Have I Been Pwned is a user on mirrored.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Have I Been Pwned @haveibeenpwned@mirrored.social

New breach: Club Penguin Rewritten had 1.7M records breached in Jan last year. Exposed data included email & IP addresses, usernames and passwords stored as bcrypt hashes. 41% of addresses were already in @haveibeenpwned haveibeenpwned.com/

New breach: Morele[.]net had 2.5M records breached in October. Exposed data included email addresses, names and passwords stored as md5crypt hashes. 42% of addresses were already in @haveibeenpwned. Read more: niebezpiecznik.pl/post/morele-

New breach: Bukalapak had 13M records breached in 2017. Exposed data included email and IP addresses, names and passwords stored as bcrypt and salted SHA-512 hashes. 21% of addresses were already in @haveibeenpwned. Read more: bukalapak.com/blog/feature-upd

New breach: DataCamp had 760k records breached in 2017. Exposed data included email and IP addresses, names and passwords stored as bcrypt hashes. 68% of addresses were already in @haveibeenpwned. Read more: support.datacamp.com/hc/en-us/

New breach: German social media site Knuddels had 808k records breached in September. The incident exposed email addresses, usernames, real names and passwords stored in plain text. 37% of addresses were already in @haveibeenpwned. Read more: forum.knuddels.de/ubbthreads.p

New breach: Hacking site "Demon Forums" had 52k records breached in Feb. The vBulletin based site exposed usernames, email addresses and salted MD5 password hashes. 49% of addresses were already in @haveibeenpwned haveibeenpwned.com/

New breach: Multiplayer platform game Everybody Edits had 871k records posted publicly last month. The exposed data included usernames alongside email and IP addresses. 48% of addresses were already in @haveibeenpwned. Read more: everybodyedits.wordpress.com/2

New breach: The Intelimost spam operation leaked 3M email addresses and plain text passwords used to access victims' mailboxes and customise spam messages. 45% were already in @haveibeenpwned. Read more: techcrunch.com/2019/04/02/insi

New breach: Whitepages had 11M records breached in 2016 including email addresses, names and either MD5 of bcrypt password hashes. 71% were already in @haveibeenpwned. Read more: theregister.co.uk/2019/02/11/6

New breach: 500px had 15M unique email addresses breached in July including names, genders, dates of birth and either MD5 of bcrypt password hashes. 53% were already in @haveibeenpwned. Read more: support.500px.com/hc/en-us/art

New breach: Bookmate had almost 4M unique email addresses breached in July including names, genders, dates of birth and salted SHA-512 password hashes. 63% were already in @haveibeenpwned. Read more: theregister.co.uk/2019/02/11/6

New breach: HauteLook had 28M unique email addresses breached in August including names, genders, dates of birth and bcrypt password hashes. 82% were already in @haveibeenpwned. Read more: theregister.co.uk/2019/02/11/6

New breach: 8fit had 15M unique email addresses breached in July including names, genders, IP addresses and bcrypt password hashes. 58% were already in @haveibeenpwned. Read more: 8fit.zendesk.com/hc/en-us/arti

New breach: ixigo had 17M records breached in Jan including names, genders, phone numbers, social media profiles and MD5 password hashes. 23% were already in @haveibeenpwned. Read more: techcrunch.com/2019/02/14/hack

New breach: Email address validation service Verifications[.]io left 763M email addresses exposed in an open MongoDB instance, many of which also had accompanying gender, DOB and other personal attributes. 66% were already in @haveibeenpwned. Read more: securitydiscovery.com/800-mill

New breach: ShareThis had 41M email addresses, names, dates of birth and hashed passwords breached in 2018. The data was recently found being traded on a darkweb marketplace. 71% of records were already in @haveibeenpwned. Read more: sharethis.com/data-privacy-inc

New breach: Dubsmash had 162M email addresses, usernames and PBKDF2 hashed passwords breached in 2018. The data was recently found being traded on a darkweb marketplace. 25% of records were already in @haveibeenpwned. Read more: theregister.co.uk/2019/02/11/6

New breach: MyFitnessPal had 144M email addresses, IP addresses, usernames and hashed passwords breached in 2018. The data was recently found being traded on a dark web marketplace. 59% of records were already in @haveibeenpwned. Read more: content.myfitnesspal.com/secur

New breach: MyHeritage had 92M email addresses and salted SHA-1 password hashes breached in 2017. Discovered last year, the data was recently found being traded on a dark web marketplace. 61% of records were already in @haveibeenpwned. Read more: blog.myheritage.com/2018/06/my

New breach: EyeEm had 20M accounts impacted in a data breach one year ago. Exposed data included email addresses, names, usernames, bios and password hashes. 44% were already in @haveibeenpwned. Read more: theregister.co.uk/2019/02/11/6