Updated breach: the remaining 10M records have now been added to @haveibeenpwned. 74% of all 8tracks addresses had been previously breached. twitter.com/haveibeenpwned/sta

New breach: Textbook rental service Chegg had 40M accounts exposed in April last year. Data included email addresses, names, usernames and passwords stored as unsalted MD5 hashes. 70% of addresses were already in @haveibeenpwned techcrunch.com/2018/09/26/cheg

New breach: Hacking site Cracked[.]to had 749k unique addresses exposed last month (321k users plus addresses in other tables). Exposed data included email and IP addresses, usernames, PMs and bcrypt password hashes. 29% were already in @haveibeenpwned haveibeenpwned.com/

New breach: StockX had 6.8M accounts breached last month. Data included email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes. 56% were already in @haveibeenpwned stockx.com/news/update-on-data

New breach: Canva had 137M records breached in May. Exposed data included email addresses, names, usernames, cities and for users not using social logins, passwords stored as bcrypt hashes. 44% of addresses were already in @haveibeenpwned. Read more: support.canva.com/contact/cust

New breach: CafePress had 23M unique email addresses breached in February. Some records also contained names, physical addresses and phone numbers. 77% were already in @haveibeenpwned haveibeenpwned.com

New breach: The Xiaomi user forum had 7M email addresses breached in 2012. Many were on the bbs_ml_as_uid[.]xiaomi[.]com domain and were accompanied by usernames, IP addresses and salted MD5 password hashes. 7% were already in @haveibeenpwned. Read more: thehackernews.com/2014/10/xiao

New breach: Flash Flash Revolution had 1.9M accounts compromised last week. This is in addition to another breach of the service in 2016. Impacted data includes email and IP addresses, usernames, DoB & salted MD5 hashes. 98% were already in @haveibeenpwned haveibeenpwned.com

New breach: Stronghold Kingdoms had 5.2M accounts compromised in July last year. Impacted data included email addresses, usernames and passwords stored as salted SHA-1 hashes. 57% were already in @haveibeenpwned. Read more: techraptor.net/content/roll20-

New breach: GameSalad had 1.5M accounts compromised in February. Data included email and IP addresses, usernames and passwords stored as SHA-256 hashes. 65% were already in @haveibeenpwned. Read more: zdnet.com/article/round-4-hack

New breach: Armor Games had 10.6M accounts compromised in January. Data included email and IP addresses, usernames, birthdays of admins and passwords stored as salted SHA-1 hashes. 71% were already in @haveibeenpwned. Read more: techraptor.net/content/armor-g

New breach: Tabletop role-playing games website Roll20 had 4M records breached in December. Data included email addresses, names, bcrypt password hashes and last 4 digits of credit cards. 70% were already in @haveibeenpwned. Read more: app.roll20.net/forum/post/7209

New breach: Artvalue left 158k customers exposed via a text file on their website. Data included email addresses, names and MD5 password hashes. The operator did not respond when contacted, although the file was removed. 78% were already in @haveibeenpwned haveibeenpwned.com

New breach: EatStreet had 6.4M customers exposed when hacked in May. Extensive personal data including names, phone numbers, addresses, dates of birth, partial CC data and bcrypt password hashes were exposed. 75% were already in @haveibeenpwned. Read more: zdnet.com/article/eatstreet-fo

New breach: Bulgarian National Revenue Agency suffered a data breach that began circulating publicly this week. Extensive personal info and tax data on 5M individuals with 471k unique email addresses included. 27% were already in @haveibeenpwned. More: thenextweb.com/security/2019/0

There's a brand new API for @haveibeenpwned! It moves away from attempting to rate limit by IP and instead introduces auth keys which will make for a much more reliable experience. They're provisioned at the cost of providing the service, full details here troyhunt.com/authentication-an

New breach: Broadcasting service YouNow had their data appear for sale on the dark web in Feb. 18M unique email addresses were exposed plus names, IPs and links to social profiles. No passwords were impacted. 49% were already in @haveibeenpwned. More: techcrunch.com/2019/02/14/hack

New breach: Video making service Animoto had 22M unique email addresses breached in July last year. Also exposed were names, dates of birth, country of origin and salted password hashes. 58% were already in @haveibeenpwned. Read more: techcrunch.com/2018/08/20/anim

New breach: Hacking website BlackSpigotMC was breached by a rival site and 8.5GB of website files & DB dumped publicly. The breach impacted 140k unique email addresses, usernames, IP addresses and bcrypt password hashes. 42% were already in @haveibeenpwned haveibeenpwned.com/

New breach: Fashion retailer SHEIN had 39M unique email addresses breached in June last year. Exposed data also included passwords stored as MD5 hashes. 57% were already in @haveibeenpwned. Read more: zdnet.com/article/shein-fashio

Show more
Mirrored.Social [BETA]

This Mastodon instance is dedicated to mirroring the social media accounts of interesting/useful people and organizations from elsewhere on the Internet. At least until such time as they create their own accounts on the Mastodon network.

If you control an account that is being mirrored here and would like to make changes to how that's done (or not done), please contact Dave Wood via @davewoodx@mastodon.social.

Like this idea? Help support the costs and development at Patreon.

Currently in Beta status. Please let me know if you see bugs or issues.

Mirrors to Follow:

1Password [NEW]

1Password Status [NEW]

Android [NEW]

AppStore [NEW]

App Store Games [NEW]

Barack Obama

Canada [NEW]

CGP Grey [NEW]

Chris Hadfield [NEW]

CommitStrip [NEW]

Daring Fireball

#dearMoon [NEW]

Dianna Cowern

DuckDuckGo [NEW]

Elon Musk*

GitHub [NEW]

GitHub API [NEW]

GitHub Status [NEW]

Have I Been Pwned [NEW]

Internet of Shit*

iTC Status

Jony Ive Parody*

Keybase [NEW]

Let's Encrypt [NEW]

Linode [NEW]

Merge Conflict [NEW]

Marques Brownlee

NASA

NGINX, Inc. [NEW]

nginx web server [NEW]

php.net [NEW]

Orbital ATK [NEW]

Overcast [NEW]

Realm [NEW]

Relay FM [NEW]

Ryan Reynolds* [NEW]

Edward Snowden* [NEW]

SpaceX

Tesla [NEW]

Tim Cook [NEW]

Visual Studio [NEW]

Visual Studio App Center [NEW]

* Posts flagged as sensitive