Meet With Us

Breach List

SOClogix > Breach List
RSS Latest Breaches
  • Blooms Today - 3,184,010 breached accounts September 3, 2024
    In April 2024, 15M records from the online florist Blooms Today were listed for sale on a popular hacking forum. The most recent data in the breach corpus was from November 2023 and appeared alongside 3.2M unique email addresses, names, phone numbers physical addresses and partial credit card data (card type, 4 digits of the […]
  • Market Moveis - 28,220 breached accounts September 1, 2024
    In August 2023, the Portuguese home decor company Market Moveis suffered a data breach that impacted 28k records. The exposed records were limited to names and email addresses.
  • Lookiero - 4,981,760 breached accounts August 30, 2024
    In August 2024, a data breach from the online styling service Lookiero was posted to a popular hacking forum. Dating back to March 2024, the data included 5M unique email addresses, with many of the records also including name, phone number and physical address. When contacted about the incident, Lookiero advised that they would "look […]
  • Sport 2000 - 3,189,643 breached accounts August 28, 2024
    In April 2024, the French sporting equipment manufacturer Sport 2000 announced it had suffered a data breach. The data was subsequently put up for sale on a popular hacking forum and included 4.4M rows with 3.2M unique email addresses alongside names, physical addresses, phone numbers, dates of birth and purchases made by store name. The […]
  • Traderie - 364,898 breached accounts August 25, 2024
    In September 2022, the in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
  • Tracki - 372,557 breached accounts August 19, 2024
    In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the GPS tracking service Tracki. Multiple vulnerabilities exposed the personal records of 372k users of the service including names and email addresses.
  • Explore Talent (August 2024) - 8,929,384 breached accounts August 19, 2024
    In August 2024, a slew of security vulnerabilities were identified with a conglomerate of online services which included the talent network Explore Talent. A vulnerable API exposed the personal records of 11.4M users of the service of which 8.9M unique email addresses were provided to HIBP. This incident is separate to the Explore Talent breach […]
  • Chris Leong - 27,096 breached accounts August 13, 2024
    In August 2024, the website of Master Chris Leong "a leading Tit Tar practitioner in Malaysia" suffered a data breach. The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many cases, links to Facebook profiles. The company did not respond when contacted about the breach.
  • LDLC - 1,266,026 breached accounts August 13, 2024
    In March 2024, French retailer LDLC disclosed a data breach that impacted customers of their physical stores. The data was previously listed for sale on a popular hacking forum and contained 1.26M unique email addresses along with names, phone numbers and physical addresses. The data was provided to HIBP by a source who requested it […]
  • National Public Data (unverified) - 133,957,569 breached accounts August 13, 2024
    In April 2024, a large trove of data made headlines as having exposed "3 billion people" due to a breach of the National Public Data background check service. The initial corpus of data released in the breach contained billions of rows of personal information, including US social security numbers. Further partial data sets were later […]
  • Shadow - 543,295 breached accounts August 11, 2024
    In September 2023, the cloud gaming provider Shadow suffered a data breach that exposed over half a million customer records. The data included email and physical addresses, names and dates of birth. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
  • Not SOCRadar - 282,478,425 breached accounts August 9, 2024
    In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There […]
  • Shoe Zone - 46,140 breached accounts August 5, 2024
    In June 2024, the UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum. The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits), and 46k unique email addresses. The data was provided to HIBP by […]
  • LuLu - 2,796,835 breached accounts August 2, 2024
    In July 2024, the Emirati-based LuLu retail store suffered a data breach. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker". The following month, the threat of leaking […]
  • Multiplayer.it - 503,957 breached accounts August 1, 2024
    In April 2024, over half a million records taken from the Italian gaming website Multiplayer.it were posted to a popular hacking forum. The impacted data included email addresses, usernames and salted MD5 password hashes. Multiplayer.it subsequently confirmed the breach dated back 6 years to September 2018 and was merely re-posted in 2024.
  • Stealer Logs Posted to Telegram - 26,105,473 breached accounts August 1, 2024
    In July 2024, info stealer logs with 26M unique email addresses were collated from malicious Telegram channels. The data contained 22GB of logs consisting of email addresses, passwords and the websites they were used on, all obtained by malware running on infected machines.
  • AnimeLeague - 192,134 breached accounts July 31, 2024
    In July 2024, AnimeLeague disclosed a data breach of their services. The data was posted for sale on a popular hacking forum and included 2 databases covering both event registration records and a dump of the phpBB bulletin board. The impacted data included passwords in various hashed formats including SHA-1, salted md5 and bcrypt, as […]
  • Ubook - 699,908 breached accounts July 30, 2024
    In July 2024, 700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum. Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to profile photos.
  • Spytech - 5,645 breached accounts July 30, 2024
    In July 2024, spyware maker Spytech suffered a data breach that exposed data collected as recently as the previous month. Designed to "invisibly record everything users do", the breach exposed information related to both purchasers and targets of the product. Target data collection (and subsequent exposure) included the infected computer name, browsing history, applications used, […]
  • Condo.com - 1,481,555 breached accounts July 25, 2024
    In June 2019, now defunct website Condo.com suffered a data breach that was later redistributed as part of a larger corpus of data. The impacted data included 1.5M email addresses alongside names, phone numbers and for a small number of records, physical addresses.