😈
CityJerks Database
In early 2023, the "mutual masturbation" website CityJerks suffered a data breach that exposed 177k unique email addresses. The breach also included data from the TruckerSucker "dating app for REAL TRUCKERS and REAL MEN" with the combined corpus of data also exposing usernames, IP addresses, dates of birth, sexual orientations, geo locations, private messages between members and passwords stored as salted MD5 hashes. The data was listed on a public hacking site and provided to HIBP by a source who requested it be attributed to "discord.gg/gN9C9em".
Compromised data: Bios, Dates of birth, Email addresses, Geographic locations, IP addresses, Passwords, Private messages, Profile photos, Sexual orientations, Usernames
😈
CityJerks Database
In early 2023, the "mutual masturbation" website CityJerks suffered a data breach that exposed 177k unique email addresses. The breach also included data from the TruckerSucker "dating app for REAL TRUCKERS and REAL MEN" with the combined corpus of data also exposing usernames, IP addresses, dates of birth, sexual orientations, geo locations, private messages between members and passwords stored as salted MD5 hashes. The data was listed on a public hacking site and provided to HIBP by a source who requested it be attributed to "discord.gg/gN9C9em".
Compromised data: Bios, Dates of birth, Email addresses, Geographic locations, IP addresses, Passwords, Private messages, Profile photos, Sexual orientations, Usernames
😈
Discord
Join the mason1920 Discord Server!
Check out the mason1920 community on Discord - hang out with 291 other members and enjoy free voice and text chat.
😈
Sphero
In September 2023, over 1M rows of data from the educational robots company Sphero was posted to a popular hacking forum. The data contained 832k unique email addresses alongside names, usernames, dates of birth and geographic locations.
Compromised data: Dates of birth, Email addresses, Geographic locations, Names, Usernames
😈
Sphero
In September 2023, over 1M rows of data from the educational robots company Sphero was posted to a popular hacking forum. The data contained 832k unique email addresses alongside names, usernames, dates of birth and geographic locations.
Compromised data: Dates of birth, Email addresses, Geographic locations, Names, Usernames
😈
😈
Viva Air Database
In March 2022, the now defunct Columbian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).
Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases
😈
Viva Air Database
In March 2022, the now defunct Columbian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).
Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases
😈
😈
Dymocks Database
In September 2023, the Australian book retailer Dymocks announced a data breach. The data dated back to June 2023 and contained 1.2M records with 836k unique email addresses. The breach also exposed names, dates of birth, genders, phone numbers and physical addresses.
Compromised data: Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses
😈
Dymocks Database
In September 2023, the Australian book retailer Dymocks announced a data breach. The data dated back to June 2023 and contained 1.2M records with 836k unique email addresses. The breach also exposed names, dates of birth, genders, phone numbers and physical addresses.
Compromised data: Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses
😈
😈
SevenRooms Database
In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum. The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unauthorised access of "a file transfer interface of a third-party vendor".
Credit to doubl for breaching and leaking this originally.
I would like to warn users this leak is over 36.58GB uncompressed and 34.1GB compressed.
Compromised data: Email addresses, Names, Purchases
😈
SevenRooms Database
In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum. The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unauthorised access of "a file transfer interface of a third-party vendor".
Credit to doubl for breaching and leaking this originally.
I would like to warn users this leak is over 36.58GB uncompressed and 34.1GB compressed.
Compromised data: Email addresses, Names, Purchases
😈
😈
CraftRise Database
In May 2023, news broke of a data breach of the Turkish Minecraft server known as CraftRise. The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords. The newest records indicate the data was obtained in March 2022.
Compromised data: Email addresses, Geographic locations, Passwords, Usernames
😈
CraftRise Database
In May 2023, news broke of a data breach of the Turkish Minecraft server known as CraftRise. The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords. The newest records indicate the data was obtained in March 2022.
Compromised data: Email addresses, Geographic locations, Passwords, Usernames
😈
😈
Duolingo Scrape Database
In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.
Compromised data: Email addresses, Names, Spoken languages, Usernames
😈
Duolingo Scrape Database
In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.
Compromised data: Email addresses, Names, Spoken languages, Usernames
😈
😈
MagicDuel RPG Database
In Auguest 2023, MagicDuel RPG (magicduel.com) was dumped through a simple SQLi vulnerability. More than 138k people were compromised. This breach includes Usernames, Emails, Hashed Passwords, and IPs.
Compromised data: Username, Emails, Hashed Passwords, IPs
😈
MagicDuel RPG Database
In Auguest 2023, MagicDuel RPG (magicduel.com) was dumped through a simple SQLi vulnerability. More than 138k people were compromised. This breach includes Usernames, Emails, Hashed Passwords, and IPs.
Compromised data: Username, Emails, Hashed Passwords, IPs
😈
😈
G.Skill
In January of 2023, G.Skill was compromised through a vulnerable database service. In April of the same year, their database was deleted and they were served with an extortion note that they failed to negotiate for. The data contains RMA information, User information including email addresses, full addresses, and hashed passwords. Over 50,000 user entries exist.
Compromised data: Full Names, Emails, Passwords, IP addresses
😈
G.Skill
In January of 2023, G.Skill was compromised through a vulnerable database service. In April of the same year, their database was deleted and they were served with an extortion note that they failed to negotiate for. The data contains RMA information, User information including email addresses, full addresses, and hashed passwords. Over 50,000 user entries exist.
Compromised data: Full Names, Emails, Passwords, IP addresses
😈
😈
iD Tech Database
In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.
Compromised data: Dates of birth, Email addresses, Names, Passwords
😈
iD Tech Database
In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.
Compromised data: Dates of birth, Email addresses, Names, Passwords
😈
😈
JD Group Database
In May 2023, the South African retailer JD Group announced a data breach affecting a number of their online assets including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records including names, email and physical addresses, phone numbers and South African ID numbers.
Compromised data: Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses
😈
JD Group Database
In May 2023, the South African retailer JD Group announced a data breach affecting a number of their online assets including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records including names, email and physical addresses, phone numbers and South African ID numbers.
Compromised data: Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses
😈
😈
Grapevine/grpvyn Database
Around June 2023, the food delivery aggregation app suffered a data breach that impacted 395k users. The breach included Email addresses, Phone numbers, passwords
Compromised data: Email addresses, Phone numbers, Full names, Password hashes, physical addresses
😈
Grapevine/grpvyn Database
Around June 2023, the food delivery aggregation app suffered a data breach that impacted 395k users. The breach included Email addresses, Phone numbers, passwords
Compromised data: Email addresses, Phone numbers, Full names, Password hashes, physical addresses
😈
😈
flipd.gg/ogusers.com Database
In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes. A total of 529k unique email addresses appeared in the breach.
Also Known As ogu.gg/ogusers.com
Compromised data: Email addresses, IP addresses, Passwords, Usernames
😈
flipd.gg/ogusers.com Database
In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes. A total of 529k unique email addresses appeared in the breach.
Also Known As ogu.gg/ogusers.com
Compromised data: Email addresses, IP addresses, Passwords, Usernames
😈
😈
Zacks Database
In December 2022, the investment research company Zacks announced a data breach. The following month, reports emerged of the incident impacting 820k customers. However, in June 2023, a corpus of data with almost 9M Zacks customers appeared before being broadly circulated on a popular hacking forum. The most recent data was dated May 2020 and included names, usernames, email and physical addresses, phone numbers and passwords stored as unsalted SHA-256 hashes. On disclosure of the larger breach, Zacks advised that in addition to their original report "the unauthorised third parties also gained access to encrypted [sic] passwords of zacks.com customers, but only in the encrypted [sic] format".
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
👿
Zacks Database
In December 2022, the investment research company Zacks announced a data breach. The following month, reports emerged of the incident impacting 820k customers. However, in June 2023, a corpus of data with almost 9M Zacks customers appeared before being broadly circulated on a popular hacking forum. The most recent data was dated May 2020 and included names, usernames, email and physical addresses, phone numbers and passwords stored as unsalted SHA-256 hashes. On disclosure of the larger breach, Zacks advised that in addition to their original report "the unauthorised third parties also gained access to encrypted [sic] passwords of zacks.com customers, but only in the encrypted [sic] format".
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
👿
😈
Luxottica
In March 2021, the world's largest eyewear company Luxoticca suffered a data breach via one of their partners that exposed the personal information of more than 70M people. The data was subsequently sold via a popular hacking forum in late 2022 and included email and physical addresses, names, genders, dates of birth and phone numbers. In a statement from Luxottica, they advised they were aware of the incident and are currently "considering other notification obligations".
Compromised data: Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses
😈
Luxottica
In March 2021, the world's largest eyewear company Luxoticca suffered a data breach via one of their partners that exposed the personal information of more than 70M people. The data was subsequently sold via a popular hacking forum in late 2022 and included email and physical addresses, names, genders, dates of birth and phone numbers. In a statement from Luxottica, they advised they were aware of the incident and are currently "considering other notification obligations".
Compromised data: Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses
😈
😈
RaidForums Database
In May 2023, 478k user records from the now defunct hacking forum known as "RaidForums" was posted to another hacking forum. The data dated back to September 2020 and included email addresses, usernames, dates of birth, IP addresses and passwords stored as Argon2 hashes.
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
😈
RaidForums Database
In May 2023, 478k user records from the now defunct hacking forum known as "RaidForums" was posted to another hacking forum. The data dated back to September 2020 and included email addresses, usernames, dates of birth, IP addresses and passwords stored as Argon2 hashes.
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
😈
👺
RailYatri Database
In approximately December 2022, the Indian train ticket platform RailYatri suffered a data breach that included 31 million entries. The attack led to the exposure of data including Email addresses, Full names, Genders, Phone numbers and Locations.
Compromised data: Email addresses, Full names, Genders, Phone numbers, Locations
👺
RailYatri Database
In approximately December 2022, the Indian train ticket platform RailYatri suffered a data breach that included 31 million entries. The attack led to the exposure of data including Email addresses, Full names, Genders, Phone numbers and Locations.
Compromised data: Email addresses, Full names, Genders, Phone numbers, Locations
👺
😈
Weee! Database
n approximately February 2023, the Asian and Hispanic food delivery service Weee! suffered a data breach. The attack led to the exposure of data including Full names, Email addresses, Phone numbers, Device types and Order notes (Where to leave the Order, Apartment codes etc). In total, 11.3 million orders were affected and 1,117,405 unique Email addresses were present in the data.
Compromised data: Full names, Email addresses, Phone numbers, Device types, Order Notes
😈
Weee! Database
n approximately February 2023, the Asian and Hispanic food delivery service Weee! suffered a data breach. The attack led to the exposure of data including Full names, Email addresses, Phone numbers, Device types and Order notes (Where to leave the Order, Apartment codes etc). In total, 11.3 million orders were affected and 1,117,405 unique Email addresses were present in the data.
Compromised data: Full names, Email addresses, Phone numbers, Device types, Order Notes
😈
😈
Instant Checkmate & TruthFinder Database
In April 2019, the the public record search services Instant Checkmate & TruthFinder (Owned by PeopleConnect) suffered a data breach that impacted 20.2 million users. The attack led to the exposure of data including Email addresses, Full names, Phone numbers and Passwords stored as scrypt hashes (possibly).
Compromised data: Email addresses, Full names, Phone numbers, Passwords
😈
Instant Checkmate & TruthFinder Database
In April 2019, the the public record search services Instant Checkmate & TruthFinder (Owned by PeopleConnect) suffered a data breach that impacted 20.2 million users. The attack led to the exposure of data including Email addresses, Full names, Phone numbers and Passwords stored as scrypt hashes (possibly).
Compromised data: Email addresses, Full names, Phone numbers, Passwords
😈
👽
Latest Pilot Jobs Database
In approximately September 2022, the Service for pilots to find jobs known as "Latest Pilot Jobs" suffered a data breach. The leak led to the exposure of data including Usernames, Email addresses, Full names and Passwords stored as MD5 hashes. In total, 127k users were affected.
Compromised data: Usernames, Email addresses, Full names, Passwords
❄️
Latest Pilot Jobs Database
In approximately September 2022, the Service for pilots to find jobs known as "Latest Pilot Jobs" suffered a data breach. The leak led to the exposure of data including Usernames, Email addresses, Full names and Passwords stored as MD5 hashes. In total, 127k users were affected.
Compromised data: Usernames, Email addresses, Full names, Passwords
❄️
👽
Stayful Database
In approximately January 2016, the Hotel booking website known as Stayful suffered a data breach that impacted 183k users. The leak led to the exposure of data including Usernames, Full names, Phone numbers, Email addresses, Locations and Passwords stored as SHA-256 hashes.
Compromised data: Usernames, Full names, Phone numbers, Email addresses, Locations, Passwords
❄️
Stayful Database
In approximately January 2016, the Hotel booking website known as Stayful suffered a data breach that impacted 183k users. The leak led to the exposure of data including Usernames, Full names, Phone numbers, Email addresses, Locations and Passwords stored as SHA-256 hashes.
Compromised data: Usernames, Full names, Phone numbers, Email addresses, Locations, Passwords
❄️