Latest Breach Information

Below is a list of the last 25 known data breaches and any information we may have about them.


Zadig & Voltaire

Added Date: 6/17/2024
Breach Date: 11/16/2023
Updated Date: 6/17/2024
Breach Count: 586,895
Content: Email addresses, Genders, Names, Phone numbers, Physical addresses
Domain: zadig-et-voltaire.com

Description:

In June 2024, a data brach sourced from French fashion brand Zadig & Voltaire was publicly posted to a popular hacking forum. The data included names, email and physical addresses, phone numbers and genders. When contacted about the incident, Zadig & Voltaire advised the incident had occurred more than 6 months ago and that "all measures were taken quickly".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Combolists Posted to Telegram

Added Date: 6/3/2024
Breach Date: 5/28/2024
Updated Date: 6/11/2024
Breach Count: 361,468,099
Content: Email addresses, Passwords, Usernames
Domain: n/a

Description:

In May 2024, 2B rows of data with 361M unique email addresses were collated from malicious Telegram channels. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Operation Endgame

Added Date: 5/29/2024
Breach Date: 5/30/2024
Updated Date: 5/30/2024
Breach Count: 16,466,858
Content: Email addresses, Passwords
Domain: n/a

Description:

In May 2024, a coalition of international law enforcement agencies took down a series of botnets in a campaign they coined "Operation Endgame". Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

pcTattletale

Added Date: 5/25/2024
Breach Date: 5/25/2024
Updated Date: 5/25/2024
Breach Count: 138,751
Content: Device information, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, SMS messages, Usernames
Domain: pctattletale.com

Description:

In May 2024, the spyware service pcTattletale suffered a data breach that defaced the website and posted tens of gigabytes of data to the homepage, allegedly due to pcTattletale not responding to a previous security vulnerability report. The breach exposed data including membership records, infected PC names, captured messages and extensive logs of IP addresses and device information.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Dota2

Added Date: 5/23/2024
Breach Date: 7/10/2016
Updated Date: 5/23/2024
Breach Count: 1,907,205
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: dev.dota2.com

Description:

In July 2016, the Dota2 official developers forum suffered a data breach that exposed almost 2 million users. The hack of the vBulletin forum led to the disclosure of email and IP addresses, usernames and passwords stored as salted MD5 hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

The Post Millennial

Added Date: 5/9/2024
Breach Date: 5/2/2024
Updated Date: 5/14/2024
Breach Count: 56,973,345
Content: Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
Domain: thepostmillennial.com

Description:

In May 2024, the conservative news website The Post Millennial suffered a data breach. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from thousands of mailing lists alleged to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Tappware

Added Date: 5/8/2024
Breach Date: 4/23/2024
Updated Date: 5/8/2024
Breach Count: 94,734
Content: Dates of birth, Email addresses, Genders, Government issued IDs, Job titles, Names, Phone numbers, Physical addresses, Religions
Domain: tappware.com

Description:

In April 2024, a substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum. Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens including names, physical addresses, job titles, dates of birth, genders and scans of government issued national identity (NID) cards.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

MovieBoxPro

Added Date: 4/29/2024
Breach Date: 4/15/2024
Updated Date: 4/29/2024
Breach Count: 6,009,014
Content: Email addresses, Usernames
Domain: movieboxpro.app

Description:

In April 2024, over 6M records from the streaming service MovieBoxPro were scraped from a vulnerable API. Of questionable legality, the service provided no contact information to disclose the incident, although reportedly the vulnerability was rectified after being mass enumerated.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Piping Rock

Added Date: 4/25/2024
Breach Date: 4/24/2024
Updated Date: 4/25/2024
Breach Count: 2,103,100
Content: Email addresses, Names, Phone numbers, Physical addresses
Domain: pipingrock.com

Description:

In April 2024, 2.1M email addresses from the online health products store Piping Rock were publicly posted to a popular hacking forum. The data also included names, phone numbers and physical addresses. The account posting the data had previously posted multiple other data breaches which all appear to have been obtained from the Shopify service used by the respective websites.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

T2

Added Date: 4/22/2024
Breach Date: 4/17/2024
Updated Date: 4/23/2024
Breach Count: 94,584
Content: Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases, Salutations
Domain: t2tea.com

Description:

In April 2024, 95k records from the T2 tea store were posted to a popular hacking forum. Data included email and physical addresses, names, phone numbers, dates of birth, purchases and passwords stored as scrypt hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Le Slip Fran├žais

