New breach: Hacking forum OGUsers suffered their second breach in a year. A total of 263k email addresses across user accounts and other tables were posted to rival hacking forum. Data also included MD5 password hashes. 72% were already in @haveibeenpwned https://www.zdnet.com/article/hacking-forum-gets-hacked-for-the-second-time-in-a-year/
New breach: Israeli marketing firm Straffic exposed 140GB of data spanning 305M rows with 49M unique email addresses. Data also included names, addresses, phones and genders. 70% of emails were already in @haveibeenpwned. Read more: https://www.databreachtoday.com/israeli-marketing-company-exposes-contacts-database-a-13785
New breach: MGM Resorts had 10.6M records with 3.1M unique email addresses breached last year. Data also included names, phone numbers, DOBs and physical addresses. 82% of emails were already in @haveibeenpwned. Read more: https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/
New sensitive breach: "The world's largest sex & swinger community" Adult FriendFinder was breached in 2016. The incident exposed usernames, SHA-1 password hashes and 170M unique email addresses. 77% of addresses were already in @haveibeenpwned. Read more: https://www.zdnet.com/article/adultfriendfinder-network-hack-exposes-secrets-of-412-million-users/
New breach: Indian Rail left 583k unique email addresses exposed on an unprotected Firebase database instance alongside usernames and plain text passwords. 49% of addresses were already in @haveibeenpwned. Read more: https://medium.com/dvuln/why-you-should-choo-choo-choose-to-have-a-vulnerability-disclosure-policy-2m-accounts-exposed-7cd7eaec4da5
New data: 8M records sourced from data aggregator Factual were collated in 2017 then later exchanged as an alleged "breach". The set included 2.5M unique email addresses, business names, addresses and phone numbers. 77% were already in @haveibeenpwned. /when-is-data-public-and-2-5m-public-factual-records/
New breach: Zynga (creator of the Words with Friends game) suffered a data breach in September. Data included 173M unique email address, usernames and passwords stored as salted SHA-1 hashes. 69% were already in @haveibeenpwned. Read more: https://www.cnet.com/news/words-with-friends-hack-reportedly-exposes-data-of-more-than-200m-players/
New data exposure: A customer of People Data Labs exposed with 1.2B data enrichment records. The data contained 622M unique email addresses as well as phone numbers, social media profiles and job histories. 84% were already in @haveibeenpwned. More: /data-enrichment-people-data-labs-and-another-622m-email-addresses/
New breach: GateHub suffered a breach in June. 1.4M accounts subsequently appeared on a popular hacking forum and included email addresses, mnemonic phrases, wallet hashes and passwords stored as bcrypt hashes. 64% were already in @haveibeenpwned. More: https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/
New breach: EpicBot had 817k accounts breached in September including email, IP, usernames and either salted MD5 or bcrypt password hashes. 74% were already in @haveibeenpwned. More: https://arstechnica.com/information-technology/2019/11/password-data-dumped-online-for-2-2-million-users-of-currency-and-gaming-sites/
New breach: GPS Underground had 670k accounts breached in mid-2016 including email, IP, usernames, dates of birth and salted MD5 password hashes. 81% were already in @haveibeenpwned. More: https://www.hackread.com/vbulletin-forums-hacked-accounts-sold-on-dark-web/
New breach: Comic strip website ToonDoo had 6M accounts breached in August including email, IP, location, gender and salted password hashes. 59% were already in @haveibeenpwned. More: https://www.zataz.com/6-000-000-de-donnees-personnelles-piratees-pour-le-site-toondoo/
Check if you have an account that has been compromised in a data breach. Created and maintained by @troyhunt.
Find this service useful? Kick in a few bucks to help keep it alive here: https://www.patreon.com/DaveWoodX Thanks.