Latest Breach Information

Below is a list of the last 25 known data breaches and any information we may have about them.


Color Dating

Added Date: 3/2/2025
Breach Date: 9/5/2018
Updated Date: 3/2/2025
Breach Count: 220,503
Content: Bios, Dates of birth, Email addresses, Geographic locations, Names, Passwords, Profile photos
Domain: colordatingapp.com

Description:

In September 2018, the dating app to match people with different ethnicities Color Dating suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 220k unique email addresses along with bios, names, profile photos and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to "ANK (Veles)".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Flat Earth Sun, Moon and Zodiac App

Added Date: 3/1/2025
Breach Date: 10/15/2024
Updated Date: 3/1/2025
Breach Count: 33,294
Content: Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Usernames
Domain: flatearthdave.com

Description:

In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Spyzie

Added Date: 2/27/2025
Breach Date: 2/22/2024
Updated Date: 2/27/2025
Breach Count: 518,643
Content: Email addresses
Domain: spyzie.io

Description:

In February 2025, the spyware service Spyzie suffered a data breach along with sibling spyware services, Spyic and Cocospy. The Spyzie breach alone exposed almost 519k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Orange Romania

Added Date: 2/26/2025
Breach Date: 2/24/2025
Updated Date: 2/26/2025
Breach Count: 556,557
Content: Email addresses, Partial credit card data, Phone numbers
Domain: orange.ro

Description:

In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone number]@as1.romtelecom.net), phone numbers, subscription details, partial credit card data (type, last 4 digits, expiration date and issuing bank). The breach also exposed an extensive number of internal documents.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

ALIEN TXTBASE Stealer Logs

Added Date: 2/25/2025
Breach Date: 2/15/2025
Updated Date: 2/25/2025
Breach Count: 284,132,969
Content: Email addresses, Passwords
Domain: n/a

Description:

In February 2025, 23 billion rows of stealer logs were obtained from a Telegram channel known as ALIEN TXTBASE. The data contained 284M unique email addresses alongside the websites they were entered into and the passwords used. This data is now searchable in HIBP by both email domain and the domain of the target website.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Spyic

Added Date: 2/20/2025
Breach Date: 2/14/2025
Updated Date: 2/20/2025
Breach Count: 875,999
Content: Email addresses
Domain: spyic.com

Description:

In February 2025, the spyware service Spyic suffered a data breach along with sibling spyware service, Cocospy. The Spyic breach alone exposed almost 876k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Cocospy

Added Date: 2/20/2025
Breach Date: 2/14/2025
Updated Date: 2/20/2025
Breach Count: 1,798,059
Content: Email addresses
Domain: cocospy.com

Description:

In February 2025, the spyware service Cocospy suffered a data breach along with sibling spyware service, Spyic. The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Storenvy

Added Date: 2/16/2025
Breach Date: 4/4/2019
Updated Date: 2/16/2025
Breach Count: 11,052,071
Content: Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Passwords, Usernames
Domain: storenvy.com

Description:

In mid-2019, the e-commerce website Storenvy suffered a data breach that exposed millions of customer records. A portion of the breached records were subsequently posted to a hacking forum with cracked password hashes, whilst the entire corpus of 23M rows was put up for sale. The data contained 11M unique email addresses alongside usernames, IP addresses, the user's city, gender date of birth and original salted SHA-1 password hash.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Doxbin (TOoDA)

Added Date: 2/13/2025
Breach Date: 2/12/2024
Updated Date: 2/13/2025
Breach Count: 136,461
Content: Email addresses, Usernames
Domain: doxbin.com

Description:

In February 2025, the "doxing" website Doxbin was compromised by a group calling themselves "TOoDA" and the data dumped publicly. Included in the breach were 336k unique email addresses alongside usernames. The data was provided to HIBP by a source who requested it be attributed to "emo.rip".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Zacks (2024)

Added Date: 2/12/2025
Breach Date: 6/22/2024
Updated Date: 2/12/2025
Breach Count: 11,994,223
Content: Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
Domain: zacks.com

Description:

In June 2024, the investment research company Zacks was allegedly breached, and data was later published to a popular hacking forum. This comes after a separate Zacks data breach confirmed by the organisation in 2023 with the subsequent breach disclosing millions of additional records representing a superset of data from the first incident. The 2024 breach included 12M unique email addresses along with IP and physical addresses, names, usernames, phone numbers and unsalted SHA-256 password hashes. Zacks did not respond to multiple attempts to contact them about the incident.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

LandAirSea

Added Date: 2/10/2025
Breach Date: 1/12/2025
Updated Date: 2/13/2025
Breach Count: 337,373
Content: Email addresses, Names, Partial credit card data, Passwords, Physical addresses, Usernames
Domain: landairsea.com

Description:

In January 2025, the GPS tracking service LandAirSea suffered a data breach that exposed 337k unique customer email addresses alongside names, usernames and password hashes. The breach also exposed partial credit card data (card type, last 4 digits and expiration), and GPS device identifiers and locations. LandAirSea is aware of the breach and has remediated the underlying vulnerability. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Adopt Me Trading Values

