Latest Breach Information
Below is a list of the last 25 known data breaches and any information we may have about them.
Shopper+
Added Date: |
3/11/2023 |
Breach Date: |
9/14/2020 |
Updated Date: |
3/11/2023 |
Breach Count: |
878,290 |
Content: |
Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses, Spoken languages |
Domain: |
shopperplus.ca |
Description:
In March 2023, "Canada's online shopping mall" Shopper+ disclosed a data breach discovered on a public hacking forum. The breach dated back to September 2020 and included 878k customer records with email and physical addresses, names, phone numbers and in some cases, genders and dates of birth.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
HDB Financial Services
Added Date: |
3/10/2023 |
Breach Date: |
2/22/2023 |
Updated Date: |
3/10/2023 |
Breach Count: |
1,658,750 |
Content: |
Dates of birth, Email addresses, Genders, Geographic locations, Loan information, Names, Phone numbers |
Domain: |
hdbfs.com |
Description:
In March 2023, the Indian non-bank lending unit HDB Financial Services suffered a data breach that disclosed over 70M customer records. Containing 1.6M unique email addresses, the breach also disclosed names, dates of birth, phone numbers, genders, post codes and loan information belonging to the customers.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Eye4Fraud
Added Date: |
3/5/2023 |
Breach Date: |
1/25/2023 |
Updated Date: |
3/6/2023 |
Breach Count: |
16,000,591 |
Content: |
Email addresses, IP addresses, Names, Partial credit card data, Passwords, Phone numbers, Physical addresses |
Domain: |
eye4fraud.com |
Description:
In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who'd placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
iD Tech
Added Date: |
3/5/2023 |
Breach Date: |
1/3/2023 |
Updated Date: |
3/5/2023 |
Breach Count: |
415,121 |
Content: |
Dates of birth, Email addresses, Names, Passwords |
Domain: |
idtech.com |
Description:
In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
LBB
Added Date: |
3/5/2023 |
Breach Date: |
2/14/2019 |
Updated Date: |
3/5/2023 |
Breach Count: |
39,288 |
Content: |
Browser user agent details, Email addresses, IP addresses, Names, Physical addresses |
Domain: |
lbb.in |
Description:
In August 2022, customer data of the Indian shopping site "LBB" (Little Black Book) was posted to a popular hacking forum. The data contained over 3M records with 39k unique email addresses alongside IP and physical addresses, names and device information with the most recent data dating back to early 2019. LBB advised they believe the data was exposed by a third party service and whilst it contained information they retain on their customers, it had also been enriched with additional data attributes.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
GunAuction.com
Added Date: |
3/2/2023 |
Breach Date: |
12/3/2022 |
Updated Date: |
3/4/2023 |
Breach Count: |
565,470 |
Content: |
Browser user agent details, Email addresses, Genders, IP addresses, Partial credit card data, Partial dates of birth, Passwords, Phone numbers, Physical addresses, Usernames |
Domain: |
gunauction.com |
Description:
In December 2022, the online firearms auction website GunAuction.com suffered a data breach which was later discovered left unprotected on the hacker's server. The data included over 565k user records with extensive personal data including email, IP and physical addresses, names, phone numbers, genders, years of birth, credit card type and passwords stored in plain text. The leaked identities could subsequently be matched to firearms listed for sale on the website.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Convex
Added Date: |
2/26/2023 |
Breach Date: |
2/1/2023 |
Updated Date: |
2/26/2023 |
Breach Count: |
150,129 |
Content: |
Email addresses, IP addresses, Names, Phone numbers |
Domain: |
convex.ru |
Description:
In February 2023, the Russian telecommunications provider Convex was hacked by "Anonymous" who subsequently released 128GB of data publicly, alleging it revealed illegal government surveillance. The leaked data contained 150k unique email, IP and physical addresses, names and phone numbers.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
RealDudesInc
Added Date: |
2/18/2023 |
Breach Date: |
10/22/2022 |
Updated Date: |
2/18/2023 |
Breach Count: |
101,543 |
Content: |
Email addresses, Passwords, Usernames |
Domain: |
realdudesinc.com |
Description:
In October 2022, the GTA mod menu provider RealDudesInc suffered a data breach that exposed over 100k email addresses (many of which are temporary guest account addresses). The breach also included usernames and bcrypt password hashes.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Weee
Added Date: |
2/8/2023 |
Breach Date: |
7/11/2022 |
Updated Date: |
2/8/2023 |
Breach Count: |
1,117,405 |
Content: |
Delivery instructions, Email addresses, Names, Phone numbers, Purchases |
Domain: |
sayweee.com |
Description:
In February 2023, data belonging to the Asian and Hispanic food delivery service Weee appeared on a popular hacking forum. Dating back to mid-2022, the data included 1.1M unique email addresses from 11M rows of orders containing names, phone numbers and delivery instructions.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
LimeVPN
Added Date: |
2/6/2023 |
Breach Date: |
10/8/2020 |
Updated Date: |
2/6/2023 |
Breach Count: |
23,348 |
Content: |
Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases |
Domain: |
limevpn.com |
Description:
In October 2020, the VPN provider LimeVPN suffered a data breach that exposed the personal information of tens of thousands of customers. The data included email, IP and physical addresses, names, phone numbers, purchase histories and passwords stored as salted MD5 hashes.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Truth Finder
Added Date: |
2/4/2023 |
Breach Date: |
4/12/2019 |
Updated Date: |
2/4/2023 |
Breach Count: |
8,159,573 |
Content: |
Email addresses, Names, Passwords, Phone numbers |
Domain: |
truthfinder.com |
Description:
In 2019, the public records search service TruthFinder suffered a data breach that later came to light in early 2023. The data included over 8M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Instant Checkmate
Added Date: |
2/3/2023 |
Breach Date: |
4/12/2019 |
Updated Date: |
2/3/2023 |
Breach Count: |
11,943,887 |
Content: |
Email addresses, Names, Passwords, Phone numbers |
Domain: |
instantcheckmate.com |
Description:
In 2019, the public records search service Instant Checkmate suffered a data breach that later came to light in early 2023. The data included almost 12M unique customer email addresses, names, phone numbers and passwords stored as scrypt hashes.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
School District 42
Added Date: |
2/1/2023 |
Breach Date: |
1/15/2023 |
Updated Date: |
2/2/2023 |
Breach Count: |
18,850 |
Content: |
Email addresses, Names |
Domain: |
sd42.ca |
Description:
In January 2023, Pitt Meadows School District 42 in British Columbia suffered a data breach. The incident exposed the names and email addresses of approximately 19k students and staff which were consequently redistributed on a popular hacking forum.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Planet Ice
Added Date: |
1/30/2023 |
Breach Date: |
1/14/2023 |
Updated Date: |
1/30/2023 |
Breach Count: |
240,488 |
Content: |
Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases |
Domain: |
planet-ice.co.uk |
Description:
In January 2023, the UK-based ice skating rink booking service Planet Ice suffered a data breach. The incident exposed the personal data of 240k people including email and physical addresses, phone numbers, genders, dates of birth and passwords stored as MD5 hashes. The data also included the names, genders and dates of birth of children having parties.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
KomplettFritid
Added Date: |
1/23/2023 |
Breach Date: |
2/1/2021 |
Updated Date: |
1/23/2023 |
Breach Count: |
139,401 |
Content: |
Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses |
Domain: |
komplettfritid.no |
Description:
In January 2023, the online Norwegian store KomplettFritid was reported as having had a data breach dating back to February 2021. The incident exposed 140k customer records including physical, email and IP addresses, names, phone numbers and passwords. Most passwords were stored as bcrypt hashes with a small number appearing in plain text.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Autotrader
Added Date: |
1/23/2023 |
Breach Date: |
1/6/2023 |
Updated Date: |
1/23/2023 |
Breach Count: |
20,032 |
Content: |
Email addresses, Phone numbers, Physical addresses, Vehicle details, Vehicle identification numbers (VINs) |
Domain: |
autotrader.com |
Description:
In January 2023, 1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum. Autotrader stated that the "data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods". The data contained 20k unique email addresses alongside physical addresses and phone numbers of dealers and vehicle details including VIN numbers. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Zurich
Added Date: |
1/22/2023 |
Breach Date: |
1/8/2023 |
Updated Date: |
1/22/2023 |
Breach Count: |
756,737 |
Content: |
Dates of birth, Email addresses, Genders, Names, Vehicle details |
Domain: |
zurich.co.jp |
Description:
In January 2023, the Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
DoorDash
Added Date: |
1/6/2023 |
Breach Date: |
8/2/2022 |
Updated Date: |
1/6/2023 |
Breach Count: |
367,476 |
Content: |
Email addresses, Geographic locations, Names, Partial credit card data |
Domain: |
doordash.com |
Description:
In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed "third-party vendor" they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
SlideTeam
Added Date: |
1/6/2023 |
Breach Date: |
4/6/2021 |
Updated Date: |
1/6/2023 |
Breach Count: |
1,464,271 |
Content: |
Email addresses, Names, Passwords |
Domain: |
slideteam.net |
Description:
In April 2021, the "world’s largest collection of pre-designed presentation slides" SlideTeam had 1.4M records breached and later published to a popular hacking forum the following year. Allegedly sourced from a compromised Magento instance, the data included names, email addresses and passwords stored as salted hashes.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List:
Twitter (200M)
Added Date: |
1/5/2023 |
Breach Date: |
1/1/2021 |
Updated Date: |
1/5/2023 |
Breach Count: |
211,524,284 |
Content: |
Email addresses, Names, Social media profiles, Usernames |
Domain: |
twitter.com |
Description:
In early 2023, over 200M records scraped from Twitter appeared on a popular hacking forum. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.
Verified: 
,
Fabricated: 
,
Sensitive: 
,
Active: 
,
Retired: 
,
Is Spam List: