Latest Breach Information
Below is a list of the last 25 known data breaches and any information we may have about them.
School District 42
| Added Date: |
2/1/2023 |
| Breach Date: |
1/15/2023 |
| Updated Date: |
2/2/2023 |
| Breach Count: |
18,850 |
| Content: |
Email addresses, Names |
| Domain: |
sd42.ca |
Description:
In January 2023, Pitt Meadows School District 42 in British Columbia suffered a data breach. The incident exposed the names and email addresses of approximately 19k students and staff which were consequently redistributed on a popular hacking forum.
Verified: 
,
Fabricated: 
,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Planet Ice
| Added Date: |
1/30/2023 |
| Breach Date: |
1/14/2023 |
| Updated Date: |
1/30/2023 |
| Breach Count: |
240,488 |
| Content: |
Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases |
| Domain: |
planet-ice.co.uk |
Description:
In January 2023, the UK-based ice skating rink booking service Planet Ice suffered a data breach. The incident exposed the personal data of 240k people including email and physical addresses, phone numbers, genders, dates of birth and passwords stored as MD5 hashes. The data also included the names, genders and dates of birth of children having parties.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
KomplettFritid
| Added Date: |
1/23/2023 |
| Breach Date: |
2/1/2021 |
| Updated Date: |
1/23/2023 |
| Breach Count: |
139,401 |
| Content: |
Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses |
| Domain: |
komplettfritid.no |
Description:
In January 2023, the online Norwegian store KomplettFritid was reported as having had a data breach dating back to February 2021. The incident exposed 140k customer records including physical, email and IP addresses, names, phone numbers and passwords. Most passwords were stored as bcrypt hashes with a small number appearing in plain text.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Autotrader
| Added Date: |
1/23/2023 |
| Breach Date: |
1/6/2023 |
| Updated Date: |
1/23/2023 |
| Breach Count: |
20,032 |
| Content: |
Email addresses, Phone numbers, Physical addresses, Vehicle details, Vehicle identification numbers (VINs) |
| Domain: |
autotrader.com |
Description:
In January 2023, 1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum. Autotrader stated that the "data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods". The data contained 20k unique email addresses alongside physical addresses and phone numbers of dealers and vehicle details including VIN numbers. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Zurich
| Added Date: |
1/22/2023 |
| Breach Date: |
1/8/2023 |
| Updated Date: |
1/22/2023 |
| Breach Count: |
756,737 |
| Content: |
Dates of birth, Email addresses, Genders, Names, Vehicle details |
| Domain: |
zurich.co.jp |
Description:
In January 2023, the Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
DoorDash
| Added Date: |
1/6/2023 |
| Breach Date: |
8/2/2022 |
| Updated Date: |
1/6/2023 |
| Breach Count: |
367,476 |
| Content: |
Email addresses, Geographic locations, Names, Partial credit card data |
| Domain: |
doordash.com |
Description:
In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed "third-party vendor" they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
SlideTeam
| Added Date: |
1/6/2023 |
| Breach Date: |
4/6/2021 |
| Updated Date: |
1/6/2023 |
| Breach Count: |
1,464,271 |
| Content: |
Email addresses, Names, Passwords |
| Domain: |
slideteam.net |
Description:
In April 2021, the "world’s largest collection of pre-designed presentation slides" SlideTeam had 1.4M records breached and later published to a popular hacking forum the following year. Allegedly sourced from a compromised Magento instance, the data included names, email addresses and passwords stored as salted hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Twitter (200M)
| Added Date: |
1/5/2023 |
| Breach Date: |
1/1/2021 |
| Updated Date: |
1/5/2023 |
| Breach Count: |
211,524,284 |
| Content: |
Email addresses, Names, Social media profiles, Usernames |
| Domain: |
twitter.com |
Description:
In early 2023, over 200M records scraped from Twitter appeared on a popular hacking forum. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Deezer
| Added Date: |
1/1/2023 |
| Breach Date: |
4/22/2019 |
| Updated Date: |
1/1/2023 |
| Breach Count: |
229,037,936 |
| Content: |
Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Names, Spoken languages, Usernames |
| Domain: |
deezer.com |
Description:
In late 2022, the music streaming service Deezer disclosed a data breach that impacted over 240M customers. The breach dated back to a mid-2019 backup exposed by a 3rd party partner which was subsequently sold and then broadly redistributed on a popular hacking forum. Impacted data included 229M unique email addresses, IP addresses, names, usernames, genders, DoBs and the geographic location of the customer.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Benchmark
| Added Date: |
12/31/2022 |
| Breach Date: |
11/1/2019 |
| Updated Date: |
12/31/2022 |
| Breach Count: |
93,343 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
benchmark.rs |
Description:
In November 2019, the Serbian technology news website Benchmark suffered a breach of its forum that exposed 93k customer records. The breach exposed IP and email addresses, usernames and passwords stored as salted MD5 hashes. A forum administrator subsequently advised that the breach was due to the forum previously running on an outdated vBulletin instance. The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Gemini