Added Date: 4/18/2024
Breach Date: 4/13/2024
Updated Date: 4/18/2024
Breach Count: 1,495,127
Content: Email addresses, Names, Phone numbers, Physical addresses
Domain: leslipfrancais.fr

Description:

In April 2024, the French underwear maker Le Slip Fran├žais suffered a data breach. The breach included 1.5M email addresses, physical addresses, names and phone numbers.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Giant Tiger

Added Date: 4/12/2024
Breach Date: 3/4/2024
Updated Date: 4/12/2024
Breach Count: 2,842,669
Content: Email addresses, Names, Phone numbers, Physical addresses
Domain: gianttiger.com

Description:

In March 2024, Canadian discount store Giant Tiger suffered a data breach that exposed 2.8M customer records. Attributed to a vendor of the retailer, the breach included physical and email addresses, names and phone numbers.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Salvadoran Citizens

Added Date: 4/10/2024
Breach Date: 4/2/2024
Updated Date: 4/10/2024
Breach Count: 946,989
Content: Dates of birth, Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses, Profile photos
Domain: n/a

Description:

In April 2024, nearly 6 million records of Salvadoran citizens were published to a popular hacking forum. The data included names, dates of birth, phone numbers, physical addresses and nearly 1M unique email addresses. Further, over 5M corresponding profile photos were also included in the breach.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Kaspersky Club

Added Date: 4/9/2024
Breach Date: 3/24/2024
Updated Date: 4/9/2024
Breach Count: 55,971
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: kasperskyclub.ru

Description:

In March 2024, the independent fan forum Kaspersky Club suffered a data breach. The incident exposed 56k unique email addresses alongside usernames, IP addresses and passwords stored as either MD5 or bcrypt hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

boAt

Added Date: 4/8/2024
Breach Date: 3/25/2024
Updated Date: 4/8/2024
Breach Count: 7,528,985
Content: Email addresses, Names, Phone numbers, Physical addresses
Domain: boat-lifestyle.com

Description:

In March 2024, the Indian audio and wearables brand boAt suffered a data breach that exposed 7.5M customer records. The data included physical and email address, names and phone numbers, all of which were subsequently published to a popular clear web hacking forum.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

SurveyLama

Added Date: 4/2/2024
Breach Date: 2/1/2024
Updated Date: 4/2/2024
Breach Count: 4,426,879
Content: Dates of birth, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses
Domain: surveylama.com

Description:

In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already "notified the users by email".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Pandabuy

Added Date: 4/1/2024
Breach Date: 3/31/2024
Updated Date: 4/1/2024
Breach Count: 1,348,407
Content: Email addresses, IP addresses, Names, Phone numbers, Physical addresses
Domain: pandabuy.com

Description:

In March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to "Sanggiero" and "IntelBroker".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Washington State Food Worker Card

Added Date: 3/30/2024
Breach Date: 11/17/2022
Updated Date: 3/30/2024
Breach Count: 1,594,305
Content: Dates of birth, Driver's licenses, Email addresses, Geographic locations, Names
Domain: foodworkercard.wa.gov

Description:

In June 2023, the Tacoma-Pierce County Health Department announced a data breach of their Washington State Food Worker Card online training system. The breach was published to a popular hacking forum the year before and dated back to a 2018 database backup. Included in the data were 1.6M unique email addresses along with names, post codes, dates of birth and approximately 9.5k driver's licence numbers.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

England Cricket

Added Date: 3/28/2024
Breach Date: 3/23/2024
Updated Date: 3/28/2024
Breach Count: 43,299
Content: Email addresses, Passwords
Domain: ecb.co.uk

Description:

In March 2024, English Cricket's icoachcricket website suffered a data breach that exposed over 40k records. The data included email addresses and passwords stored as either bcrypt hashes, salted MD5 hashes or both. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Exvagos

Added Date: 3/28/2024
Breach Date: 7/21/2022
Updated Date: 3/28/2024
Breach Count: 2,121,789
Content: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
Domain: exvagos.org

Description:

In July 2022, the direct download website Exvagos suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and MD5 password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

























Account Search

This site simply searches online databases of compromised account information in an attempt to help you keep your accounts safe and secure. We do not actually have or store any information -- including the usernames and email addresses you enter above.

Share This!


Make a Donation To Keep Us Running