last 25 known data breaches and any information we may have about them.
ShockGore
| Added Date: |
1/19/2022 |
| Breach Date: |
8/11/2020 |
| Updated Date: |
1/19/2022 |
| Breach Count: |
73,944 |
| Content: |
Email addresses, Genders, IP addresses, Passwords, Private messages, Usernames |
| Domain: |
shockgore.com |
Description:
In August 2020, the website for sharing graphic videos and images of gore and animal cruelty suffered a data breach. The breach exposed 74k unique email addresses alongside usernames, IP addresses, genders and unsalted SHA-1 password hashes. Private messages were also exposed, many containing requests for material of a depraved nature. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: 
,
Fabricated: 
,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Open Subtitles
| Added Date: |
1/18/2022 |
| Breach Date: |
8/1/2021 |
| Updated Date: |
1/18/2022 |
| Breach Count: |
6,783,158 |
| Content: |
Email addresses, Geographic locations, IP addresses, Passwords, Usernames |
| Domain: |
opensubtitles.org |
Description:
In August 2021, the subtitling website Open Subtitles suffered a data breach and subsequent ransom demand. The breach exposed almost 7M subscribers' personal data including email and IP addresses, usernames, the country of the user and passwords stored as unsalted MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Upstox
| Added Date: |
1/18/2022 |
| Breach Date: |
4/8/2021 |
| Updated Date: |
1/18/2022 |
| Breach Count: |
111,002 |
| Content: |
Bank account numbers, Dates of birth, Email addresses, Family members' names, Genders, Government issued IDs, Income levels, Marital statuses, Nationalities, Occupations, Passwords, Phone numbers, Physical addresses |
| Domain: |
upstox.com |
Description:
In April 2021, Indian brokerage firm Upstox suffered a data breach. The incident exposed extensive personal information on over 100k customers including names, genders, dates of birth, physical addresses, banking information and passwords stored as bcrypt hashes. Extensive "know your customer" information was also exposed including scans of bank statements, cheques and identity documents complete with Aadhaar numbers. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Carding Mafia (December 2021)
| Added Date: |
1/15/2022 |
| Breach Date: |
12/28/2021 |
| Updated Date: |
1/15/2022 |
| Breach Count: |
303,877 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
cardmafia.cc |
Description:
In December 2021, the Carding Mafia forum suffered a data breach that exposed over 300k members' email addresses. Dedicated to the theft and trading of stolen credit cards, the forum breach also exposed usernames, IP addresses and passwords stored as salted MD5 hashes. This breach came only 9 months after another breach of the forum in March 2021.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Aditya Birla Fashion and Retail
| Added Date: |
1/14/2022 |
| Breach Date: |
12/1/2021 |
| Updated Date: |
1/14/2022 |
| Breach Count: |
5,470,063 |
| Content: |
Email addresses, Genders, Income levels, Job titles, Marital statuses, Names, Passwords, Phone numbers, Physical addresses, Purchases, Religions, Salutations |
| Domain: |
abfrl.com |
Description:
In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed. The ransom demand was allegedly rejected and data containing 5.4M unique email addresses was subsequently dumped publicly on a popular hacking forum the next month. The data contained extensive personal customer information including names, phone numbers, physical addresses, DoBs, order histories and passwords stored as MD5 hashes. Employee data was also dumped publicly and included salary grades, marital statuses and religions. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Guns.com
| Added Date: |
1/12/2022 |
| Breach Date: |
1/12/2021 |
| Updated Date: |
1/13/2022 |
| Breach Count: |
375,928 |
| Content: |
Dates of birth, Email addresses, Names, Partial credit card data, Passwords, Phone numbers, Physical addresses, Purchases |
| Domain: |
guns.com |
Description:
In January 2021, the firearms website guns.com suffered a data breach. The breach exposed 376k unique email addresses along with names, phone numbers, physical addresses, gun purchases, partial credit card data, dates of birth and passwords stored as bcrypt hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Doxbin
| Added Date: |
1/7/2022 |
| Breach Date: |
1/5/2022 |
| Updated Date: |
1/9/2022 |
| Breach Count: |
370,794 |
| Content: |
Browser user agent details, Email addresses, Passwords, Usernames |
| Domain: |
doxbin.com |
Description:
In January 2022, the "doxing" website designed to disclose the personal information of targeted individuals ("doxes") Doxbin suffered a data breach. The breach was subsequently leaked online and included over 370k unique email addresses across user accounts and doxes. User accounts also included usernames, password hashes and browser user agents. The personal information disclosed in the doxes was often extensive including names, physical addresses, phone numbers and more.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
FlexBooker
| Added Date: |
1/6/2022 |
| Breach Date: |
12/23/2021 |
| Updated Date: |
1/6/2022 |
| Breach Count: |
3,756,794 |
| Content: |
Email addresses, Names, Partial credit card data, Passwords, Phone numbers |
| Domain: |
flexbooker.com |
Description:
In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.7 million accounts. The data included email addresses, names, phone numbers and for a small number of accounts, password hashes and partial credit card data. FlexBooker has identified the breach as originating from a compromised account within their AWS infrastructure. The data was found being actively traded on a popular hacking forum and was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
DatPiff
| Added Date: |
1/4/2022 |
| Breach Date: |
8/25/2021 |
| Updated Date: |
1/4/2022 |
| Breach Count: |
7,476,940 |
| Content: |
Email addresses, Passwords, Security questions and answers, Usernames |
| Domain: |
datpiff.com |
Description:
In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum. The data allegedly dated back to an earlier breach and in total, contained almost 7.5M email addresses and cracked password pairs. The original data source allegedly contained usernames, security questions and answers and passwords stored as MD5 hashes with a static salt.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
RedLine Stealer
| Added Date: |
12/29/2021 |
| Breach Date: |
12/5/2021 |
| Updated Date: |
1/4/2022 |
| Breach Count: |
441,657 |
| Content: |
Email addresses, Passwords, Usernames |
| Domain: |
n/a |
Description:
In December 2021, logs from the RedLine Stealer malware were left publicly exposed and were then obtained by security researcher Bob Diachenko. The data included 441 thousand unique email addresses, usernames and plain text passwords.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Protemps
| Added Date: |
12/19/2021 |
| Breach Date: |
10/4/2021 |
| Updated Date: |
12/19/2021 |
| Breach Count: |
49,591 |
| Content: |
Email addresses, Genders, Job applications, Marital statuses, Names, Nationalities, Passport numbers, Passwords, Phone numbers, Physical addresses, Religions, Salutations |
| Domain: |
protemps.com.sg |
Description:
In October 2021, the Singaporean recruitment website Protemps suffered a data breach that exposed almost 50,000 unique email addresses. The impacted data includes names, email and physical addresses, phone numbers, passport numbers and passwords stored as unsalted MD5 hashes, among troves of other jobseeker data. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Gravatar
| Added Date: |
12/5/2021 |
| Breach Date: |
10/3/2020 |
| Updated Date: |
12/7/2021 |
| Breach Count: |
113,990,759 |
| Content: |
Email addresses, Names, Usernames |
| Domain: |
gravatar.com |
Description:
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, Gravatar release an FAQ detailing the incident.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
IDC Games
| Added Date: |
11/17/2021 |
| Breach Date: |
3/15/2021 |
| Updated Date: |
11/17/2021 |
| Breach Count: |
3,966,871 |
| Content: |
Email addresses, Passwords, Usernames |
| Domain: |
idcgames.com |
Description:
In March 2021, 4 million records sourced from IDC Games were shared on a public hacking forum. The data included usernames, email addresses and passwords stored as salted MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Ducks Unlimited
| Added Date: |
11/15/2021 |
| Breach Date: |
1/29/2021 |
| Updated Date: |
11/15/2021 |
| Breach Count: |
1,324,364 |
| Content: |
Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses |
| Domain: |
ducks.org |
Description:
In mid-2021, Risk Based Security reported on a database sourced from Ducks Unlimited being traded online. The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website users. Impacted data included names, phones numbers, physical addresses, dates of birth and passwords stored as unsalted MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
ActMobile
| Added Date: |
11/9/2021 |
| Breach Date: |
10/8/2021 |
| Updated Date: |
11/9/2021 |
| Breach Count: |
1,583,193 |
| Content: |
Email addresses, IP addresses |
| Domain: |
actmobile.com |
Description:
