In June 2017, news broke that CashCrate had suffered a data breach exposing 6.8 million records. In December 2017, the virtual keyboard application ai.type was found to have left average true range trading strategy over mudrex a huge amount of data publicly facing in an unsecured MongoDB instance. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.

Amongst the customer data was passwords stored with a weak MD5 hashing algorithm and no salt. In mid-2017, a spam list of over 105 million individuals in corporate America was discovered online. Referred to as “B2B USA Businesses”, the list categorised email addresses by employer, providing information on individuals’ job titles plus their work phone numbers and physical addresses. In September 2014, news broke of a massive leak of accounts from Yandex, the Russian search engine giants who also provides email services. In September 2013, the Win7Vista Windows forum (since renamed to the “Beyond Windows 9” forum) was hacked and later had its internal database dumped. The dump included over 200k members’ personal information and other internal data extracted from the forum.

The data contained email and physical addresses, dates of birth and phone numbers along with both PINs and passwords stored in plain text. In all, 7 million email addresses appeared in the breach although a significant portion of them were numeric aliases on the bbs_ml_as_uid.xiaomi.com domain. Usernames, IP addresses and passwords stored as salted MD5 hashes were also exposed.

Veracyte: Data Suggests Cancer Risk Classification Using Clinical Factors Alone May Be Suboptimal

When contacted in October 2018, Baby Names advised that “the breach happened at least ten years ago” and that members were notified at the time. In December 2013, the vBulletin forum for the social engineering site known as “AstroPID” was breached and leaked publicly. The site provided tips on fraudulently obtaining goods and services, often by providing a legitimate “PID” or Product Information Description. The breach resulted in nearly 6k user accounts and over 220k private messages between forum members being exposed.

The breach was self-submitted to HIBP and included 266k email addresses, names, genders, phone numbers and other personal information. In approximately 2011, an alleged breach of the dating website Zoosk began circulating. Comprised of almost 53 million records, the data contained email addresses and plain text passwords. However, during extensive verification in May 2016 no evidence could be found that the data was indeed sourced from the dating service.

Rihanna to headline Super Bowl halftime show in February

This breach has consequently been flagged as fabricated; it’s highly unlikely the data was sourced from Zoosk. In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively how to start investing in stocks circulated. The breach contained 166k user records with email addresses and plain text passwords. In February 2014, the Internet Governance Forum was attacked by hacker collective known as Deletesec.

• The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.
• In March 2018, Wendy’s in the Philippines suffered a data breach which impacted over 52k customers and job applicants.
• In October 2018, the internet television service Pluto TV suffered a data breach which was then shared extensively in hacking communities.
• The data also included usernames, IP addresses, full names and passwords stored as either unsalted SHA-1 or bcrypt hashes.

In approximately January 2018, a collection of more than 464k customer records from the Indian online retailer DailyObjects were leaked online. The data included names, physical and email addresses, phone numbers and “pincodes” stored in plain text. After multiple attempts to cryptocurrency trading contact them, DailyObjects responded and received a copy of the data for verification, however failed to respond to multiple contact attempts following that. In January 2016, a large number of unpatched vBulletin forums were compromised by an actor known as “CrimeAgency”.

Bitcoin Security Forum Gmail Dump

In approximately April 2016, the gaming website Guns and Robots suffered a data breach resulting in the exposure of 143k unique records. In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users’ avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, Gravatar release an FAQ detailing the incident.

• In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts.
• In July 2019, a massive data breach of the Bulgarian National Revenue Agency began circulating with data on 5 million people.
• There were 95k unique email addresses spread across 86k forum users and other tables in the database.
• The data set provided to Have I Been Pwned included 91M unique usernames and plain text passwords.
• In February 2021, the alt-tech social network service Gab suffered a data breach.

The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes. In March 2021, the Stripe account of the now-defunct WeLeakInfo service was taken over by “pompompurin” after acquiring an expired domain name with an email address used to manage the account. Access to Stripe then exposed almost 12k unique email addresses from customers who’d made credit card payments in order to obtain breached data hosted by WeLeakInfo. The data was subsequently leaked publicly and also included names, payment histories, IP addresses, billing addresses, partial credit card data and the organisation making the purchase.

Special K Data Feed Spam List

In early 2015, the Swedish tech news site SweClockers was hacked and 255k accounts were exposed. The attack led to the exposure of usernames, email addresses and salted hashes of passwords stored with a combination of MD5 and SHA512. The incident exposed over 20 million unique email addresses along with names, phone numbers, country of residence and passwords stored as salted SHA-1 hashes. In January 2017, a massive trove of data from River City Media was found exposed online. The data was found to contain almost 1.4 billion records including email and IP addresses, names and physical addresses, all of which was used as part of an enormous spam operation.

• Whilst the origin of the breach remains unclear, the breached credentials were confirmed by multiple source as correct, albeit a number of years old.
• In July 2018, the sales engagement startup Apollo left a database containing billions of data points publicly exposed without a password.
• In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on a popular hacking forum.
• In June 2014, the torrent site Sumo Torrent was hacked and 285k member records were exposed.
• The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers, physical addresses and dates of birth.

The breach exposed 376k unique email addresses along with names, phone numbers, physical addresses, gun purchases, partial credit card data, dates of birth and passwords stored as bcrypt hashes. In October 2019, 1.4M accounts from the cryptocurrency wallet service GateHub were posted to a popular hacking forum. GateHub had previously acknowledged a data breach in June, albeit with a smaller number of impacted accounts.

The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes. The incident exposed almost 15 million unique email addresses alongside names, usernames, genders, dates of birth and either an MD5 or bcrypt password hash. In January 2021, the Indian wedding planning platform WedMeGood suffered a data breach that exposed 1.3 million customers. The breach exposed 41.5GB of data including email and physical addresses, names, genders, phone numbers and password hashes.

Glencore To Acquire Newmont’s Shareholding In MARA Project

In approximately October 2015, the online gaming forum known as Gamerzplanet was hacked and more than 1.2M accounts were exposed. In April 2018, the online entertainment site Funny Games suffered a data breach that disclosed 764k records including usernames, email and IP addresses and salted MD5 password hashes. The incident was disclosed to Funny Games in July who acknowledged the breach and identified it had been caused by legacy code no longer in use. In April 2007, the online gambling site Foxy Bingo was hacked and 252,000 accounts were obtained by the hackers.