Added Date: 2/9/2025
Breach Date: 7/1/2022
Updated Date: 2/9/2025
Breach Count: 86,136
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: adoptmetradingvalues.com

Description:

In July 2022, the Adopt Me Trading Values website for assessing the value of pet trades within the "Adopt Me!" Roblox game suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 86k unique email addresses along with usernames (and Roblox usernames), IP addresses and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to "Leidhall".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Youthmanual

Added Date: 2/9/2025
Breach Date: 1/31/2019
Updated Date: 2/9/2025
Breach Count: 937,912
Content: Bios, Dates of birth, Email addresses, Genders, Names, Passwords, Phone numbers, Physical addresses, Places of birth
Domain: youthmanual.com

Description:

In January 2019, the Indonesian college and career platform Youthmanual suffered a data breach that exposed 1.1M records of data. The breached included 938k unique email addresses along with extensive personal information including names, genders, dates and places of birth, phone numbers, physical addresses and salted SHA-1 password hashes.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Thermomix Recipe World Forum

Added Date: 2/6/2025
Breach Date: 1/30/2025
Updated Date: 2/6/2025
Breach Count: 3,123,439
Content: Bios, Dates of birth, Email addresses, Names, Phone numbers, Physical addresses, Usernames
Domain: rezeptwelt.de

Description:

In January 2025, the Rezeptwelt (German for "recipe world") forum for Thermomix owners suffered a data breach. The incident exposed 3.1M registered users' details including names, email and physical addresses, phone numbers, dates of birth and bios (usually cooking related). The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Hakko Corporation

Added Date: 2/5/2025
Breach Date: 3/28/2019
Updated Date: 2/5/2025
Breach Count: 9,665
Content: Dates of birth, Email addresses, Genders, Names, Passwords, Phone numbers, Physical addresses, Usernames
Domain: hakko.com

Description:

In March 2019, the Japanese solder-related business Hakko Corporation suffered a data breach. The incident exposed almost 10k customer records including email and physical addresses, phone numbers, names, usernames, genders, dates of birth and plain text passwords.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

PoinCampus

Added Date: 2/3/2025
Breach Date: 11/14/2024
Updated Date: 2/3/2025
Breach Count: 89,116
Content: Dates of birth, Email addresses, Names, Phone numbers
Domain: poincampus.com

Description:

In November 2024, the South Korean education platform PoinCampus suffered a data breach which was later published to a popular hacking forum. The data included 89k unique email addresses, names and a small number of phone numbers and dates of birth. The data was provided to HIBP by a source who requested it be attributed to "Threat Actor 888".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

1win

Added Date: 2/3/2025
Breach Date: 11/2/2024
Updated Date: 2/5/2025
Breach Count: 96,166,543
Content: Dates of birth, Email addresses, Geographic locations, IP addresses, Passwords, Phone numbers
Domain: 1win.com

Description:

In November 2024, the online betting platform 1win suffered a data breach that exposed 96M users. The exposed data included email and IP addresses, phone numbers, dates of birth, country and SHA-256 password hashes. The data was provided to HIBP by a source who requested it be attributed to "Leidhall".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

DragonNest

Added Date: 2/2/2025
Breach Date: 8/23/2013
Updated Date: 2/2/2025
Breach Count: 511,290
Content: Email addresses, IP addresses, Passwords, Usernames
Domain: dragonnest.com

Description:

In August 2013, the massively multiplayer online role-playing game (MMORGP) DragonNest suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 500k unique email addresses along with usernames, IP addresses and plain text passwords. The service later suffered a massive data loss.

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

9Lives

Added Date: 2/1/2025
Breach Date: 10/1/2014
Updated Date: 2/5/2025
Breach Count: 109,515
Content: Email addresses, Passwords, Usernames
Domain: 9lives.be

Description:

In October 2014, the (now defunct) Belgian gaming news forum 9Lives suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 109k unique email addresses along with usernames and salted MD5 password hashes. The data was provided to HIBP by a source who requested it be attributed to "Leidhall".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

Speedio

Added Date: 1/30/2025
Breach Date: 12/24/2024
Updated Date: 1/30/2025
Breach Count: 27,501,041
Content: Company names, Email addresses, Phone numbers, Physical addresses
Domain: speedio.com.br

Description:

In December 2024, data alleged to have been taken from the Brazilian lead generation platform Speedio was posted for sale to a popular hacking forum. The data was allegedly obtained from an unsecured Elasticsearch instance and contained over 62M records of largely public business information including company names, phone numbers and physical addresses, along with 27M unique email addresses, predominantly from public services such as Gmail and Outlook. Speedio did not respond to multiple attempts to disclose the incident, and the origin of the data could not be independently verified. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Verified: , Fabricated: , Sensitive: , Active: , Retired: , Is Spam List:

























Account Search

This site simply searches online databases of compromised account information in an attempt to help you keep your accounts safe and secure. We do not actually have or store any information -- including the usernames and email addresses you enter above.

Share This!


Make a Donation To Keep Us Running