In October 2021, security researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN and FreeVPN. The exposed data included 1.6 million unique email addresses along with IP addresses and password hashes, all of which were subsequently leaked on a popular hacking forum. Although usage of the service was verified by HIBP subscribers, ActMobile denied the data was sourced from them and the breach has subsequently been flagged as "unverified".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
CyberServe
| Added Date: |
11/4/2021 |
| Breach Date: |
10/29/2021 |
| Updated Date: |
11/4/2021 |
| Breach Count: |
1,107,034 |
| Content: |
Dates of birth, Drinking habits, Email addresses, Family structure, Genders, Geographic locations, HIV statuses, IP addresses, Names, Passwords, Personal health data, Phone numbers, Physical attributes, Private messages, Profile photos, Religions, Sexual orientations, Smoking habits, Usernames |
| Domain: |
cyberserve.co.il |
Description:
In October 2021, the Israeli hosting provider CyberServe was breached and ransomed before having a substantial amount of their customer data leaked publicly by a group known as "Black Shadow". Amongst the data was the LGBTQ dating site Atraf and the Machon Mor medical institute. Due to multiple different sites being compromised, the impacted data is broad and ranges from relationship information to medical data to email addresses and passwords stored in plain text. The data was made available to HIBP with support from May Brooks-Kempler, founder of the Think Safe Cyber community in Israel.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
CoinMarketCap
| Added Date: |
10/22/2021 |
| Breach Date: |
10/12/2021 |
| Updated Date: |
10/22/2021 |
| Breach Count: |
3,117,548 |
| Content: |
Email addresses |
| Domain: |
coinmarketcap.com |
Description:
During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were discovered being traded on hacking forums. Whilst the email addresses were found to correlate with CoinMarketCap accounts, it's unclear precisely how they were obtained. CoinMarketCap has provided the following statement on the data: "CoinMarketCap has become aware that batches of data have shown up online purporting to be a list of user accounts. While the data lists we have seen are only email addresses (no passwords), we have found a correlation with our subscriber base. We have not found any evidence of a data leak from our own servers — we are actively investigating this issue and will update our subscribers as soon as we have any new information."
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Thingiverse
| Added Date: |
10/14/2021 |
| Breach Date: |
10/13/2020 |
| Updated Date: |
10/14/2021 |
| Breach Count: |
228,102 |
| Content: |
Dates of birth, Email addresses, IP addresses, Names, Passwords, Physical addresses, Usernames |
| Domain: |
thingiverse.com |
Description:
In October 2021, a database backup taken from the 3D model sharing service Thingiverse began extensively circulating within the hacking community. Dating back to October 2020, the 36GB file contained 228 thousand unique email addresses, mostly alongside comments left on 3D models. The data also included usernames, IP addresses, full names and passwords stored as either unsalted SHA-1 or bcrypt hashes. In some cases, physical addresses was also exposed. Thingiverse's owner, MakerBot, is aware of the incident but at the time of writing, is yet to issue a disclosure statement. The data was provided to HIBP by dehashed.com.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Playbook
| Added Date: |
10/11/2021 |
| Breach Date: |
10/19/2020 |
| Updated Date: |
10/11/2021 |
| Breach Count: |
50,538 |
| Content: |
Email addresses, Job titles, Names, Passwords, Phone numbers, Social media profiles |
| Domain: |
playbook.vc |
Description:
In September 2021, a publicly accessible PostgresSQL database belonging to the Playbook service was identified. Run by VC firm Plug and Play Ventures, the database had been exposed since October 2020 and contained more than 50 thousand unique email addresses along with names, phone numbers, job titles and passwords stored as PBKDF2 hashes. It took more than 2 weeks after being notified of the exposed data to properly secure it. It's unknown whether Plug and Play Ventures notified impacted individuals as they ceased responding to queries from the press.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Fantasy Football Hub
| Added Date: |
10/7/2021 |
| Breach Date: |
10/2/2021 |
| Updated Date: |
10/7/2021 |
| Breach Count: |
66,479 |
| Content: |
Email addresses, IP addresses, Names, Passwords, Purchases, Usernames |
| Domain: |
fantasyfootballhub.co.uk |
Description:
In October 2021, the fantasy premier league (soccer) website Fantasy Football Hub suffered a data breach that exposed 66 thousand unique email addresses. The data included names, usernames, IP addresses, transactions and passwords stored as WordPress MD5 hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List: