Closed groovecoder closed 6 years ago
groovecoder
commented
6 years ago @Micheletto - could aws elb or something else be messing with the If-Modified-Since header on requests? I wrote a bunch of tests for this code and caught an unrelated bug, but nothing that would cause this behavior only on stage.
groovecoder
commented
6 years ago Moving this out of Launch Day milestone.
We can use Normandy and other roll-out prefs to mitigate the risk of clients overloading our servers ...
extensions.fxmonitor.breachListURL set to https://monitor.firefox.com/hibp/breachesextensions.fxmonitor.breachRefreshTimeout set to 48 * 60 * 60 * 1000 (48 hours)groovecoder
commented
6 years ago Superseded by https://github.com/mozilla/blurts-server/issues/465
heroku app correctly responds with a 200 when the server's
req.app.locals.mostRecentBreachDateTimeis newer than theIf-Modified-Sincein the request:curl -v -H "If-Modified-Since: Mon, 3 Sep 2018 00:00:00 GMT" https://fx-breach-alerts.herokuapp.com/hibp/breaches* Trying 52.16.184.43... * TCP_NODELAY set * Connected to fx-breach-alerts.herokuapp.com (52.16.184.43) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/cert.pem CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS change cipher, Client hello (1): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server did not agree to a protocol * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=Heroku, Inc.; CN=*.herokuapp.com * start date: Apr 19 00:00:00 2017 GMT * expire date: Jun 22 12:00:00 2020 GMT * subjectAltName: host "fx-breach-alerts.herokuapp.com" matched cert's "*.herokuapp.com" * issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 High Assurance Server CA * SSL certificate verify ok. > GET /hibp/breaches HTTP/1.1 > Host: fx-breach-alerts.herokuapp.com > User-Agent: curl/7.54.0 > Accept: */* > If-Modified-Since: Mon, 3 Sep 2018 00:00:00 GMT > < HTTP/1.1 200 OK < Server: Cowboy < Connection: keep-alive < X-Dns-Prefetch-Control: off < X-Frame-Options: SAMEORIGIN < Strict-Transport-Security: max-age=15552000; includeSubDomains < X-Download-Options: noopen < X-Content-Type-Options: nosniff < X-Xss-Protection: 1; mode=block < Content-Security-Policy: base-uri 'none'; default-src 'none'; connect-src 'self' https://code.cdn.mozilla.net/fonts/ https://www.google-analytics.com; font-src 'self' https://code.cdn.mozilla.net/fonts/; frame-ancestors 'none'; img-src 'self' https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com/analytics.js; style-src 'self' https://code.cdn.mozilla.net/fonts/; report-uri /__cspreport__ < X-Content-Security-Policy: base-uri 'none'; default-src 'none'; connect-src 'self' https://code.cdn.mozilla.net/fonts/ https://www.google-analytics.com; font-src 'self' https://code.cdn.mozilla.net/fonts/; frame-ancestors 'none'; img-src 'self' https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com/analytics.js; style-src 'self' https://code.cdn.mozilla.net/fonts/; report-uri /__cspreport__ < X-Webkit-Csp: base-uri 'none'; default-src 'none'; connect-src 'self' https://code.cdn.mozilla.net/fonts/ https://www.google-analytics.com; font-src 'self' https://code.cdn.mozilla.net/fonts/; frame-ancestors 'none'; img-src 'self' https://www.google-analytics.com; script-src 'self' https://www.google-analytics.com/analytics.js; style-src 'self' https://code.cdn.mozilla.net/fonts/; report-uri /__cspreport__ < Referrer-Policy: strict-origin-when-cross-origin < Last-Modified: Thu Sep 13 2018 09:37:49 GMT+0000 (Coordinated Universal Time) < Content-Type: application/json; charset=utf-8 < Content-Length: 237729 < Etag: W/"3a0a1-inuZ3JZdyKWRVF2LaUHKD9gxPWc" < Date: Thu, 13 Sep 2018 20:47:14 GMT < Via: 1.1 vegur < [{"Title":"000webhost","Name":"000webhost","Domain":"000webhost.com","BreachDate":"2015-03-01","AddedDate":"2015-10-26T23:35:45Z","ModifiedDate":"2017-12-10T21:44:27Z","PwnCount":14936670,"Description":"In approximately March 2015, the free web hosting provider 000webhost suffered a major data breach that exposed almost 15 million customer records. The data was sold and traded before 000webhost was alerted in October. The breach included names, email addresses and plain text passwords.","DataClasses":["Email addresses","IP addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"126","Name":"126","Domain":"126.com","BreachDate":"2012-01-01","AddedDate":"2016-10-08T07:46:05Z","ModifiedDate":"2016-10-08T07:46:05Z","PwnCount":6414191,"Description":"In approximately 2012, it's alleged that the Chinese email service known as 126 suffered a data breach that impacted 6.4 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses and plain text passwords. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"17","Name":"17Media","Domain":"17app.co","BreachDate":"2016-04-19","AddedDate":"2016-07-08T01:55:03Z","ModifiedDate":"2016-07-08T01:55:03Z","PwnCount":4009640,"Description":"In April 2016, customer data obtained from the streaming app known as \"17\" appeared listed for sale on a Tor hidden service marketplace. The data contained over 4 million unique email addresses along with IP addresses, usernames and passwords stored as unsalted MD5 hashes.","DataClasses":["Device information","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"17173","Name":"17173","Domain":"17173.com","BreachDate":"2011-12-28","AddedDate":"2018-04-28T04:53:15Z","ModifiedDate":"2018-04-28T04:53:15Z","PwnCount":7485802,"Description":"In late 2011, a series of data breaches in China affected up to 100 million users, including 7.5 million from the gaming site known as 17173. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from dehashed.com. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"2,844 Separate Data Breaches","Name":"2844Breaches","Domain":"","BreachDate":"2018-02-19","AddedDate":"2018-02-26T10:06:02Z","ModifiedDate":"2018-02-26T10:06:02Z","PwnCount":80115532,"Description":"In February 2018, a massive collection of almost 3,000 alleged data breaches was found online. Whilst some of the data had previously been seen in Have I Been Pwned, 2,844 of the files consisting of more than 80 million unique email addresses had not previously been seen. Each file contained both an email address and plain text password and were consequently loaded as a single \"unverified\" data breach.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"2fast4u","Name":"2fast4u","Domain":"2fast4u.be","BreachDate":"2017-12-20","AddedDate":"2018-01-07T08:19:39Z","ModifiedDate":"2018-01-07T08:19:39Z","PwnCount":17706,"Description":"In December 2017, the Belgian motorcycle forum 2fast4u discovered a data breach of their system. The breach of the vBulletin message board impacted over 17k individual users and exposed email addresses, usersnames and salted MD5 passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"7k7k","Name":"7k7k","Domain":"7k7k.com","BreachDate":"2011-01-01","AddedDate":"2017-09-26T21:54:01Z","ModifiedDate":"2017-09-26T21:54:01Z","PwnCount":9121434,"Description":"In approximately 2011, it's alleged that the Chinese gaming site known as 7k7k suffered a data breach that impacted 9.1 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains usernames, email addresses and plain text passwords. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"8tracks","Name":"8tracks","Domain":"8tracks.com","BreachDate":"2017-06-27","AddedDate":"2018-02-16T07:09:30Z","ModifiedDate":"2018-02-16T07:09:30Z","PwnCount":7990619,"Description":"In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts. In their disclosure, 8Tracks advised that \"the vector for the attack was an employee’s GitHub account, which was not secured using two-factor authentication\". Salted SHA-1 password hashes for users who didn't sign up with either Google or Facebook authentication were also included. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Abandonia","Name":"Abandonia","Domain":"abandonia.com","BreachDate":"2015-11-01","AddedDate":"2017-06-05T05:56:47Z","ModifiedDate":"2017-06-05T05:56:47Z","PwnCount":776125,"Description":"In November 2015, the gaming website dedicated to classic DOS games Abandonia suffered a data breach resulting in the exposure of 776k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"AbuseWith.Us","Name":"AbuseWithUs","Domain":"abusewith.us","BreachDate":"2016-07-01","AddedDate":"2017-10-09T11:08:45Z","ModifiedDate":"2017-10-09T11:08:45Z","PwnCount":1372550,"Description":"In 2016, the site dedicated to helping people hack email and online gaming accounts known as Abusewith.us suffered multiple data breaches. The site allegedly had an administrator in common with the nefarious LeakedSource site, both of which have since been shut down. The exposed data included more than 1.3 million unique email addresses, often accompanied by usernames, IP addresses and plain text or hashed passwords retrieved from various sources and intended to be used to compromise the victims' accounts.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Acne.org","Name":"AcneOrg","Domain":"acne.org","BreachDate":"2014-11-25","AddedDate":"2016-03-06T11:07:41Z","ModifiedDate":"2016-03-06T11:07:41Z","PwnCount":432943,"Description":"In November 2014, the acne website acne.org suffered a data breach that exposed over 430k forum members' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Adobe","Name":"Adobe","Domain":"adobe.com","BreachDate":"2013-10-04","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":152445165,"Description":"In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced.","DataClasses":["Email addresses","Password hints","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Adult Friend Finder","Name":"AdultFriendFinder","Domain":"adultfriendfinder.com","BreachDate":"2015-05-21","AddedDate":"2015-05-22T06:03:44Z","ModifiedDate":"2015-05-22T06:03:44Z","PwnCount":3867997,"Description":"In May 2015, the adult hookup site Adult Friend Finder was hacked and nearly 4 million records dumped publicly. The data dump included extremely sensitive personal information about individuals and their relationship statuses and sexual preferences combined with personally identifiable information.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Races","Relationship statuses","Sexual orientations","Spoken languages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Adult-FanFiction.Org","Name":"AdultFanFiction","Domain":"adult-fanfiction.org","BreachDate":"2018-05-30","AddedDate":"2018-08-06T08:56:03Z","ModifiedDate":"2018-08-06T08:56:03Z","PwnCount":186082,"Description":"In May 2018, the website for sharing adult-orientated works of fiction known as Adult-FanFiction.Org had 186k records exposed in a data breach. The data contained names, email addresses, dates of birth and passwords stored as both MD5 hashes and plain text. AFF did not respond when contacted about the breach and the site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Dates of birth","Email addresses","Names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"AhaShare.com","Name":"AhaShare","Domain":"ahashare.com","BreachDate":"2013-05-30","AddedDate":"2014-11-06T21:47:52Z","ModifiedDate":"2014-11-06T21:47:52Z","PwnCount":180468,"Description":"In May 2013, the torrent site AhaShare.com suffered a breach which resulted in more than 180k user accounts being published publicly. The breach included a raft of personal information on registered users plus despite assertions of not distributing personally identifiable information, the site also leaked the IP addresses used by the registered identities.","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Passwords","Usernames","Website activity","Years of birth"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"ai.type","Name":"AIType","Domain":"aitype.com","BreachDate":"2017-12-05","AddedDate":"2017-12-08T21:31:25Z","ModifiedDate":"2017-12-08T21:31:25Z","PwnCount":20580060,"Description":"In December 2017, the virtual keyboard application ai.type was found to have left a huge amount of data publicly facing in an unsecured MongoDB instance. Discovered by researchers at The Kromtech Security Center, the 577GB data set included extensive personal information including over 20 million unique email addresses, social media profiles and address book contacts. The email addresses alone were provided to HIBP to enable impacted users to assess their exposure.","DataClasses":["Address book contacts","Apps installed on devices","Cellular network names","Dates of birth","Device information","Email addresses","Genders","Geographic locations","IMEI numbers","IMSI numbers","IP addresses","Names","Phone numbers","Profile photos","Social media profiles"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Aipai.com","Name":"Aipai","Domain":"aipai.com","BreachDate":"2016-09-27","AddedDate":"2016-11-07T21:55:29Z","ModifiedDate":"2016-11-07T21:55:29Z","PwnCount":6496778,"Description":"In September 2016, data allegedly obtained from the Chinese gaming website known as Aipai.com and containing 6.5M accounts was leaked online. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses and MD5 password hashes. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"AKP Emails","Name":"AKP","Domain":"akparti.org.tr","BreachDate":"2016-07-19","AddedDate":"2017-10-01T03:52:37Z","ModifiedDate":"2017-10-01T03:52:37Z","PwnCount":917461,"Description":"In July 2016, a hacker known as Phineas Fisher hacked Turkey's ruling party (Justice and Development Party or \"AKP\") and gained access to 300k emails. The full contents of the emails were subsequently published by WikiLeaks and made searchable. HIBP identified over 917k unique email address patterns in the data set, including message IDs and a number of other non-user addresses.","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Ancestry","Name":"Ancestry","Domain":"ancestry.com","BreachDate":"2015-11-07","AddedDate":"2017-12-24T04:28:45Z","ModifiedDate":"2017-12-24T04:28:45Z","PwnCount":297806,"Description":"In November 2015, an Ancestry service known as RootsWeb suffered a data breach. The breach was not discovered until late 2017 when a file containing almost 300k email addresses and plain text passwords was identified. ","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Android Forums","Name":"AndroidForums","Domain":"androidforums.com","BreachDate":"2011-10-30","AddedDate":"2015-12-20T06:47:19Z","ModifiedDate":"2015-12-20T06:47:19Z","PwnCount":745355,"Description":"In October 2011, the Android Forums website was hacked and 745k user accounts were subsequently leaked publicly. The compromised data included email addresses, user birth dates and passwords stored as a salted MD5 hash.","DataClasses":["Dates of birth","Email addresses","Homepage URLs","Instant messenger identities","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Anti Public Combo List","Name":"AntiPublic","Domain":"","BreachDate":"2016-12-16","AddedDate":"2017-05-04T22:07:38Z","ModifiedDate":"2017-05-04T22:07:38Z","PwnCount":457962538,"Description":"In December 2016, a huge list of email address and password pairs appeared in a \"combo list\" referred to as \"Anti Public\". The list contained 458 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for \"credential stuffing\", that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read Password reuse, credential stuffing and another billion records in Have I been pwned.