Array ( [name] => Have I Been Pwned (HIBP) Bridge [uri] => https://haveibeenpwned.com [icon] => https://haveibeenpwned.com/favicon.ico [donationUri] => [items] => Array ( [0] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#LeSlipFrancais [title] => Le Slip Français - 1,495,127 breached accounts [timestamp] => 1712959200 [author] => [content] =>

In April 2024, the French underwear maker Le Slip Français suffered a data breach. The breach included 1.5M email addresses, physical addresses, names and phone numbers.

Breach date: 13 April 2024
Date added to HIBP: 18 April 2024
Compromised accounts: 1,495,127
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 160d9b4e21c831f57f5e178d8abfa97eb1ba1e23 ) [1] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#SalvadoranCitizens [title] => Salvadoran Citizens - 946,989 breached accounts [timestamp] => 1712008800 [author] => [content] =>

In April 2024, nearly 6 million records of Salvadoran citizens were published to a popular hacking forum. The data included names, dates of birth, phone numbers, physical addresses and nearly 1M unique email addresses. Further, over 5M corresponding profile photos were also included in the breach.

Breach date: 2 April 2024
Date added to HIBP: 11 April 2024
Compromised accounts: 946,989
Compromised data: Dates of birth, Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses, Profile photos
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => c75ddc86d95415dc545a22d1df4992b798f1349e ) [2] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Pandabuy [title] => Pandabuy - 1,348,407 breached accounts [timestamp] => 1711839600 [author] => [content] =>

In March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum. The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed to "Sanggiero" and "IntelBroker".

Breach date: 31 March 2024
Date added to HIBP: 1 April 2024
Compromised accounts: 1,348,407
Compromised data: Email addresses, IP addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 20967ab784395ad90a5407219eb8b3d96a340570 ) [3] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#boAt [title] => boAt - 7,528,985 breached accounts [timestamp] => 1711321200 [author] => [content] =>

In March 2024, the Indian audio and wearables brand boAt suffered a data breach that exposed 7.5M customer records. The data included physical and email address, names and phone numbers, all of which were subsequently published to a popular clear web hacking forum.

Breach date: 25 March 2024
Date added to HIBP: 8 April 2024
Compromised accounts: 7,528,985
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 46c3c817f6916f47a2dd35289f28335c9165b1b2 ) [4] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#KasperskyClub [title] => Kaspersky Club - 55,971 breached accounts [timestamp] => 1711234800 [author] => [content] =>

In March 2024, the independent fan forum Kaspersky Club suffered a data breach. The incident exposed 56k unique email addresses alongside usernames, IP addresses and passwords stored as either MD5 or bcrypt hashes.

Breach date: 24 March 2024
Date added to HIBP: 9 April 2024
Compromised accounts: 55,971
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => aa02a87d216379bcf74269d1af1041194d28c35c ) [5] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#ECB [title] => England Cricket - 43,299 breached accounts [timestamp] => 1711148400 [author] => [content] =>

In March 2024, English Cricket's icoachcricket website suffered a data breach that exposed over 40k records. The data included email addresses and passwords stored as either bcrypt hashes, salted MD5 hashes or both. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".

Breach date: 23 March 2024
Date added to HIBP: 29 March 2024
Compromised accounts: 43,299
Compromised data: Email addresses, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 601f2e6dfccb9827ca507e4f4f4f72b0a822f61d ) [6] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#GiantTiger [title] => Giant Tiger - 2,842,669 breached accounts [timestamp] => 1709506800 [author] => [content] =>

In March 2024, Canadian discount store Giant Tiger suffered a data breach that exposed 2.8M customer records. Attributed to a vendor of the retailer, the breach included physical and email addresses, names and phone numbers.

Breach date: 4 March 2024
Date added to HIBP: 13 April 2024
Compromised accounts: 2,842,669
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 54c1d6431cd7ce1c4dd60b47f759a392d749c483 ) [7] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#WoTLabs [title] => WoTLabs - 21,994 breached accounts [timestamp] => 1709420400 [author] => [content] =>

In March 2024, WoTLabs (World of Tanks Statistics and Resources) suffered a data breach and website defacement attributed to "chromebook breachers". The breach exposed 22k forum members' personal data including email and IP addresses, usernames, dates of birth and time zones.

Breach date: 3 March 2024
Date added to HIBP: 7 March 2024
Compromised accounts: 21,994
Compromised data: Dates of birth, Email addresses, IP addresses, Time zones, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => c35c65342e6a5e4bc09b8f03782baa0de46e6e31 ) [8] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MrGreenGaming [title] => Mr. Green Gaming - 27,123 breached accounts [timestamp] => 1709247600 [author] => [content] =>

In March 2024, the online games community Mr. Green Gaming suffered a data breach that exposed 27k user records. Acknowledged on their Discord server, the incident exposed email and IP addresses, usernames, geographic locations and dates of birth.

Breach date: 1 March 2024
Date added to HIBP: 3 March 2024
Compromised accounts: 27,123
Compromised data: Dates of birth, Email addresses, Geographic locations, IP addresses, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b904b87b5765436994a976d091c5245a50ba6816 ) [9] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#CutoutPro [title] => Cutout.Pro - 19,972,829 breached accounts [timestamp] => 1708902000 [author] => [content] =>

In February 2024, the AI-powered visual design platform Cutout.Pro suffered a data breach that exposed 20M records. The data included email and IP addresses, names and salted MD5 password hashes which were subsequently broadly distributed on a popular hacking forum and Telegram channels.

Breach date: 26 February 2024
Date added to HIBP: 28 February 2024
Compromised accounts: 19,972,829
Compromised data: Email addresses, IP addresses, Names, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 9570517c89b9c87d57d89be3638208d9586eb721 ) [10] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Tangerine [title] => Tangerine - 243,462 breached accounts [timestamp] => 1708210800 [author] => [content] =>

In February 2024, the Australian Telco Tangerine suffered a data breach that exposed over 200k customer records. Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process involves sending a one-time password after entering an email address and phone number, it previously used a traditional password which was also exposed as a bcrypt hash.

Breach date: 18 February 2024
Date added to HIBP: 28 February 2024
Compromised accounts: 243,462
Compromised data: Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses, Salutations
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 540da3c8235d6a0dd4fb058287e70d93a6ac769f ) [11] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#SurveyLama [title] => SurveyLama - 4,426,879 breached accounts [timestamp] => 1706742000 [author] => [content] =>

In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already "notified the users by email".

Breach date: 1 February 2024
Date added to HIBP: 3 April 2024
Compromised accounts: 4,426,879
Compromised data: Dates of birth, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 1c4e2592afc5e6d7342c1138216bc108d68a0f98 ) [12] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Spoutible [title] => Spoutible - 207,114 breached accounts [timestamp] => 1706655600 [author] => [content] =>

In January 2024, Spoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information. The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes. The incident also exposed 2FA secrets and backup codes along with password reset tokens.

Breach date: 31 January 2024
Date added to HIBP: 5 February 2024
Compromised accounts: 207,114
Compromised data: Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 29d6afbd3a5eb4d9f239c3667d2baac02e26abdc ) [13] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Trello [title] => Trello - 15,111,945 breached accounts [timestamp] => 1705359600 [author] => [content] =>

In January 2024, data was scraped from Trello and posted for sale on a popular hacking forum. Containing over 15M email addresses, names and usernames, the data was obtained by enumerating a publicly accessible resource using email addresses from previous breach corpuses. Trello advised that no unauthorised access had occurred.

Breach date: 16 January 2024
Date added to HIBP: 22 January 2024
Compromised accounts: 15,111,945
Compromised data: Email addresses, Names, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 529d4b689189ab5e94c021dc451c9ac7a4b08365 ) [14] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Hathway [title] => Hathway - 4,670,080 breached accounts [timestamp] => 1702767600 [author] => [content] =>

In December 2023, hundreds of gigabytes of data allegedly taken from Indian ISP and digital TV provider Hathway appeared on a popular hacking website. The incident exposed extensive personal information including 4.7M unique email addresses along with names, physical and IP addresses, phone numbers, password hashes and support ticket logs.

Breach date: 17 December 2023
Date added to HIBP: 12 January 2024
Compromised accounts: 4,670,080
Compromised data: Device information, Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Salutations, Support tickets
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e7a80defa3e9a81809c83f04e3070b6c1fffda58 ) [15] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#InflateVids [title] => InflateVids - 13,405 breached accounts [timestamp] => 1702335600 [author] => [content] =>

In December 2023, the inflatable and balloon fetish videos website InflateVids suffered a data breach. The incident exposed over 13k unique email addresses alongside usernames, IP addresses, genders and SHA-1 password hashes.

Sensitive breach, not publicly searchable.

Breach date: 12 December 2023
Date added to HIBP: 12 December 2023
Compromised accounts: 13,405
Compromised data: Email addresses, Genders, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 4bf09f10133fa11336ab0bd2ff8b7dab8efe4ed9 ) [16] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#KitchenPal [title] => KitchenPal - 98,726 breached accounts [timestamp] => 1699916400 [author] => [content] =>

In November 2023, the kitchen management application KitchenPal suffered a data breach that exposed 146k lines of data. When contacted about the incident, KitchenPal advised the corpus of data came from a staging environment, although acknowledged it contained a small number of users for debugging purposes and included passwords that could not be used. Impacted data included almost 100k email addresses, names, geolocations and incomplete data on dates of birth, genders, height and weight, social media profile identifiers and bcrypt password hashes.

Breach date: 14 November 2023
Date added to HIBP: 24 November 2023
Compromised accounts: 98,726
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, Names, Passwords, Physical attributes, Social media profiles
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 008ddff65ecaf0af8b3386c7ea21336cb01bebdf ) [17] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Chess [title] => Chess - 827,620 breached accounts [timestamp] => 1699398000 [author] => [content] =>

In November 2023, over 800k user records were scraped from the Chess website and posted to a popular hacking forum. The data included email address, name, username and the geographic location of the user.

Breach date: 8 November 2023
Date added to HIBP: 10 November 2023
Compromised accounts: 827,620
Compromised data: Email addresses, Geographic locations, Names, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => f95715a82ba2ac165ce98e7d79fe429b61e29fd9 ) [18] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#LinkedInScrape2023 [title] => LinkedIn Scraped and Faked Data (2023) - 19,788,753 breached accounts [timestamp] => 1699052400 [author] => [content] =>

In November 2023, a post to a popular hacking forum alleged that millions of LinkedIn records had been scraped and leaked. On investigation, the data turned out to be a combination of legitimate data scraped from LinkedIn and email addresses constructed from impacted individuals' names.

Spam list, used for spam marketing.

Breach date: 4 November 2023
Date added to HIBP: 7 November 2023
Compromised accounts: 19,788,753
Compromised data: Email addresses, Genders, Geographic locations, Job titles, Names, Professional skills, Social media profiles
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e11086313331ae3cadcfbfadc2a0687964921a96 ) [19] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Toumei [title] => Toumei - 76,682 breached accounts [timestamp] => 1697580000 [author] => [content] =>

In October 2023, the Japanese consultancy firm Toumei suffered a data breach. The breach exposed over 100M lines and 10GB of data including 77k unique email addresses along with names, phone numbers and physical addresses.

Breach date: 18 October 2023
Date added to HIBP: 27 October 2023
Compromised accounts: 76,682
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 7127ab3cc80fd9a8cb2bf4a7d7cd34025d238a2d ) [20] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#FacebookMarketplace [title] => Facebook Marketplace - 77,267 breached accounts [timestamp] => 1696111200 [author] => [content] =>

In February 2024, 200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations. The data also contained bcrypt password hashes, although there is no indication these belong to the corresponding Facebook accounts.

Breach date: 1 October 2023
Date added to HIBP: 22 February 2024
Compromised accounts: 77,267
Compromised data: Email addresses, Geographic locations, Names, Passwords, Phone numbers, Social media profiles
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 1dfc468828641d82ce808abcd3ac54a42002848c ) [21] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#NazApi [title] => Naz.API - 70,840,771 breached accounts [timestamp] => 1695160800 [author] => [content] =>

In September 2023, over 100GB of stealer logs and credential stuffing lists titled "Naz.API" was posted to a popular hacking forum. The incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairs obtained from unnamed sources. In total, the corpus of data included 71M unique email addresses and 100M unique passwords.

Breach date: 20 September 2023
Date added to HIBP: 17 January 2024
Compromised accounts: 70,840,771
Compromised data: Email addresses, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e9befc8781624354a7b851dfa72a98c606549c9e ) [22] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Sphero [title] => Sphero - 832,255 breached accounts [timestamp] => 1694210400 [author] => [content] =>

In September 2023, over 1M rows of data from the educational robots company Sphero was posted to a popular hacking forum. The data contained 832k unique email addresses alongside names, usernames, dates of birth and geographic locations.

Breach date: 9 September 2023
Date added to HIBP: 20 October 2023
Compromised accounts: 832,255
Compromised data: Dates of birth, Email addresses, Geographic locations, Names, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b6186510d0422d1532bdcdfad82c9449aac7c51e ) [23] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Qakbot [title] => Qakbot - 6,431,319 breached accounts [timestamp] => 1693260000 [author] => [content] =>

In August 2023, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. After the takedown, 6.43M email addresses were provided to HIBP to help notify victims of the malware.

Sensitive breach, not publicly searchable.
Malware breach.

Breach date: 29 August 2023
Date added to HIBP: 29 August 2023
Compromised accounts: 6,431,319
Compromised data: Email addresses, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 6b7dc9c41402cc4060184d461bb086d2b2df2c64 ) [24] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#PlayCyberGames [title] => PlayCyberGames - 3,681,753 breached accounts [timestamp] => 1691532000 [author] => [content] =>

In August 2023, PlayCyberGames which "allows users to play any games with LAN function or games using IP address" suffered a data breach which exposed 3.7M customer records. The data included email addresses, usernames and MD5 password hashes with a constant value in the "salt" field. PlayCyberGames did not respond to multiple attempts to disclose the breach.

Breach date: 9 August 2023
Date added to HIBP: 31 August 2023
Compromised accounts: 3,681,753
Compromised data: Email addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => cece6a27e759afc854c47b2030989acb4da5cc60 ) [25] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MagicDuel [title] => MagicDuel - 138,443 breached accounts [timestamp] => 1690927200 [author] => [content] =>

In August 2023, the MagicDuel Adventure website suffered a data breach that exposed 138k user records. The data included player names, email and IP addresses and bcrypt password hashes.

Breach date: 2 August 2023
Date added to HIBP: 3 August 2023
Compromised accounts: 138,443
Compromised data: Email addresses, IP addresses, Nicknames, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 2e31c78ef34cddbc28d9681b84a5e0caec0165f4 ) [26] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#ManipulatedCaiman [title] => Manipulated Caiman - 39,901,389 breached accounts [timestamp] => 1689458400 [author] => [content] =>

In July 2023, Perception Point reported on a phishing operation dubbed "Manipulated Caiman". Targeting primarily the citizens of Mexico, the campaign attempted to gain access to victims' bank accounts via spear phishing attacks using malicious attachments. Researchers obtained almost 40M email addresses targeted in the campaign and provided the data to HIBP to alert potential victims.

Spam list, used for spam marketing.

Breach date: 16 July 2023
Date added to HIBP: 15 August 2023
Compromised accounts: 39,901,389
Compromised data: Email addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => a22c77c95fff1db52a9cd5f62d7b8d867bbe6807 ) [27] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Rightbiz [title] => Rightbiz - 65,376 breached accounts [timestamp] => 1688853600 [author] => [content] =>

In June 2023, data belonging to the "UK's No.1 Business Marketplace" Rightbiz appeared on a popular hacking forum. Comprising of more than 18M rows of data, the breach included 65k unique email addresses along with names, phone numbers and physical address. Rightbiz didn't respond to mulitple attempts to disclose the incident. The data was provided to HIBP by a source who requested it be attributed to "https://discord.gg/gN9C9em".

Breach date: 9 July 2023
Date added to HIBP: 11 August 2023
Compromised accounts: 65,376
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 13865346e9bcd4b83411251d84b9cce3ba012167 ) [28] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Dymocks [title] => Dymocks - 836,120 breached accounts [timestamp] => 1687212000 [author] => [content] =>

In September 2023, the Australian book retailer Dymocks announced a data breach. The data dated back to June 2023 and contained 1.2M records with 836k unique email addresses. The breach also exposed names, dates of birth, genders, phone numbers and physical addresses.

Breach date: 20 June 2023
Date added to HIBP: 8 September 2023
Compromised accounts: 836,120
Compromised data: Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 65432fc13eddf755b69574f4b847a6e56022ef3e ) [29] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#BreachForumsClone [title] => BreachForums Clone - 4,204 breached accounts [timestamp] => 1686952800 [author] => [content] =>

In June 2023, a clone of the previously shuttered popular hacking forum "BreachForums" suffered a data breach that exposed over 4k records. The breach was due to an exposed backup of the MyBB database which included email and IP addresses, usernames and Argon2 password hashes.

Breach date: 17 June 2023
Date added to HIBP: 25 June 2023
Compromised accounts: 4,204
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 544ad2b2227a4f3d362f7d5cfef27dfdcc69f7d6 ) [30] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#JDGroup [title] => JD Group - 521,878 breached accounts [timestamp] => 1685484000 [author] => [content] =>

In May 2023, the South African retailer JD Group announced a data breach affecting a number of their online assets including Bradlows, Everyshop, HiFi Corp, Incredible (Connection), Rochester, Russells, and Sleepmasters. The breach exposed over 520k unique customer records including names, email and physical addresses, phone numbers and South African ID numbers.

Breach date: 31 May 2023
Date added to HIBP: 5 June 2023
Compromised accounts: 521,878
Compromised data: Email addresses, Government issued IDs, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => bb2b1dca88aee94d6645c6d05996285663711364 ) [31] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#PolishCredentials [title] => Polish Credentials - 1,204,870 breached accounts [timestamp] => 1685311200 [author] => [content] =>

In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum. Likely obtained by malware running on victims' machines, each record included an email address and plain text password alongside the website the credentials were used on. The data included 1.2M unique email addresses.

Breach date: 29 May 2023
Date added to HIBP: 31 May 2023
Compromised accounts: 1,204,870
Compromised data: Email addresses, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 6d4085d1cd98d1c79ba24f0115f57424c5f5b9ad ) [32] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Jobzone [title] => Jobzone - 29,708 breached accounts [timestamp] => 1681509600 [author] => [content] =>

In April 2023, data from the Israeli jobs website Jobzone was posted online. The data included 30k records of email addresses, names, social security numbers, genders, dates of birth, fathers' names and physical addresses.

Breach date: 15 April 2023
Date added to HIBP: 15 August 2023
Compromised accounts: 29,708
Compromised data: Dates of birth, Email addresses, Family members' names, Genders, Government issued IDs, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 49e3eab25ab8f4f00b5a564cad54779439958826 ) [33] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#RentoMojo [title] => RentoMojo - 2,185,697 breached accounts [timestamp] => 1681509600 [author] => [content] =>

In April 2023, the Indian rental service RentoMojo suffered a data breach. The breach exposed over 2M unique email addresses along with names, phone, passport and Aadhaar numbers, genders, dates of birth, purchases and bcrypt password hashes.

Breach date: 15 April 2023
Date added to HIBP: 11 May 2023
Compromised accounts: 2,185,697
Compromised data: Dates of birth, Email addresses, Genders, Government issued IDs, Names, Passport numbers, Passwords, Phone numbers, Purchases, Social media profiles
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => ac525c830cdf94799a9ea4f749bf108558fdba15 ) [34] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#GenesisMarket [title] => Genesis Market - 8,000,000 breached accounts [timestamp] => 1680645600 [author] => [content] =>

In April 2023, the stolen identity marketplace Genesis Market was shut down by the FBI and a coalition of law enforcement agencies across the globe in "Operation Cookie Monster". The service traded in "browser fingerprints" which enabled criminals to impersonate victims and access their online services. As many of the impacted accounts did not include email addresses, "8M" is merely an approximation intended to indicate scale. Other personal data compromised by the service included names, addresses and credit card information, although not all individuals had each of these fields exposed.

Sensitive breach, not publicly searchable.

Breach date: 5 April 2023
Date added to HIBP: 5 April 2023
Compromised accounts: 8,000,000
Compromised data: Browser user agent details, Credit card CVV, Credit cards, Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 3e36587d771b1c14fa9d3d499cbcc23bfe229b18 ) [35] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Tigo [title] => Tigo - 700,394 breached accounts [timestamp] => 1680213600 [author] => [content] =>

In Mid-2023, 300GB of data containing over 100M records from the Chinese video chat platform "Tigo" dating back to March that year was discovered. The data contained over 700k unique names, usernames, email and IP addresses, genders, profile photos and private messages. Tigo did not respond to multiple attempts to disclose the incident.

Breach date: 31 March 2023
Date added to HIBP: 25 July 2023
Compromised accounts: 700,394
Compromised data: Device information, Email addresses, Genders, Geographic locations, IP addresses, Names, Private messages, Profile photos, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 1c8dfb4cdd5ea1808c700a786d249905dd1babd2 ) [36] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MediaWorks [title] => MediaWorks - 162,710 breached accounts [timestamp] => 1678834800 [author] => [content] =>

In March 2024, millions of rows of data from the New Zealand media company MediaWorks was publicly posted to a popular hacking forum. The incident exposed 163k unique email addresses provided by visitors who filled out online competitions and included names, physical addresses, phone numbers, dates of birth, genders and the responses to questions in the competition. Some victims of the breach subsequently received ransom demands requesting payment to have their data deleted.

Breach date: 15 March 2023
Date added to HIBP: 22 March 2024
Compromised accounts: 162,710
Compromised data: Dates of birth, Email addresses, Genders, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 856410b05dc79395aadaa29fd96d0b1a8aeca5e7 ) [37] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#DCHealth [title] => DC Health Link - 48,145 breached accounts [timestamp] => 1678057200 [author] => [content] =>

In March 2023, DC Health Link discovered a data breach that was later publicly posted to a popular data breach forum. The impacted data included 48k unique email addresses alongside names, genders, dates of birth, home addresses, phone numbers and social security numbers. The data was provided to HIBP by a source who requested it be attributed to "Aegis" and "IntelBroker".

Sensitive breach, not publicly searchable.

Breach date: 6 March 2023
Date added to HIBP: 14 December 2023
Compromised accounts: 48,145
Compromised data: Citizenship statuses, Dates of birth, Email addresses, Employers, Ethnicities, Genders, Names, Phone numbers, Physical addresses, Purchases, Social security numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 3803774857c9a5e17986f6d0edbb96c4e4648150 ) [38] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#CityJerks [title] => CityJerks - 177,554 breached accounts [timestamp] => 1677452400 [author] => [content] =>

In early 2023, the "mutual masturbation" website CityJerks suffered a data breach that exposed 177k unique email addresses. The breach also included data from the TruckerSucker "dating app for REAL TRUCKERS and REAL MEN" with the combined corpus of data also exposing usernames, IP addresses, dates of birth, sexual orientations, geo locations, private messages between members and passwords stored as salted MD5 hashes. The data was listed on a public hacking site and provided to HIBP by a source who requested it be attributed to "discord.gg/gN9C9em".

Sensitive breach, not publicly searchable.

Breach date: 27 February 2023
Date added to HIBP: 27 April 2023
Compromised accounts: 177,554
Compromised data: Bios, Dates of birth, Email addresses, Geographic locations, IP addresses, Passwords, Private messages, Profile photos, Sexual orientations, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b2e73c441958d973e9534d07b47010380274b843 ) [39] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#TheGradCafe [title] => TheGradCafe - 310,975 breached accounts [timestamp] => 1677366000 [author] => [content] =>

In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.

Breach date: 26 February 2023
Date added to HIBP: 24 March 2023
Compromised accounts: 310,975
Compromised data: Email addresses, Genders, Geographic locations, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 4fb77a9988709b79ed15b7c696377f0395182a95 ) [40] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#CERTPolandPhish [title] => Phished Data via CERT Poland - 67,943 breached accounts [timestamp] => 1677279600 [author] => [content] =>

In August 2023, CERT Poland observed a phishing campaign that collected credentials from 68k victims. The campaign collected email addresses and passwords via a phishing email masquerading as a purchase order confirmation. CERT Poland identified a further 202 other phishing campaigns operating on the same C2 server, which has now been dismantled.

Breach date: 25 February 2023
Date added to HIBP: 31 August 2023
Compromised accounts: 67,943
Compromised data: Email addresses, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 8603e26b573597f110e546f3d2d9fea08dcf5c0c ) [41] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#HDBFinancialServices [title] => HDB Financial Services - 1,658,750 breached accounts [timestamp] => 1677020400 [author] => [content] =>

In March 2023, the Indian non-bank lending unit HDB Financial Services suffered a data breach that disclosed over 70M customer records. Containing 1.6M unique email addresses, the breach also disclosed names, dates of birth, phone numbers, genders, post codes and loan information belonging to the customers.

Breach date: 22 February 2023
Date added to HIBP: 11 March 2023
Compromised accounts: 1,658,750
Compromised data: Dates of birth, Email addresses, Genders, Geographic locations, Loan information, Names, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 27f5e309a9d374872bc0bd4d4adfe4511e8d2502 ) [42] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#KodiFoundation [title] => The Kodi Foundation - 400,635 breached accounts [timestamp] => 1676502000 [author] => [content] =>

In February 2023, The Kodi Foundation suffered a data breach that exposed more than 400k user records. Attributed to an account belonging to "a trusted but currently inactive member of the forum admin team", the breach involved the administrator account creating a database backup that was subsequently downloaded before being sold on a hacking forum. The breach exposed email and IP addresses, usernames, genders and passwords stored as MyBB salted hashes. The Kodi Foundation elected to self-submit impacted email addresses to HIBP.

Breach date: 16 February 2023
Date added to HIBP: 13 April 2023
Compromised accounts: 400,635
Compromised data: Browser user agent details, Dates of birth, Email addresses, IP addresses, Passwords, Private messages, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 36f45f22a0f372a615c5683b17d3d3104d8f469d ) [43] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Convex [title] => Convex - 150,129 breached accounts [timestamp] => 1675206000 [author] => [content] =>

In February 2023, the Russian telecommunications provider Convex was hacked by "Anonymous" who subsequently released 128GB of data publicly, alleging it revealed illegal government surveillance. The leaked data contained 150k unique email, IP and physical addresses, names and phone numbers.

Breach date: 1 February 2023
Date added to HIBP: 26 February 2023
Compromised accounts: 150,129
Compromised data: Email addresses, IP addresses, Names, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => a6e3e24822b034bcb54e5ef3404bde147ac2c37c ) [44] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Terravision [title] => Terravision - 2,075,625 breached accounts [timestamp] => 1675206000 [author] => [content] =>

In February 2023, the European airport transfers service Terravision suffered a data breach. The breach exposed over 2M records of customer data including names, phone numbers, email addresses, salted password hashes and in some cases, date of birth and country of origin. Terravision did not respond to multiple attempts by individuals period over a period of months to report the incident.

Breach date: 1 February 2023
Date added to HIBP: 23 April 2023
Compromised accounts: 2,075,625
Compromised data: Dates of birth, Email addresses, Geographic locations, Names, Passwords, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b06475d30081d5d49497b74a86b86307db5d3f0f ) [45] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Eye4Fraud [title] => Eye4Fraud - 16,000,591 breached accounts [timestamp] => 1674601200 [author] => [content] =>

In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who'd placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.

Breach date: 25 January 2023
Date added to HIBP: 6 March 2023
Compromised accounts: 16,000,591
Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Passwords, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 5e5c1f51f527b5b58d84e27c9600de70edb085d1 ) [46] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Duolingo [title] => Duolingo - 2,676,696 breached accounts [timestamp] => 1674514800 [author] => [content] =>

In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points), and other data related to learning progress on Duolingo. Whilst some of the data attributes are intentionally public, the ability to map private email addresses to them presents an ongoing risk to user privacy.

Breach date: 24 January 2023
Date added to HIBP: 23 August 2023
Compromised accounts: 2,676,696
Compromised data: Email addresses, Names, Spoken languages, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 15b10c3484b118fb419deb8e97938a97f04d4c84 ) [47] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#SchoolDistrict42 [title] => School District 42 - 18,850 breached accounts [timestamp] => 1673737200 [author] => [content] =>

In January 2023, Pitt Meadows School District 42 in British Columbia suffered a data breach. The incident exposed the names and email addresses of approximately 19k students and staff which were consequently redistributed on a popular hacking forum.

Breach date: 15 January 2023
Date added to HIBP: 2 February 2023
Compromised accounts: 18,850
Compromised data: Email addresses, Names
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => d7dbdcd869f7eaba810a5d6b42211150e1b8e86a ) [48] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#PlanetIce [title] => Planet Ice - 240,488 breached accounts [timestamp] => 1673650800 [author] => [content] =>

In January 2023, the UK-based ice skating rink booking service Planet Ice suffered a data breach. The incident exposed the personal data of 240k people including email and physical addresses, phone numbers, genders, dates of birth and passwords stored as MD5 hashes. The data also included the names, genders and dates of birth of children having parties.

Breach date: 14 January 2023
Date added to HIBP: 31 January 2023
Compromised accounts: 240,488
Compromised data: Dates of birth, Email addresses, Genders, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 440421b6619a0aac657c71c8c98edad1242bc7e4 ) [49] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Zurich [title] => Zurich - 756,737 breached accounts [timestamp] => 1673132400 [author] => [content] =>

In January 2023, the Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".

Breach date: 8 January 2023
Date added to HIBP: 22 January 2023
Compromised accounts: 756,737
Compromised data: Dates of birth, Email addresses, Genders, Names, Vehicle details
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => be1ac363913afba07be684e70dcbb7b7dcfd2ba1 ) [50] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Autotrader [title] => Autotrader - 20,032 breached accounts [timestamp] => 1672959600 [author] => [content] =>

In January 2023, 1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum. Autotrader stated that the "data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods". The data contained 20k unique email addresses alongside physical addresses and phone numbers of dealers and vehicle details including VIN numbers. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker".

Breach date: 6 January 2023
Date added to HIBP: 23 January 2023
Compromised accounts: 20,032
Compromised data: Email addresses, Phone numbers, Physical addresses, Vehicle details, Vehicle identification numbers (VINs)
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 9584fb5fa6d888963617dd86a7fbe498e4547a97 ) [51] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#iDTech [title] => iD Tech - 415,121 breached accounts [timestamp] => 1672700400 [author] => [content] =>

In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month. iD Tech did not respond to multiple attempts to report the incident.

Breach date: 3 January 2023
Date added to HIBP: 6 March 2023
Compromised accounts: 415,121
Compromised data: Dates of birth, Email addresses, Names, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 6b216ae4674c86896fe66881570272b7e080e6f5 ) [52] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#RailYatri [title] => RailYatri - 23,209,732 breached accounts [timestamp] => 1672009200 [author] => [content] =>

In December 2022, India’s government-approved online travel agency RailYatri suffered a data breach. The incident impacted over 31M customers and exposed 23M unique email addresses. Also impacted were names, genders, phone numbers and tickets purchased, including travel information and fares.

Breach date: 26 December 2022
Date added to HIBP: 5 December 2023
Compromised accounts: 23,209,732
Compromised data: Email addresses, Genders, Names, Phone numbers, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 18c57bf3d80f325cc3f128802cdd7441beed0122 ) [53] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Gemini [title] => Gemini - 5,274,214 breached accounts [timestamp] => 1670886000 [author] => [content] =>

In late 2022, data allegedly taken from the Gemini crypto exchange was posted to a public hacking forum. The data consisted of email addresses and partial phone numbers, which Gemini later attributed to an incident at a third-party vendor (the vendor was not named). The data was provided to HIBP by a source who requested it be attributed to "ZAN @ BF".

Breach date: 13 December 2022
Date added to HIBP: 16 December 2022
Compromised accounts: 5,274,214
Compromised data: Email addresses, Partial phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => ddba2c9277cd909b2d4fac91a3cc754a462c7a90 ) [54] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#SevenRooms [title] => SevenRooms - 1,205,385 breached accounts [timestamp] => 1670713200 [author] => [content] =>

In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum. The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unauthorised access of "a file transfer interface of a third-party vendor".

Breach date: 11 December 2022
Date added to HIBP: 24 August 2023
Compromised accounts: 1,205,385
Compromised data: Email addresses, Names, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 8f2a75e8f7075aa6fdec6007607ba2df88d56216 ) [55] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Activision [title] => Activision - 16,006 breached accounts [timestamp] => 1670108400 [author] => [content] =>

In December 2022, attackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee. Activision advised that no sensitive employee information was included in the breach.

Breach date: 4 December 2022
Date added to HIBP: 3 October 2023
Compromised accounts: 16,006
Compromised data: Email addresses, Geographic locations, Job titles, Names, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 1432004c1c98c55031c1251cd299ae76b11cdd6d ) [56] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#GunAuction [title] => GunAuction.com - 565,470 breached accounts [timestamp] => 1670022000 [author] => [content] =>

In December 2022, the online firearms auction website GunAuction.com suffered a data breach which was later discovered left unprotected on the hacker's server. The data included over 565k user records with extensive personal data including email, IP and physical addresses, names, phone numbers, genders, years of birth, credit card type and passwords stored in plain text. The leaked identities could subsequently be matched to firearms listed for sale on the website.

Breach date: 3 December 2022
Date added to HIBP: 2 March 2023
Compromised accounts: 565,470
Compromised data: Browser user agent details, Email addresses, Genders, IP addresses, Partial credit card data, Partial dates of birth, Passwords, Phone numbers, Physical addresses, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 180d2b3ffcf708ea5fc73c3a285f47a71347264e ) [57] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#CoinTracker [title] => CoinTracker - 1,557,153 breached accounts [timestamp] => 1669849200 [author] => [content] =>

In December 2022, the Crypto & NFT taxes service CoinTracker reported a data breach that impacted over 1.5M of their customers. The company later attributed the breach to a compromise SendGrid in an attack that targeted multiple customers of the email provider. The breach exposed email addresses and partially redacted phone numbers, with CoinTracker advising that the later did not originate from their service.

Breach date: 1 December 2022
Date added to HIBP: 12 December 2022
Compromised accounts: 1,557,153
Compromised data: Email addresses, Partial phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 14c6e840faa1dd5e6147af9ef1121f7ce9d1e2d8 ) [58] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#BreachForums [title] => BreachForums - 212,156 breached accounts [timestamp] => 1669676400 [author] => [content] =>

In November 2022, the well-known hacking forum "BreachForums" was itself, breached. Later the following year, the operator of the website was arrested and the site seized by law enforcement agencies. The breach exposed 212k records including usernames, IP and email addresses, private messages between site members and passwords stored as argon2 hashes. The data was provided to HIBP by a source who requested it be attributed to "breached_db_person".

Breach date: 29 November 2022
Date added to HIBP: 26 July 2023
Compromised accounts: 212,156
Compromised data: Email addresses, IP addresses, Passwords, Private messages, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 8a521decb8e069f32053cbeeaae650db0d028fc1 ) [59] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MovieForums [title] => Movie Forums - 39,914 breached accounts [timestamp] => 1669244400 [author] => [content] =>

In December 2022, the Movie Forums website suffered a data breach that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking forum.

Breach date: 24 November 2022
Date added to HIBP: 8 December 2023
Compromised accounts: 39,914
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 888b9516d8af78a0a6e80387d3c39d2da284f342 ) [60] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Avito [title] => Avito - 2,721,835 breached accounts [timestamp] => 1668726000 [author] => [content] =>

In November 2022, the Moroccan e-commerce service Avito suffered a data breach that exposed the personal information of 2.7M customers. The data included name, email, phone, IP address and geographic location.

Breach date: 18 November 2022
Date added to HIBP: 14 November 2023
Compromised accounts: 2,721,835
Compromised data: Email addresses, Geographic locations, IP addresses, Names, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 6804c37854cc27b07014b291e65fdb8244489d7a ) [61] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#WashingtonStateFoodWorkerCard [title] => Washington State Food Worker Card - 1,594,305 breached accounts [timestamp] => 1668639600 [author] => [content] =>

In June 2023, the Tacoma-Pierce County Health Department announced a data breach of their Washington State Food Worker Card online training system. The breach was published to a popular hacking forum the year before and dated back to a 2018 database backup. Included in the data were 1.6M unique email addresses along with names, post codes, dates of birth and approximately 9.5k driver's licence numbers.

Breach date: 17 November 2022
Date added to HIBP: 31 March 2024
Compromised accounts: 1,594,305
Compromised data: Dates of birth, Driver's licenses, Email addresses, Geographic locations, Names
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => acdb6ff50bee2c2d36671a73a0390d17d03fe04b ) [62] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Abandonia2022 [title] => Abandonia (2022) - 919,790 breached accounts [timestamp] => 1668466800 [author] => [content] =>

In November 2022, the gaming website dedicated to classic DOS games Abandonia suffered a data breach resulting in the exposure of 920k unique user records. This breach was in addition to another one 7 years earlier in 2015. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.

Breach date: 15 November 2022
Date added to HIBP: 7 December 2022
Compromised accounts: 919,790
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 61a5d97856d57c4e71a5a1c88426fc7afb2099ef ) [63] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MyPertamina [title] => MyPertamina - 5,970,416 breached accounts [timestamp] => 1667257200 [author] => [content] =>

In November 2022, the Indonesian oil and gas company Pertamina suffered a data breach of their MyPertamina service. The incident exposed 44M records with 6M unique email addresses along with names, dates of birth, genders, physical addresses and purchases.

Breach date: 1 November 2022
Date added to HIBP: 27 January 2024
Compromised accounts: 5,970,416
Compromised data: Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 79f7b4a21c5e0dbb11d3c46e21b3b1855f8288cf ) [64] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#RealDudesInc [title] => RealDudesInc - 101,543 breached accounts [timestamp] => 1666389600 [author] => [content] =>

In October 2022, the GTA mod menu provider RealDudesInc suffered a data breach that exposed over 100k email addresses (many of which are temporary guest account addresses). The breach also included usernames and bcrypt password hashes.

Breach date: 22 October 2022
Date added to HIBP: 19 February 2023
Compromised accounts: 101,543
Compromised data: Email addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => f408aa41110ebe269e80107f7fcd50fedf88321e ) [65] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Doomworld [title] => Doomworld - 34,478 breached accounts [timestamp] => 1665525600 [author] => [content] =>

In October 2022, the Doomworld fourm suffered a data breach that exposed 34k member records. The data included email and IP addresses, usernames and bcrypt password hashes.

Breach date: 12 October 2022
Date added to HIBP: 24 October 2022
Compromised accounts: 34,478
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 8ed86b2f415438d35c2ed5c424b195686e06f566 ) [66] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Locally [title] => Locally - 362,619 breached accounts [timestamp] => 1664575200 [author] => [content] =>

In October 2022, "The Industry's Leading Online-to-Offline Shopping Solution" Locally suffered a data breach. Whilst Locally acknowledged the breach privately, it's unknown whether impacted customers were subsequently notified of the incident which exposed over 362k names, phone numbers, email and physical addresses, purchases, credit card type and last four digits and bcrypt password hashes.

Breach date: 1 October 2022
Date added to HIBP: 10 July 2023
Compromised accounts: 362,619
Compromised data: Email addresses, Partial credit card data, Passwords, Phone numbers, Physical addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e93141d83b8039749e1ed013e1831599e1264246 ) [67] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#ClickASnap [title] => ClickASnap - 3,262,980 breached accounts [timestamp] => 1663970400 [author] => [content] =>

In September 2022, the online photo sharing platform ClickASnap suffered a data breach. The incident exposed almost 3.3M personal records including email addresses, usernames and passwords stored as SHA-512 hashes. Further, a collection of paid subscriptions were also included and contained names, physical addresses and amounts paid.

Breach date: 24 September 2022
Date added to HIBP: 13 March 2024
Compromised accounts: 3,262,980
Compromised data: Email addresses, Names, Passwords, Physical addresses, Purchases, Social media profiles, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b8b788f63efaaafdafe1e4fd90d5c521859754d5 ) [68] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#OnlineTrade [title] => Online Trade (Онлайн Трейд) - 3,805,265 breached accounts [timestamp] => 1663538400 [author] => [content] =>

In September 2022, the Russian e-commerce website Online Trade (Онлайн Трейд) suffered a data breach that exposed 3.8M customer records. The data included email and IP addresses, names, phone numbers, dates of birth and MD5 password hashes.

Breach date: 19 September 2022
Date added to HIBP: 7 March 2024
Compromised accounts: 3,805,265
Compromised data: Dates of birth, Email addresses, IP addresses, Names, Passwords, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 1361da9d6f6b0fd9b8467007a1923fec299318ae ) [69] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#GetRevengeOnYourEx [title] => Get Revenge On Your Ex - 79,195 breached accounts [timestamp] => 1662674400 [author] => [content] =>

In September 2022, the revenge website Get Revenge On Your Ex suffered a data breach that exposed almost 80k unique email addresses. The data spanned both customers and victims including names, IP and physical addresses, phone numbers, purchase histories and plain text passwords. The data was subsequently shared on a public hacking forum, Get Revenge On Your Ex did not reply when contacted.

Sensitive breach, not publicly searchable.

Breach date: 9 September 2022
Date added to HIBP: 15 November 2022
Compromised accounts: 79,195
Compromised data: Email addresses, IP addresses, Names, Passwords, Phone numbers, Physical addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 6ad10f784cf0866c6a0d35d9b1f0ea2bc1aa21a2 ) [70] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#APKTW [title] => APK.TW - 2,451,197 breached accounts [timestamp] => 1662156000 [author] => [content] =>

In September 2022, the Taiwanese Android forum APK.TW suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.5M unique email addresses along with IP addresses, usernames and salted MD5 password hashes.

Breach date: 3 September 2022
Date added to HIBP: 9 March 2024
Compromised accounts: 2,451,197
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 4e09891a927b431e897508cfbb5228fb86dc8166 ) [71] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Flipkart [title] => Flipkart - 552,094 breached accounts [timestamp] => 1662069600 [author] => [content] =>

In September 2022, over 500k customer records from the Indian e-commerce service Flipkart appeared on a popular hacking forum. The breach exposed email addresses, latitudes and longitudes, names and phone numbers.

Breach date: 2 September 2022
Date added to HIBP: 12 March 2024
Compromised accounts: 552,094
Compromised data: Email addresses, Geographic locations, Names, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => f08720c134a09b3e3b940e5f1eb649617a23790f ) [72] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Wakanim [title] => Wakanim - 6,706,951 breached accounts [timestamp] => 1661637600 [author] => [content] =>

In August 2022, the European streaming service Wakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.

Breach date: 28 August 2022
Date added to HIBP: 7 October 2022
Compromised accounts: 6,706,951
Compromised data: Browser user agent details, Email addresses, IP addresses, Names, Physical addresses, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 71aab89fe48d4193c25aedb9bd4e4f9e608a1784 ) [73] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#TAPAirPortugal [title] => TAP Air Portugal - 6,083,479 breached accounts [timestamp] => 1661378400 [author] => [content] =>

In August 2022, the Portuguese airline TAP Air Portugal was the target of a ransomware attack perpetrated by the Ragnar Locker gang who later leaked the compromised data via a public dark web site. Over 5M unique email addresses were exposed alongside other personal data including names, genders, DoBs, phone numbers and physical addresses.

Breach date: 25 August 2022
Date added to HIBP: 23 September 2022
Compromised accounts: 6,083,479
Compromised data: Dates of birth, Email addresses, Genders, Names, Nationalities, Phone numbers, Physical addresses, Salutations, Spoken languages
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e57ffdbc4957233d62d808c13ce7c9ba88eae8b7 ) [74] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#BrandNewTube [title] => Brand New Tube - 349,627 breached accounts [timestamp] => 1660428000 [author] => [content] =>

In August 2022, the streaming website Brand New Tube suffered a data breach that exposed the personal information of almost 350k subscribers. The impacted data included email and IP addresses, usernames, genders, passwords stored as unsalted SHA-1 hashes and private messages.

Breach date: 14 August 2022
Date added to HIBP: 8 September 2022
Compromised accounts: 349,627
Compromised data: Email addresses, Genders, IP addresses, Passwords, Private messages, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => a51439d5b590ce12cdaac1adc2ad5e3b3c2534ea ) [75] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#GGCorp [title] => GGCorp - 2,376,330 breached accounts [timestamp] => 1660168800 [author] => [content] =>

In August 2022, the MMORPG website GGCorp suffered a data breach that exposed almost 2.4M unique email addresses. The data also included IP addresses, usernames and MD5 password hashes.

Breach date: 11 August 2022
Date added to HIBP: 8 November 2022
Compromised accounts: 2,376,330
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => d85f8a0c4f295fabf7de43597ff6e5ab4946fa43 ) [76] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#iMenu360 [title] => iMenu360 - 3,425,860 breached accounts [timestamp] => 1660168800 [author] => [content] =>

In approximately late 2022, 3.4M customer records from iMenu360 ("The world's #1 most trusted online ordering platform") were exposed. The data appeared to be from ordering systems using the platform and contained email and physical addresses, latitudes and longitudes, names and phone numbers. Numerous attempts were made to contact iMenu360 about the incident between April and August 2023, but no response was received.

Breach date: 11 August 2022
Date added to HIBP: 17 August 2023
Compromised accounts: 3,425,860
Compromised data: Email addresses, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 7b6af665a4c342f2310ef10aecba38367f595b76 ) [77] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Shitexpress [title] => Shitexpress - 23,817 breached accounts [timestamp] => 1659909600 [author] => [content] =>

In August 2022, the online faeces delivery service Shitexpress suffered a data breach that exposed 24k unique email addresses. The addresses spanned invoices, gift cards, promotions and PayPal records. The breach also exposed the IP and email addresses of senders, physical addresses of recipients and messages accompanying the shit delivery.

Sensitive breach, not publicly searchable.

Breach date: 8 August 2022
Date added to HIBP: 17 August 2022
Compromised accounts: 23,817
Compromised data: Email addresses, IP addresses, Names, Physical addresses, Private messages, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 6af8c25e8f849895198246b3cf357c034f429b32 ) [78] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#DoorDash [title] => DoorDash - 367,476 breached accounts [timestamp] => 1659391200 [author] => [content] =>

In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed "third-party vendor" they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.

Breach date: 2 August 2022
Date added to HIBP: 7 January 2023
Compromised accounts: 367,476
Compromised data: Email addresses, Geographic locations, Names, Partial credit card data
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b9232bcea8a440cefbe4e7244931f0cae1861d5d ) [79] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Exvagos [title] => Exvagos - 2,121,789 breached accounts [timestamp] => 1658354400 [author] => [content] =>

In July 2022, the direct download website Exvagos suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and MD5 password hashes.

Breach date: 21 July 2022
Date added to HIBP: 28 March 2024
Compromised accounts: 2,121,789
Compromised data: Dates of birth, Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 3ef5e518ca5574be081fdc2aacab29ab18154154 ) [80] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Hjedd [title] => Hjedd - 13,204,029 breached accounts [timestamp] => 1658095200 [author] => [content] =>

In July 2022, the Chinese adult website Hjedd was found to be leaking more than 13M customer records which subsequently appeared on a popular hacking forum. The exposed data included email and IP addresses, usernames and passwords stored as bcrypt hashes.

Sensitive breach, not publicly searchable.

Breach date: 18 July 2022
Date added to HIBP: 5 October 2023
Compromised accounts: 13,204,029
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 11f9693d51bdb4c718839e12eeff902da0e5406c ) [81] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#OGUsers2022 [title] => OGUsers (2022 breach) - 529,020 breached accounts [timestamp] => 1657663200 [author] => [content] =>

In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes. A total of 529k unique email addresses appeared in the breach.

Breach date: 13 July 2022
Date added to HIBP: 14 April 2023
Compromised accounts: 529,020
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e32ad021f1d2049ac7b8e335d33a98a87f404bbd ) [82] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Weee [title] => Weee - 1,117,405 breached accounts [timestamp] => 1657490400 [author] => [content] =>

In February 2023, data belonging to the Asian and Hispanic food delivery service Weee appeared on a popular hacking forum. Dating back to mid-2022, the data included 1.1M unique email addresses from 11M rows of orders containing names, phone numbers and delivery instructions.

Breach date: 11 July 2022
Date added to HIBP: 9 February 2023
Compromised accounts: 1,117,405
Compromised data: Delivery instructions, Email addresses, Names, Phone numbers, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 979d66b4b13c903ddf2b90d429ee4c28248d9704 ) [83] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#LaPosteMobile [title] => La Poste Mobile - 533,886 breached accounts [timestamp] => 1656885600 [author] => [content] =>

In July 2022, the French telecommunications company La Poste Mobile was the target of an attack by the LockBit ransomware which resulted in company data being published publicly. The impacted data included 533k unique email addresses along with names, physical addresses, phone numbers, dates of births, genders and banking information. 10 days after the attack, the La Poste Mobile website remained offline.

Breach date: 4 July 2022
Date added to HIBP: 14 July 2022
Compromised accounts: 533,886
Compromised data: Bank account numbers, Dates of birth, Email addresses, Genders, Names, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => dcc713c67ab4696f0e82dc771e27ef52068dd4fd ) [84] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MemeChat [title] => MemeChat - 4,348,570 breached accounts [timestamp] => 1654034400 [author] => [content] =>

In mid-2022, "the ultimate hub of memes" MemeChat suffered a data breach that exposed 7.4M records. Alleged to be due to a misconfigured Elasticsearch instance, the data contained 4.3M unique email addresses alongside usernames.

Breach date: 1 June 2022
Date added to HIBP: 29 October 2023
Compromised accounts: 4,348,570
Compromised data: Email addresses, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 313dc2710e1292c0099736731e8755c859e19c40 ) [85] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#QuestionPro [title] => QuestionPro - 22,229,637 breached accounts [timestamp] => 1653084000 [author] => [content] =>

In May 2022, the survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IP addresses, browser user agents and results relating to surveys. QuestionPro would not confirm whether a breach had occurred (although they did confirm they were the target of an extortion attempt), so the data was initially flagged as "unverified". Subsequent verification by impacted HIBP subscribers later led to the removal of the unverified flag.

Breach date: 21 May 2022
Date added to HIBP: 5 August 2022
Compromised accounts: 22,229,637
Compromised data: Browser user agent details, Email addresses, IP addresses, Survey results
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => cd2b7139185bb498a7fe6f1d3148ccf24362b8ef ) [86] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#AmartFurniture [title] => Amart Furniture - 108,940 breached accounts [timestamp] => 1652652000 [author] => [content] =>

In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack. Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.

Breach date: 16 May 2022
Date added to HIBP: 26 May 2022
Compromised accounts: 108,940
Compromised data: Email addresses, Names, Passwords, Phone numbers, Physical addresses
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 19ae131ae8231ebf008cbddf6f9a7a2f2c809fe2 ) [87] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Mangatoon [title] => Mangatoon - 23,040,238 breached accounts [timestamp] => 1652392800 [author] => [content] =>

In May 2022, the Hong Kong based Manga service Mangatoon suffered a data breach that exposed 23M subscriber records. The breach exposed names, email addresses, genders, social media account identities, auth tokens from social logins and passwords stored as salted MD5 hashes. Mangatoon did not respond to multiple attempts to make contact regarding the breach.

Breach date: 13 May 2022
Date added to HIBP: 6 July 2022
Compromised accounts: 23,040,238
Compromised data: Auth tokens, Avatars, Email addresses, Genders, Names, Passwords, Social media profiles, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => f5355c7943e25d6266b9595fac57d2139ec4ee51 ) [88] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#BlackBerryFans [title] => BlackBerry Fans - 174,168 breached accounts [timestamp] => 1651788000 [author] => [content] =>

In May 2022, the Chinese BlackBerry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member records. The impacted data included usernames, email and IP addresses and passwords stored as salted MD5 hashes.

Breach date: 6 May 2022
Date added to HIBP: 16 May 2022
Compromised accounts: 174,168
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => ff3439291f96eda813ff6dde2ea88843580caa1f ) [89] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#Fanpass [title] => Fanpass - 112,251 breached accounts [timestamp] => 1651269600 [author] => [content] =>

In April 2022, the UK based website for buying and selling soccer tickets Fanpass suffered a data breach which exposed 112k customer records. Impacted data includes names, phone numbers, physical addresses, purchase histories and salted password hashes. The data was provided to HIBP by a source who requested it be attributed to "breaches.net".

Breach date: 30 April 2022
Date added to HIBP: 24 May 2022
Compromised accounts: 112,251
Compromised data: Email addresses, Genders, Names, Partial dates of birth, Passwords, Phone numbers, Physical addresses, Purchases, Social media profiles
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => c46e2ec162a1ab87188b60cd503b83dfa1521543 ) [90] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#PaySystemTech [title] => PaySystem.tech - 1,410,764 breached accounts [timestamp] => 1651183200 [author] => [content] =>

In mid-2022, data alleged to have been sourced from the Russian payment provider PaySystem.tech appeared in hacking circles where it was made publicly available for download. Consisting of 16M rows with 1.4M unique email addresses, the data also included purchases and full credit card numbers and expiry dates. The data could not be independently attributed back to PaySystem.tech and the breach has been flagged as "unverified".

Unverified breach, may be sourced from elsewhere.

Breach date: 29 April 2022
Date added to HIBP: 9 October 2023
Compromised accounts: 1,410,764
Compromised data: Credit cards, Email addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 5a1d08a708d5c83335c00143ef578b3979e910bc ) [91] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#EPal [title] => E-Pal - 108,887 breached accounts [timestamp] => 1649973600 [author] => [content] =>

In October 2022, the service dedicated to finding friends on Discord known as E-Pal disclosed a data breach. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.

Breach date: 15 April 2022
Date added to HIBP: 24 October 2022
Compromised accounts: 108,887
Compromised data: Email addresses, Purchases, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 374d9c93b5f5390cd47ca95e933f50e459032668 ) [92] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#PayHere [title] => PayHere - 1,580,249 breached accounts [timestamp] => 1648335600 [author] => [content] =>

In late March 2022, the Sri Lankan payment gateway PayHere suffered a data breach that exposed more than 65GB of payment records including over 1.5M unique email addresses. The data also included IP and physical addresses, names, phone numbers, purchase histories and partially obfuscated credit card data (card type, first 6 and last 4 digits plus expiry date). A month later, PayHere published a blog on the incident titled Ensuring Integrity on PayHere Cybersecurity Incident.

Breach date: 27 March 2022
Date added to HIBP: 2 May 2022
Compromised accounts: 1,580,249
Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => e0252df78d852f2a8d25a9e5bc711e7dc4e547f3 ) [93] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#VivaAir [title] => Viva Air - 932,232 breached accounts [timestamp] => 1647212400 [author] => [content] =>

In March 2022, the now defunct Columbian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partial credit card data (last 4 digits).

Breach date: 14 March 2022
Date added to HIBP: 11 September 2023
Compromised accounts: 932,232
Compromised data: Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 14af72a93d46640909d97c33943c442a292dc457 ) [94] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#CDEK [title] => CDEK - 19,218,203 breached accounts [timestamp] => 1646780400 [author] => [content] =>

In early 2022, a collective known as IT Army whose stated goal is to "completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases" published over 30GB of data allegedly sourced from Russian courier service CDEK. The data contained over 19M unique email addresses along with names and phone numbers. The authenticity of the breach could not be independently established and has been flagged as "unverfieid".

Unverified breach, may be sourced from elsewhere.

Breach date: 9 March 2022
Date added to HIBP: 17 March 2022
Compromised accounts: 19,218,203
Compromised data: Email addresses, Names, Phone numbers
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 3750afda5c93ffe9e30b39b23779f0145c9c7e98 ) [95] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#CraftRise [title] => CraftRise - 2,532,527 breached accounts [timestamp] => 1646434800 [author] => [content] =>

In May 2023, news broke of a data breach of the Turkish Minecraft server known as CraftRise. The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords. The newest records indicate the data was obtained in March 2022.

Breach date: 5 March 2022
Date added to HIBP: 8 August 2023
Compromised accounts: 2,532,527
Compromised data: Email addresses, Geographic locations, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => c7036f5d30d864ac9d20a9f940a41800e0c79f2f ) [96] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#NVIDIA [title] => NVIDIA - 71,335 breached accounts [timestamp] => 1645570800 [author] => [content] =>

In February 2022, microchip company NVIDIA suffered a data breach that exposed employee credentials and proprietary code. Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.

Breach date: 23 February 2022
Date added to HIBP: 3 March 2022
Compromised accounts: 71,335
Compromised data: Email addresses, Passwords
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 088472395b2697109252aa04c2f12d53cf051d62 ) [97] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#GiveSendGo [title] => GiveSendGo - 89,966 breached accounts [timestamp] => 1644188400 [author] => [content] =>

In February 2022, the Christian fundraising service GiveSendGo suffered a data breach which exposed the personal data of 90k donors to the Canadian "Freedom Convoy" protest against vaccine mandates. The breach exposed names, email addresses, post codes, donation amount and comments left at the time of donation.

Breach date: 7 February 2022
Date added to HIBP: 15 February 2022
Compromised accounts: 89,966
Compromised data: Email addresses, Geographic locations, Names, Purchases
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => d345580fbe83bcbb4cf15d0129988d8b9a756659 ) [98] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#LeakedReality [title] => Leaked Reality - 114,907 breached accounts [timestamp] => 1643583600 [author] => [content] =>

In January 2022, the now defunct uncensored video website Leaked Reality suffered a data breach that exposed 115k unique email addresses. The data also included usernames, IP addresses and passwords stored as either MD5 or phpass hashes.

Breach date: 31 January 2022
Date added to HIBP: 31 March 2023
Compromised accounts: 114,907
Compromised data: Email addresses, IP addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => b4ef5bb86c0b10fa34e424406a04ffd02565578a ) [99] => Array ( [uri] => https://haveibeenpwned.com/PwnedWebsites#MacGeneration [title] => MacGeneration - 101,004 breached accounts [timestamp] => 1643410800 [author] => [content] =>

In January 2022, the French Apple news website MacGeneration suffered a data breach. The incident exposed over 100k usernames, email addresses and passwords stored as salted SHA-512 hashes. After discovering the incident, MacGeneration self-submitted data to HIBP.

Breach date: 29 January 2022
Date added to HIBP: 3 March 2022
Compromised accounts: 101,004
Compromised data: Email addresses, Passwords, Usernames
[enclosures] => Array ( ) [categories] => Array ( ) [uid] => 85b93cbca0201f96af35f41e9a9d204f557a5a9a ) ) )