Latest Breach Information

Below is a list of the last 25 known data breaches and any information we may have about them.


Unigame

Added Date: 8/7/2025
Breach Date: 12/14/2019
Updated Date: 8/7/2025
Breach Count: 843,696
Content: Email addresses, Passwords
Domain: unigame.me

Description:

In December 2019, the now defunct gaming website Unigame (maker of Hunter Online) suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 844k email addresses and salted MD5 password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Pi-hole

Added Date: 7/31/2025
Breach Date: 7/30/2025
Updated Date: 7/31/2025
Breach Count: 29,926
Content: Email addresses, Names
Domain: pi-hole.net

Description:

In July 2025, a vulnerability in the GiveWP WordPress plugin exposed the names and email addresses of approximately 30k donors to the Pi-hole network-wide ad blocking project. Pi-hole subsequently self-submitted the list of impacted donors to HIBP.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Creams Cafe

Added Date: 7/22/2025
Breach Date: 5/1/2025
Updated Date: 7/22/2025
Breach Count: 159,652
Content: Email addresses, Names, Phone numbers, Physical addresses
Domain: creamscafe.com

Description:

In May 2025, 160k records of customer data was allegedly obtained from Creams Cafe, "the UK's favourite dessert parlour". The data included email and physical addresses, names and phone numbers. Creams Cafe did not respond to repeated attempts to disclose the incident, however multiple impacted HIBP subscribers confirmed the legitimacy and accuracy of the data.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

MaReads

Added Date: 7/15/2025
Breach Date: 6/22/2025
Updated Date: 7/15/2025
Breach Count: 74,453
Content: Dates of birth, Email addresses, Phone numbers, Usernames
Domain: mareads.com

Description:

In June 2025, MaReads, the website for readers and writers of Thai-language fiction and comics suffered a data breach that exposed 74k records. The breach included usernames, email addresses, phone numbers and dates of birth. MaReads is aware of the breach.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Omnicuris

Added Date: 7/13/2025
Breach Date: 6/8/2025
Updated Date: 7/13/2025
Breach Count: 215,298
Content: Email addresses, Geographic locations, Names, Phone numbers
Domain: omnicuris.com

Description:

In June 2025, the Indian CME platform Omnicuris suffered a data breach that exposed approximately 200k records of healthcare professionals. The data included names, email addresses, phone numbers, geographic locations and other data attributes relating to professional expertise and training progress. Omnicuris is aware of the incident.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Catwatchful

Added Date: 7/3/2025
Breach Date: 6/9/2025
Updated Date: 7/3/2025
Breach Count: 61,641
Content: Email addresses, Passwords
Domain: catwatchful.com

Description:

In June 2025, spyware maker Catwatchful suffered a data breach that exposed over 60k customer records. The breach was due to a SQL injection vulnerability that enabled email addresses and plain text passwords to be extracted from the system.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Robinsons Malls

Added Date: 6/25/2025
Breach Date: 6/1/2024
Updated Date: 6/25/2025
Breach Count: 195,597
Content: Dates of birth, Email addresses, Genders, Geographic locations, Names, Phone numbers
Domain: robinsonsmalls.com

Description:

In June 2024, the Philippines' largest shopping-mall operators Robinsons Malls suffered a data breach stemming from their mobile app. The incident exposed 195k unique email addresses along with names, phone numbers, dates of birth, genders and the user's city and province.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Have Fun Teaching

Added Date: 6/25/2025
Breach Date: 8/15/2021
Updated Date: 6/25/2025
Breach Count: 27,126
Content: Browser user agent details, Email addresses, IP addresses, Names, Payment methods, Physical addresses, Purchases
Domain: havefunteaching.com

Description:

In August 2021, the teaching resources website Have Fun Teaching suffered a data breach that leaked 80k WooCommerce transactions which were later posted to a popular hacking forum. The data contained 27k unique email addresses along with physical and IP addresses, names, payment methods and the item purchased. Have Fun Teaching is aware of the incident.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Ualabee

Added Date: 6/13/2025
Breach Date: 5/6/2025
Updated Date: 6/13/2025
Breach Count: 472,296
Content: Dates of birth, Email addresses, Names, Phone numbers, Profile photos
Domain: ualabee.com

Description:

In May 2025, the South American mobility services platform Ualabee had hundreds of thousands of records scraped from an interface on their platform. The data included 472k unique email addresses along with names, profile photos, dates of birth and phone numbers.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

WiredBucks

Added Date: 6/10/2025
Breach Date: 5/25/2022
Updated Date: 6/10/2025
Breach Count: 918,529
Content: Earnings, Email addresses, IP addresses, Names, Passwords, Physical addresses, Usernames
Domain: wiredbucks.com

Description:

In May 2022, the now defunct social media influencer platform WiredBucks suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed over 900k email and IP addresses alongside names, usernames, earnings via the platform, physical addresses and passwords stored as plain text.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Disk Union

Added Date: 6/7/2025
Breach Date: 6/24/2022
Updated Date: 6/7/2025
Breach Count: 690,667
Content: Email addresses, Geographic locations, Names, Passwords, Phone numbers, Usernames
Domain: diskunion.net

Description:

In June 2022, the Japanese record chain store Disk Union suffered a data breach. The incident exposed 690k unique email addresses along with names, post codes, phone numbers and plain text passwords.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

ColoCrossing

Added Date: 6/3/2025
Breach Date: 5/24/2025
Updated Date: 6/3/2025
Breach Count: 7,183
Content: Email addresses, Names, Passwords
Domain: colocrossing.com

Description:

In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were exposed in the incident along with names and MD5-Crypt password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Free

Added Date: 5/27/2025
Breach Date: 10/17/2024
Updated Date: 5/27/2025
Breach Count: 13,926,173
Content: Bank account numbers, Dates of birth, Genders, Names, Phone numbers, Physical addresses
Domain: free.fr

Description:

In October 2024, French ISP "Free" suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical addresses, phone numbers, genders, dates of birth and for many records, IBAN bank account numbers. Free advised that the numbers were "not enough to make a direct debit from a bank".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Operation Endgame 2.0

Added Date: 5/23/2025
Breach Date: 5/23/2025
Updated Date: 5/25/2025
Breach Count: 15,436,844
Content: Email addresses, Passwords
Domain: n/a

Description:

In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier, with the latest action resulting in 15.3M victim email addresses being provided to HIBP by law enforcement. A further 43.8M victim passwords were also provided for HIBP's Pwned Passwords service.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Fédération Francaise de Rugby

Added Date: 5/22/2025
Breach Date: 7/6/2023
Updated Date: 5/23/2025
Breach Count: 281,977
Content: Dates of birth, Email addresses, Names, Phone numbers
Domain: ffr.fr

Description:

In June 2023, the Fédération Francaise de Rugby (French Rugby Federation) suffered a data breach and attempted ransom. The breach exposed 282k unique email addresses along with names, dates of birth and phone numbers. The Federation subsequently published a disclosure notice and stated that the attack primarily affected email servers.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

OnRPG

Added Date: 5/8/2025
Breach Date: 7/1/2016
Updated Date: 5/8/2025
Breach Count: 1,047,640
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: onrpg.com

Description:

In July 2016, the now defunct free online games list website OnRPG suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed just over 1M email and IP addresses alongside usernames and passwords stored as salted MD5 hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

TehetségKapu

Added Date: 5/1/2025
Breach Date: 3/26/2025
Updated Date: 5/1/2025
Breach Count: 54,357
Content: Email addresses, Names, Usernames
Domain: tehetsegkapu.hu

Description:

In March 2025, almost 55k records were breached from the Hungarian education office website TehetségKapu. The data was subsequently published to a popular hacking forum and included email addresses, names and usernames.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Samsung Germany Customer Tickets

Added Date: 4/12/2025
Breach Date: 3/30/2025
Updated Date: 4/13/2025
Breach Count: 216,333
Content: Email addresses, Names, Physical addresses, Purchases, Salutations, Shipment tracking numbers, Support tickets
Domain: samsung.de

Description:

In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos. Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses along with names, physical addresses, items purchased from Samsung Germany and related support tickets and shipping tracking numbers.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Qraved

Added Date: 4/9/2025
Breach Date: 7/9/2021
Updated Date: 4/9/2025
Breach Count: 984,519
Content: Dates of birth, Email addresses, Names, Passwords, Phone numbers
Domain: qraved.com

Description:

In July 2021, the Indonesian restaurant website Qraved suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed almost 1M unique email addresses along with names, phone numbers, dates of birth and passwords stored as MD5 hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Boulanger

Added Date: 4/8/2025
Breach Date: 9/6/2024
Updated Date: 4/10/2025
Breach Count: 2,077,078
Content: Email addresses, Geographic locations, Names, Phone numbers, Physical addresses
Domain: boulanger.com

Description:

In September 2024, French electronics retailer Boulanger suffered a data breach that exposed over 27M rows of data. The data included 2M unique email addresses along with names, physical addresses, phone numbers and latitude and longitude. The data was later publicly published to a popular hacking forum.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

























Account Search

This site simply searches online databases of compromised account information in an attempt to help you keep your accounts safe and secure. We do not actually have or store any information -- including the usernames and email addresses you enter above.

Share This!


Make a Donation To Keep Us Running