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Army Force Online","Name":"ArmyForceOnline","Domain":"armyforceonline.com","BreachDate":"2016-05-18","AddedDate":"2016-11-10T03:24:38Z","ModifiedDate":"2016-11-10T03:24:38Z","PwnCount":1531235,"Description":"In May 2016, the the online gaming site Army Force Online suffered a data breach that exposed 1.5M accounts. The breached data was found being regularly traded online and included usernames, email and IP addresses and MD5 passwords.","DataClasses":["Avatars","Email addresses","Geographic locations","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Ashley Madison","Name":"AshleyMadison","Domain":"ashleymadison.com","BreachDate":"2015-07-19","AddedDate":"2015-08-18T20:55:05Z","ModifiedDate":"2015-08-18T20:55:05Z","PwnCount":30811934,"Description":"In July 2015, the infidelity website Ashley Madison suffered a serious data breach. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as \"sensitive\" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Read about this approach in detail.","DataClasses":["Dates of birth","Email addresses","Ethnicities","Genders","Names","Passwords","Payment histories","Phone numbers","Physical addresses","Security questions and answers","Sexual orientations","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Astropid","Name":"AstroPID","Domain":"astropid.com","BreachDate":"2013-12-19","AddedDate":"2014-07-06T03:49:45Z","ModifiedDate":"2014-07-06T03:49:45Z","PwnCount":5788,"Description":"In December 2013, the vBulletin forum for the social engineering site known as \"AstroPID\" was breached and leaked publicly. The site provided tips on fraudulently obtaining goods and services, often by providing a legitimate \"PID\" or Product Information Description. The breach resulted in nearly 6k user accounts and over 220k private messages between forum members being exposed.","DataClasses":["Email addresses","Instant messenger identities","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Aternos","Name":"Aternos","Domain":"aternos.org","BreachDate":"2015-12-06","AddedDate":"2016-10-01T23:42:56Z","ModifiedDate":"2016-10-01T23:42:56Z","PwnCount":1436486,"Description":"In December 2015, the service for creating and running free Minecraft servers known as Aternos suffered a data breach that impacted 1.4 million subscribers. The data included usernames, email and IP addresses and hashed passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Atlas Quantum","Name":"AtlasQuantum","Domain":"atlasquantum.com","BreachDate":"2018-08-25","AddedDate":"2018-08-27T01:42:34Z","ModifiedDate":"2018-08-28T21:17:47Z","PwnCount":261463,"Description":"In August 2018, the cryptocurrency investment platform Atlas Quantum suffered a data breach. The breach leaked the personal data of 261k investors on the platform including their names, phone numbers, email addresses and account balances.","DataClasses":["Account balances","Email addresses","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Autocentrum.pl","Name":"Autocentrum","Domain":"autocentrum.pl","BreachDate":"2018-02-04","AddedDate":"2018-02-09T00:55:26Z","ModifiedDate":"2018-02-09T00:55:26Z","PwnCount":143717,"Description":"In February 2018, data belonging to the Polish motoring website autocentrum.pl was found online. The data contained 144k email addresses and plain text passwords.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Avast","Name":"Avast","Domain":"avast.com","BreachDate":"2014-05-26","AddedDate":"2016-03-12T22:08:58Z","ModifiedDate":"2016-03-12T22:08:58Z","PwnCount":422959,"Description":"In May 2014, the Avast anti-virus forum was hacked and 423k member records were exposed. The Simple Machines Based forum included usernames, emails and password hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"B2B USA Businesses","Name":"B2BUSABusinesses","Domain":"","BreachDate":"2017-07-18","AddedDate":"2017-07-18T07:38:04Z","ModifiedDate":"2017-07-18T07:38:04Z","PwnCount":105059554,"Description":"In mid-2017, a spam list of over 105 million individuals in corporate America was discovered online. Referred to as \"B2B USA Businesses\", the list categorised email addresses by employer, providing information on individuals' job titles plus their work phone numbers and physical addresses. Read more about spam lists in HIBP.","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Badoo","Name":"Badoo","Domain":"badoo.com","BreachDate":"2013-06-01","AddedDate":"2016-07-06T08:16:03Z","ModifiedDate":"2016-07-06T08:16:03Z","PwnCount":112005531,"Description":"In June 2016, a data breach allegedly originating from the social website Badoo was found to be circulating amongst traders. Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes. Whilst there are many indicators suggesting Badoo did indeed suffer a data breach, the legitimacy of the data could not be emphatically proven so this breach has been categorised as \"unverified\".","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Battlefield Heroes","Name":"BattlefieldHeroes","Domain":"battlefieldheroes.com","BreachDate":"2011-06-26","AddedDate":"2014-01-23T13:10:29Z","ModifiedDate":"2014-01-23T13:10:29Z","PwnCount":530270,"Description":"In June 2011 as part of a final breached data dump, the hacker collective \"LulzSec\" obtained and released over half a million usernames and passwords from the game Battlefield Heroes. The passwords were stored as MD5 hashes with no salt and many were easily converted back to their plain text versions.","DataClasses":["Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Beautiful People","Name":"BeautifulPeople","Domain":"beautifulpeople.com","BreachDate":"2015-11-11","AddedDate":"2016-04-25T10:05:34Z","ModifiedDate":"2016-04-25T10:05:34Z","PwnCount":1100089,"Description":"In November 2015, the dating website Beautiful People was hacked and over 1.1M accounts were leaked. The data was being traded in underground circles and included a huge amount of personal information related to dating.","DataClasses":["Beauty ratings","Car ownership statuses","Dates of birth","Drinking habits","Education levels","Email addresses","Genders","Geographic locations","Home ownership statuses","Income levels","IP addresses","Job titles","Names","Passwords","Personal descriptions","Personal interests","Physical attributes","Sexual orientations","Smoking habits","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Bell (2014 breach)","Name":"Bell","Domain":"bell.ca","BreachDate":"2014-02-01","AddedDate":"2014-02-01T23:57:10Z","ModifiedDate":"2014-02-01T23:57:10Z","PwnCount":20902,"Description":"In February 2014, Bell Canada suffered a data breach via the hacker collective known as NullCrew. The breach included data from multiple locations within Bell and exposed email addresses, usernames, user preferences and a number of unencrypted passwords and credit card data from 40,000 records containing just over 20,000 unique email addresses and usernames.","DataClasses":["Credit cards","Genders","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Bell (2017 breach)","Name":"Bell2017","Domain":"bell.ca","BreachDate":"2017-05-15","AddedDate":"2017-05-16T01:49:31Z","ModifiedDate":"2017-05-16T01:49:31Z","PwnCount":2231256,"Description":"In May 2017, the Bell telecommunications company in Canada suffered a data breach resulting in the exposure of millions of customer records. The data was consequently leaked online with a message from the attacker stating that they were \"releasing a significant portion of Bell.ca's data due to the fact that they have failed to cooperate with us\" and included a threat to leak more. The impacted data included over 2 million unique email addresses and 153k survey results dating back to 2011 and 2012. There were also 162 Bell employee records with more comprehensive personal data including names, phone numbers and plain text \"passcodes\". Bell suffered another breach in 2014 which exposed 40k records.","DataClasses":["Email addresses","Geographic locations","IP addresses","Job titles","Names","Passwords","Phone numbers","Spoken languages","Survey results","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Bestialitysextaboo","Name":"Bestialitysextaboo","Domain":"bestialitysextaboo.com","BreachDate":"2018-03-19","AddedDate":"2018-03-29T06:10:06Z","ModifiedDate":"2018-03-29T06:10:06Z","PwnCount":3204,"Description":"In March 2018, the animal bestiality website known as Bestialitysextaboo was hacked. A collection of various sites running on the same service were also compromised and details of the hack (including links to the data) were posted on a popular forum. In all, more than 3.2k unique email addresses were included alongside usernames, IP addresses, dates of birth, genders and bcrypt hashes of passwords.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"BigMoneyJobs","Name":"BigMoneyJobs","Domain":"bigmoneyjobs.com","BreachDate":"2014-04-03","AddedDate":"2014-04-08T05:44:10Z","ModifiedDate":"2014-04-08T05:44:10Z","PwnCount":36789,"Description":"In April 2014, the job site bigmoneyjobs.com was hacked by an attacker known as \"ProbablyOnion\". The attack resulted in the exposure of over 36,000 user accounts including email addresses, usernames and passwords which were stored in plain text. The attack was allegedly mounted by exploiting a SQL injection vulnerability.","DataClasses":["Career levels","Education levels","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Salutations","User website URLs","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Bin Weevils","Name":"BinWeevils","Domain":"binweevils.com","BreachDate":"2014-09-01","AddedDate":"2017-08-18T07:10:57Z","ModifiedDate":"2017-08-18T07:10:57Z","PwnCount":1287073,"Description":"In September 2014, the online game Bin Weevils suffered a data breach. Whilst originally stating that only usernames and passwords had been exposed, a subsequent story on DataBreaches.net indicated that a more extensive set of personal attributes were impacted (comments there also suggest the data may have come from a later breach). Data matching that pattern was later provided to Have I been pwned by @akshayindia6 and included almost 1.3m unique email addresses, genders, ages and plain text passwords.","DataClasses":["Ages","Email addresses","Genders","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Biohack.me","Name":"BiohackMe","Domain":"biohack.me","BreachDate":"2016-12-02","AddedDate":"2017-08-23T20:47:39Z","ModifiedDate":"2017-08-23T20:47:39Z","PwnCount":3402,"Description":"In December 2016, the forum for the biohacking website Biohack.me suffered a data breach that exposed 3.4k accounts. The data included usernames, email addresses and hashed passwords along with the private messages of forum members. The data was self-submitted to HIBP by the Biohack.me operators.","DataClasses":["Email addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Bitcoin Security Forum Gmail Dump","Name":"BTSec","Domain":"forum.btcsec.com","BreachDate":"2014-01-09","AddedDate":"2014-09-10T20:30:11Z","ModifiedDate":"2014-09-10T20:30:11Z","PwnCount":4789599,"Description":"In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum. Whilst commonly reported as 5M \"Gmail passwords\", the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were confirmed by multiple source as correct, albeit a number of years old.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Bitcoin Talk","Name":"BitcoinTalk","Domain":"bitcointalk.org","BreachDate":"2015-05-22","AddedDate":"2017-03-27T23:45:41Z","ModifiedDate":"2017-03-27T23:45:41Z","PwnCount":501407,"Description":"In May 2015, the Bitcoin forum Bitcoin Talk was hacked and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Passwords","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Bitly","Name":"Bitly","Domain":"bitly.com","BreachDate":"2014-05-08","AddedDate":"2017-10-06T06:31:50Z","ModifiedDate":"2017-10-06T08:05:10Z","PwnCount":9313136,"Description":"In May 2014, the link management company Bitly announced they'd suffered a data breach. The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"BitTorrent","Name":"BitTorrent","Domain":"bittorrent.com","BreachDate":"2016-01-01","AddedDate":"2016-06-08T10:49:24Z","ModifiedDate":"2016-06-08T10:49:24Z","PwnCount":34235,"Description":"In January 2016, the forum for the popular torrent software BitTorrent was hacked. The IP.Board based forum stored passwords as weak SHA1 salted hashes and the breached data also included usernames, email and IP addresses.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Black Hat World","Name":"BlackHatWorld","Domain":"blackhatworld.com","BreachDate":"2014-06-23","AddedDate":"2015-11-03T22:20:17Z","ModifiedDate":"2015-11-03T22:20:17Z","PwnCount":777387,"Description":"In June 2014, the search engine optimisation forum Black Hat World had three quarters of a million accounts breached from their system. The breach included various personally identifiable attributes which were publicly released in a MySQL database script.","DataClasses":["Dates of birth","Email addresses","Instant messenger identities","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Bolt","Name":"Bolt","Domain":"bolt.cd","BreachDate":"2017-03-01","AddedDate":"2017-11-24T08:15:24Z","ModifiedDate":"2017-11-24T08:16:45Z","PwnCount":995274,"Description":"In approximately March 2017, the file sharing website Bolt suffered a data breach resulting in the exposure of 995k unique user records. The data was sourced from their vBulletin forum and contained email and IP addresses, usernames and salted MD5 password hashes. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Bot of Legends","Name":"BotOfLegends","Domain":"botoflegends.com","BreachDate":"2014-11-13","AddedDate":"2016-12-27T08:24:52Z","ModifiedDate":"2016-12-27T08:24:52Z","PwnCount":238373,"Description":"In November 2014, the forum for Bot of Legends suffered a data breach. The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Boxee","Name":"Boxee","Domain":"forums.boxee.com","BreachDate":"2014-03-29","AddedDate":"2014-03-30T13:07:16Z","ModifiedDate":"2014-03-30T13:07:16Z","PwnCount":158093,"Description":"In March 2014, the home theatre PC software maker Boxee had their forums compromised in an attack. The attackers obtained the entire vBulletin MySQL database and promptly posted it for download on the Boxee forum itself. The data included 160k users, password histories, private messages and a variety of other data exposed across nearly 200 publicly exposed tables.","DataClasses":["Dates of birth","Email addresses","Geographic locations","Historical passwords","Instant messenger identities","IP addresses","Passwords","Private messages","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Brazzers","Name":"Brazzers","Domain":"brazzers.com","BreachDate":"2013-04-01","AddedDate":"2016-09-05T10:02:23Z","ModifiedDate":"2016-09-05T10:02:23Z","PwnCount":790724,"Description":"In April 2013, the adult website known as Brazzers was hacked and 790k accounts were exposed publicly. Each record included a username, email address and password stored in plain text. The breach was brought to light by the Vigilante.pw data breach reporting site in September 2016.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"BTC-E","Name":"BTCE","Domain":"btc-e.com","BreachDate":"2014-10-01","AddedDate":"2017-03-12T03:21:52Z","ModifiedDate":"2017-03-12T03:21:52Z","PwnCount":568340,"Description":"In October 2014, the Bitcoin exchange BTC-E was hacked and 568k accounts were exposed. The data included email and IP addresses, wallet balances and hashed passwords.","DataClasses":["Account balances","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Business Acumen Magazine","Name":"BusinessAcumen","Domain":"businessacumen.biz","BreachDate":"2014-04-25","AddedDate":"2014-05-11T04:25:48Z","ModifiedDate":"2014-05-11T04:25:48Z","PwnCount":26596,"Description":"In April 2014, the Australian \"Business Acumen Magazine\" website was hacked by an attacker known as 1337MiR. The breach resulted in over 26,000 accounts being exposed including usernames, email addresses and password stored with a weak cryptographic hashing algorithm (MD5 with no salt).","DataClasses":["Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"CafeMom","Name":"CafeMom","Domain":"cafemom.com","BreachDate":"2014-04-10","AddedDate":"2017-11-09T19:54:20Z","ModifiedDate":"2017-11-09T19:55:00Z","PwnCount":2628148,"Description":"In 2014, the social network for mothers CafeMom suffered a data breach. The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Cannabis.com","Name":"CannabisForum","Domain":"cannabis.com","BreachDate":"2014-02-05","AddedDate":"2014-06-01T07:55:24Z","ModifiedDate":"2014-06-01T07:55:24Z","PwnCount":227746,"Description":"In February 2014, the vBulletin forum for the Marijuana site cannabis.com was breached and leaked publicly. Whilst there has been no public attribution of the breach, the leaked data included over 227k accounts and nearly 10k private messages between users of the forum.","DataClasses":["Dates of birth","Email addresses","Geographic locations","Historical passwords","Instant messenger identities","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"CashCrate","Name":"CashCrate","Domain":"cashcrate.com","BreachDate":"2016-11-17","AddedDate":"2018-04-20T21:40:38Z","ModifiedDate":"2018-04-20T21:40:38Z","PwnCount":6844490,"Description":"In June 2017, news broke that CashCrate had suffered a data breach exposing 6.8 million records. The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.","DataClasses":["Email addresses","Names","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"CD Projekt RED","Name":"CDProjektRed","Domain":"cdprojektred.com","BreachDate":"2016-03-01","AddedDate":"2017-01-31T06:40:09Z","ModifiedDate":"2017-01-31T06:40:09Z","PwnCount":1871373,"Description":"In March 2016, Polish game developer CD Projekt RED suffered a data breach. The hack of their forum led to the exposure of almost 1.9 million accounts along with usernames, email addresses and salted SHA1 passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"CheapAssGamer.com","Name":"CheapAssGamer","Domain":"cheapassgamer.com","BreachDate":"2015-07-01","AddedDate":"2016-11-08T01:58:39Z","ModifiedDate":"2016-11-08T01:58:39Z","PwnCount":444767,"Description":"In approximately mid-2015, the forum for CheapAssGamer.com suffered a data breach. The database from the IP.Board based forum contained 445k accounts including usernames, email and IP addresses and salted MD5 password hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Civil Online","Name":"CivilOnline","Domain":"co188.com","BreachDate":"2011-07-10","AddedDate":"2016-11-07T20:41:52Z","ModifiedDate":"2016-11-07T20:41:52Z","PwnCount":7830195,"Description":"In mid-2011, data was allegedly obtained from the Chinese engineering website known as Civil Online and contained 7.8M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email and IP addresses, user names and MD5 password hashes. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"ClixSense","Name":"ClixSense","Domain":"clixsense.com","BreachDate":"2016-09-04","AddedDate":"2016-09-11T06:37:25Z","ModifiedDate":"2016-09-11T06:37:25Z","PwnCount":2424784,"Description":"In September 2016, the paid-to-click site ClixSense suffered a data breach which exposed 2.4 million subscriber identities. The breached data was then posted online by the attackers who claimed it was a subset of a larger data breach totalling 6.6 million records. The leaked data was extensive and included names, physical, email and IP addresses, genders and birth dates, account balances and passwords stored as plain text.","DataClasses":["Account balances","Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Payment histories","Payment methods","Physical addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"CloudPets","Name":"CloudPets","Domain":"cloudpets.com","BreachDate":"2017-01-01","AddedDate":"2017-02-27T20:57:29Z","ModifiedDate":"2017-02-27T20:57:29Z","PwnCount":583503,"Description":"In January, the maker of teddy bears that record children's voices and sends them to family and friends via the internet CloudPets left their database publicly exposed and it was subsequently downloaded by external parties (the data was also subject to 3 different ransom demands). 583k records were provided to HIBP via a data trader and included email addresses and bcrypt hashes, but the full extent of user data exposed by the system was over 821k records and also included children's names and references to portrait photos and voice recordings.","DataClasses":["Email addresses","Family members' names","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Coachella","Name":"Coachella","Domain":"coachella.com","BreachDate":"2017-02-22","AddedDate":"2017-06-27T10:57:03Z","ModifiedDate":"2017-06-27T10:57:03Z","PwnCount":599802,"Description":"In February 2017, hundreds of thousands of records from the Coachella music festival were discovered being sold online. Allegedly taken from a combination of the main Coachella website and their vBulletin-based message board, the data included almost 600k usernames, IP and email addresses and salted hashes of passwords (MD5 in the case of the message board).","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Comcast","Name":"Comcast","Domain":"comcast.net","BreachDate":"2015-11-08","AddedDate":"2016-02-08T21:41:43Z","ModifiedDate":"2016-02-08T21:41:43Z","PwnCount":616882,"Description":"In