| Added Date: |
12/16/2022 |
| Breach Date: |
12/13/2022 |
| Updated Date: |
12/16/2022 |
| Breach Count: |
5,274,214 |
| Content: |
Email addresses, Partial phone numbers |
| Domain: |
gemini.com |
Description:
In late 2022, data allegedly taken from the Gemini crypto exchange was posted to a public hacking forum. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to an incident at a third-party vendor (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
CoinTracker
| Added Date: |
12/12/2022 |
| Breach Date: |
12/1/2022 |
| Updated Date: |
1/1/2023 |
| Breach Count: |
1,557,153 |
| Content: |
Email addresses, Partial phone numbers |
| Domain: |
cointracker.io |
Description:
In December 2022, the Crypto & NFT taxes service CoinTracker reported a data breach that impacted over 1.5M of their customers. The company later attributed the breach to a compromise SendGrid in an attack that targeted multiple customers of the email provider. The breach exposed email addresses and partially redacted phone numbers, with CoinTracker advising that the later did not originate from their service.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Abandonia (2022)
| Added Date: |
12/7/2022 |
| Breach Date: |
11/15/2022 |
| Updated Date: |
12/11/2022 |
| Breach Count: |
919,790 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
abandonia.com |
Description:
In November 2022, the gaming website dedicated to classic DOS games Abandonia suffered a data breach resulting in the exposure of 920k unique user records. This breach was in addition to another one 7 years earlier in 2015. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Not Acxiom
| Added Date: |
11/22/2022 |
| Breach Date: |
6/21/2020 |
| Updated Date: |
11/22/2022 |
| Breach Count: |
51,730,831 |
| Content: |
Email addresses, IP addresses, Names, Phone numbers, Physical addresses |
| Domain: |
n/a |
Description:
In 2020, a corpus of data containing almost a quarter of a billion records spanning over 400 different fields was misattributed to database marketing company Acxiom and subsequently circulated within the hacking community. On review, Acxiom concluded that "the claims are indeed false and that the data, which has been readily available across multiple environments, does not come from Acxiom and is in no way the subject of an Acxiom breach". The data contained almost 52M unique email addresses.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Get Revenge On Your Ex
| Added Date: |
11/14/2022 |
| Breach Date: |
9/9/2022 |
| Updated Date: |
12/11/2022 |
| Breach Count: |
79,195 |
| Content: |
Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases |
| Domain: |
getrevengeonyourex.com |
Description:
In September 2022, the revenge website Get Revenge On Your Ex suffered a data breach that exposed almost 80k unique email addresses. The data spanned both customers and victims including names, IP and physical addresses, phone numbers, purchase histories and plain text passwords. The data was subsequently shared on a public hacking forum, Get Revenge On Your Ex did not reply when contacted.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
GGCorp
| Added Date: |
11/8/2022 |
| Breach Date: |
8/11/2022 |
| Updated Date: |
11/8/2022 |
| Breach Count: |
2,376,330 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
ggcorp.me |
Description:
In August 2022, the MMORPG website GGCorp suffered a data breach that exposed almost 2.4M unique email addresses. The data also included IP addresses, usernames and MD5 password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Lolzteam
| Added Date: |
11/5/2022 |
| Breach Date: |
5/13/2018 |
| Updated Date: |
11/5/2022 |
| Breach Count: |
398,011 |
| Content: |
Email addresses, Usernames |
| Domain: |
lolzteam.net |
Description:
In May 2018, the Russian hacking forum Lolzteam suffered a data breach that exposed 400k members. The impacted data included usernames and email addresses which were later redistributed via another hacking forum. The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Doomworld
| Added Date: |
10/24/2022 |
| Breach Date: |
10/12/2022 |
| Updated Date: |
10/24/2022 |
| Breach Count: |
34,478 |
| Content: |
Email addresses, IP addresses, Passwords, Usernames |
| Domain: |
doomworld.com |
Description:
In October 2022, the Doomworld fourm suffered a data breach that exposed 34k member records. The data included email and IP addresses, usernames and bcrypt password hashes.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
E-Pal
| Added Date: |
10/23/2022 |
| Breach Date: |
4/15/2022 |
| Updated Date: |
10/23/2022 |
| Breach Count: |
108,887 |
| Content: |
Email addresses, Purchases, Usernames |
| Domain: |
epal.gg |
Description:
In October 2022, the service dedicated to finding friends on Discord known as E-Pal disclosed a data breach. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List:
Wakanim
| Added Date: |
10/6/2022 |
| Breach Date: |
8/28/2022 |
| Updated Date: |
10/6/2022 |
| Breach Count: |
6,706,951 |
| Content: |
Browser user agent details, Email addresses, IP addresses, Names, Physical addresses, Usernames |
| Domain: |
wakanim.tv |
Description:
In August 2022, the European streaming service Wakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.
Verified: ,
Fabricated: ,
Sensitive: ,
Active: ,
Retired: ,
Is Spam List: