New breach: Hacking forum OGUsers suffered their second breach in a year. A total of 263k email addresses across user accounts and other tables were posted to rival hacking forum. Data also included MD5 password hashes. 72% were already in @haveibeenpwned zdnet.com/article/hacking-foru

New breach: Gaming website AnimeGame had 1.4M records breached last month and shared on a popular hacking forum. Impacted data included email addresses, usernames and salted MD5 password hashes. 35% of addresses were already in @haveibeenpwned haveibeenpwned.com/

New breach: Israeli marketing firm Straffic exposed 140GB of data spanning 305M rows with 49M unique email addresses. Data also included names, addresses, phones and genders. 70% of emails were already in @haveibeenpwned. Read more: databreachtoday.com/israeli-ma

New breach: Slickwraps had 858k unique email addresses breached last week. Data also included names, physical addresses, phone numbers and purchase histories. 75% of emails were already in @haveibeenpwned. Read more: slickwraps.com/blog/update/

New breach: MGM Resorts had 10.6M records with 3.1M unique email addresses breached last year. Data also included names, phone numbers, DOBs and physical addresses. 82% of emails were already in @haveibeenpwned. Read more: zdnet.com/article/exclusive-de

New sensitive breach: "The world's largest sex & swinger community" Adult FriendFinder was breached in 2016. The incident exposed usernames, SHA-1 password hashes and 170M unique email addresses. 77% of addresses were already in @haveibeenpwned. Read more: zdnet.com/article/adultfriendf

New breach: Indian retailer DailyObjects had 464k customer records exposed in approximately 2018. Impacted data included names, email and physical addresses, phone numbers and PINs in plain text. 82% of addresses were already in @haveibeenpwned haveibeenpwned.com/

New breach: Now defunct social network Tout was breached in approximate September 2014. 653k unique email addresses were exposed alongside names, IPs, locations, bios and bcrypt password hashes. 84% of addresses were already in @haveibeenpwned haveibeenpwned.com/

New breach: Go Games suffered a data breach in 2015 that exposed 3.4M customers' email and IP addresses, usernames and salted MD5 password hashes. They did not respond when contacted about the incident. 56% of addresses were already in @haveibeenpwned haveibeenpwned.com/

New breach: Indian Rail left 583k unique email addresses exposed on an unprotected Firebase database instance alongside usernames and plain text passwords. 49% of addresses were already in @haveibeenpwned. Read more: medium.com/dvuln/why-you-shoul

New breach: Universarium had 565k records breached in approximately November including email addresses and plain text passwords. Multiple attempts to contact them over many weeks could not raise a response. 66% of records were already in @haveibeenpwned haveibeenpwned.com/

New data: 8M records sourced from data aggregator Factual were collated in 2017 then later exchanged as an alleged "breach". The set included 2.5M unique email addresses, business names, addresses and phone numbers. 77% were already in @haveibeenpwned. /when-is-data-public-and-2-5m-public-factual-records/

New breach: Zynga (creator of the Words with Friends game) suffered a data breach in September. Data included 173M unique email address, usernames and passwords stored as salted SHA-1 hashes. 69% were already in @haveibeenpwned. Read more: cnet.com/news/words-with-frien

New breach: Polish torrent site AgusiQ-Torrents[.]pl had 90k records breached in September. Data included email and IP addresses, usernames and passwords stored as MD5 hashes. 61% were already in @haveibeenpwned haveibeenpwned.com/

New data exposure: A customer of People Data Labs exposed with 1.2B data enrichment records. The data contained 622M unique email addresses as well as phone numbers, social media profiles and job histories. 84% were already in @haveibeenpwned. More: /data-enrichment-people-data-labs-and-another-622m-email-addresses/

New breach: GateHub suffered a breach in June. 1.4M accounts subsequently appeared on a popular hacking forum and included email addresses, mnemonic phrases, wallet hashes and passwords stored as bcrypt hashes. 64% were already in @haveibeenpwned. More: arstechnica.com/information-te

New breach: EpicBot had 817k accounts breached in September including email, IP, usernames and either salted MD5 or bcrypt password hashes. 74% were already in @haveibeenpwned. More: arstechnica.com/information-te

New breach: GPS Underground had 670k accounts breached in mid-2016 including email, IP, usernames, dates of birth and salted MD5 password hashes. 81% were already in @haveibeenpwned. More: hackread.com/vbulletin-forums-

New breach: Comic strip website ToonDoo had 6M accounts breached in August including email, IP, location, gender and salted password hashes. 59% were already in @haveibeenpwned. More: zataz.com/6-000-000-de-donnees

New breach: Indian training site Vedantu had 687k records exposed in July. Exposed data includes IP and email addresses, names, phone numbers, genders and passwords stored as bcrypt hashes. 28% of addresses were already in @haveibeenpwned haveibeenpwned.com/

Show more
Mirrored.Social [BETA]

Find this service useful? Kick in a few bucks to help keep it alive here: https://www.patreon.com/DaveWoodX Thanks.