RT ave I Been Pwned (@haveibeenpwned
New breach: Mathway had over 25M accounts breached in Jan then sold on the dark web. Data included names, emails, salted password hashes and Google and Facebook IDs. 69% were already in @haveibeenpwned. Read more: zdnet.com/article/25-mil…

RT ave I Been Pwned (@haveibeenpwned
New breach: Indian self-drive car rental company Zoomcar was breached in 2018 and had 3.5M records exposed then sold in 2020. Names, emails and IPs, phones and bcrypt password hashes were exposed. 70% were already in @haveibeenpwned. Read more: tech.economictimes.indiatimes.com/news/internet/…

RT ave I Been Pwned (@haveibeenpwned
New unattributable breach: "Lead Hunter", an exposed Elasticsearch instance, leaked 69M emails across 110M rows in March. Data also included names, phones, genders and physical addresses. 93% were already in @haveibeenpwned. Read more: troyhunt.com/the-unattribut…

New unattributable breach: "Lead Hunter", an exposed Elasticsearch instance, leaked 69M emails across 110M rows in March. Data also included names, phones, genders and physical addresses. 93% were already in @haveibeenpwned. Read more: /the-unattributable-lead-hunter-data-breach/

New breach: Wishbone was breached (again) in January resulting in almost 10M unique email addresses being exposed. Also present was names, phone numbers, DOBs, genders and unsalted MD5 password hashes. 63% were already in @haveibeenpwned. Read more: infosecurity-magazine.com/news

New alleged breach: LiveJournal data is broadly circulating. Contains 26M usernames & email addresses that exist on the service alongside plain text passwords. Data is used in attacks against Dreamwith (fork of LiveJournal). 58% already in @haveibeenpwned news.ycombinator.com/item?id=2

New breach: Pet care delivery service PetFlow had almost 1M accounts breached in 2017 before being sold online. Exposed data included email addresses and unsalted MD5 password hashes. 91% were already in @haveibeenpwned. Read more: techcrunch.com/2019/02/14/hack

New breach: Art website Artsy had 1M accounts breached in 2018 before being sold online. IP and email addresses, names and SHA-512 password hashes were exposed. 82% were already in @haveibeenpwned. Read more: theregister.co.uk/2019/02/11/6

New breach: Japanese schedule app Lifebear had 3.7M email addresses breached in early 2019. The breach also exposed usernames and salted MD5 password hashes. 16% of accounts were already in @haveibeenpwned. Read more: zdnet.com/article/round-4-hack

New breach: Hacking forum Nulled[.]ch was compromised last week and 43k records posted to a rival hacking forum. Data included IP and email addresses alongside salted MD5 password hashes and the admin's private messages. 61% were already in @haveibeenpwned haveibeenpwned.com/

New breach: An unattributable CRM referred to as "db8151dd" was left publicly exposed earlier this year. 23M unique email addresses were exposed alongside extensive personal information and interactions. 65% were already in @haveibeenpwned. Read more: /the-unattributable-db8151dd-data-breach/

New breach: Travel app creator Ulmon had 777k unique email addresses breached in Jan. Data also included names and passwords stored as bcrypt hashes. 73% were already in @haveibeenpwned. Read more: ulmon.com/blogging/2020/5/4/in

New breach: Indian marketplace Elanic had 2.3M email addresses breached & posted to a hacking forum. Elanic verified the data but advised they will "not have as such any communication and public disclosure" to customers. 56% were already in @haveibeenpwned haveibeenpwned.com/

New breach: Vietnamese site TaiLieu had 7.3M records breached in Nov & posted to a popular hacking site. Names, emails, DOBs, genders & passwords stored as unsalted MD5 hashes were exposed. They did reply when contacted. 37% were already in @haveibeenpwned haveibeenpwned.com/

New breach: Indonesia's largest online store Tokopedia had over 12M unique email addresses posted online yesterday. Data also included names, genders, DOBs and SHA2-384 password hashes. 21% were already in @haveibeenpwned. Read more: zdnet.com/article/hacker-leaks

New breach: Nepalese ISP Vianet was breached earlier this month. 94k unique email addresses were exposed alongside names, phone numbers and physical addresses. 34% were already in @haveibeenpwned. Read more: myrepublica.nagariknetwork.com

New breach: Independent Android app store Aptoide had 20M user accounts breached last week. Data included email and IP addresses, names and SHA-1 password hashes (no salt). 38% were already in @haveibeenpwned. Read more: blog.aptoide.com/aptoide-crede

New breach: Spanish mobile phone forum HTC Mania had 1.5M accounts breached in January. Exposed data included email addresses, usernames, IP addresses, dates of birth and salted MD5 password hashes & password histories. 79% were already in @haveibeenpwned haveibeenpwned.com/

New breach: Hacking forum OGUsers suffered their second breach in a year. A total of 263k email addresses across user accounts and other tables were posted to rival hacking forum. Data also included MD5 password hashes. 72% were already in @haveibeenpwned zdnet.com/article/hacking-foru

New breach: Gaming website AnimeGame had 1.4M records breached last month and shared on a popular hacking forum. Impacted data included email addresses, usernames and salted MD5 password hashes. 35% of addresses were already in @haveibeenpwned haveibeenpwned.com/

Show more
Mirrored.Social [BETA]

Find this service useful? Kick in a few bucks to help keep it alive here: https://www.patreon.com/DaveWoodX Thanks.