November 2015, the US internet and cable TV provider Comcast suffered a data breach that exposed 590k customer email addresses and plain text passwords. A further 27k accounts appeared with home addresses with the entire data set being sold on underground forums.","DataClasses":["Email addresses","Passwords","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"COMELEC (Philippines Voters)","Name":"COMELEC","Domain":"comelec.gov.ph","BreachDate":"2016-03-27","AddedDate":"2016-04-14T02:24:32Z","ModifiedDate":"2016-04-14T02:24:32Z","PwnCount":228605,"Description":"In March 2016, the Philippines Commission of Elections website (COMELEC) was attacked and defaced, allegedly by Anonymous Philippines. Shortly after, data on 55 million Filipino voters was leaked publicly and included sensitive information such as genders, marital statuses, height and weight and biometric fingerprint data. The breach only included 228k email addresses.","DataClasses":["Biometric data","Dates of birth","Email addresses","Family members' names","Genders","Job titles","Marital statuses","Names","Passport numbers","Phone numbers","Physical addresses","Physical attributes"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Coupon Mom / Armor Games","Name":"CouponMomAndArmorGames","Domain":"","BreachDate":"2014-02-08","AddedDate":"2017-11-09T23:46:52Z","ModifiedDate":"2017-11-09T23:46:52Z","PwnCount":11010525,"Description":"In 2014, a file allegedly containing data hacked from Coupon Mom was created and included 11 million email addresses and plain text passwords. On further investigation, the file was also found to contain data indicating it had been sourced from Armor Games. Subsequent verification with HIBP subscribers confirmed the passwords had previously been used and many subscribers had used either Coupon Mom or Armor Games in the past. On disclosure to both organisations, each found that the data did not represent their entire customer base and possibly includes records from other sources with common subscribers. The breach has subsequently been flagged as \"unverified\" as the source cannot be emphatically proven.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Crack Community","Name":"CrackCommunity","Domain":"crackcommunity.com","BreachDate":"2013-09-09","AddedDate":"2015-02-03T06:30:05Z","ModifiedDate":"2015-02-03T06:30:05Z","PwnCount":19210,"Description":"In late 2013, the Crack Community forum specialising in cracks for games was compromised and over 19k accounts published online. Built on the MyBB forum platform, the compromised data included email addresses, IP addresses and salted MD5 passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"CrackingForum","Name":"CrackingForum","Domain":"crackingforum.com","BreachDate":"2016-07-01","AddedDate":"2017-12-10T20:08:30Z","ModifiedDate":"2017-12-10T20:08:30Z","PwnCount":660305,"Description":"In approximately mid-2016, the cracking community forum known as CrackingForum suffered a data breach. The vBulletin based forum exposed 660k email and IP addresses, usernames and salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Creative","Name":"Creative","Domain":"creative.com","BreachDate":"2018-05-01","AddedDate":"2018-06-07T21:00:31Z","ModifiedDate":"2018-06-07T21:00:31Z","PwnCount":483015,"Description":"In May 2018, the forum for Singaporean hardware company Creative Technology suffered a data breach which resulted in the disclosure of 483k unique email addresses. Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes. After being notified of the incident, Creative permanently shut down the forum.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"CrimeAgency vBulletin Hacks","Name":"CrimeAgencyVBulletin","Domain":"","BreachDate":"2017-01-19","AddedDate":"2017-03-21T03:12:40Z","ModifiedDate":"2017-03-21T03:12:40Z","PwnCount":942044,"Description":"In January 2016, a large number of unpatched vBulletin forums were compromised by an actor known as \"CrimeAgency\". A total of 140 forums had data including usernames, email addresses and passwords (predominantly stored as salted MD5 hashes), extracted and then distributed. Refer to the complete list of the forums for further information on which sites were impacted.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Cross Fire","Name":"CrossFire","Domain":"cfire.mail.ru","BreachDate":"2016-08-08","AddedDate":"2016-12-28T00:29:28Z","ModifiedDate":"2016-12-28T00:29:28Z","PwnCount":12865609,"Description":"In August 2016, the Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"DaFont","Name":"DaFont","Domain":"dafont.com","BreachDate":"2017-05-16","AddedDate":"2017-05-18T20:05:28Z","ModifiedDate":"2017-05-18T20:05:28Z","PwnCount":637340,"Description":"In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Dailymotion","Name":"Dailymotion","Domain":"dailymotion.com","BreachDate":"2016-10-20","AddedDate":"2017-08-07T02:51:12Z","ModifiedDate":"2017-08-07T02:51:12Z","PwnCount":85176234,"Description":"In October 2016, the video sharing platform Dailymotion suffered a data breach. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"DaniWeb","Name":"DaniWeb","Domain":"daniweb.com","BreachDate":"2015-12-01","AddedDate":"2016-12-28T23:12:16Z","ModifiedDate":"2016-12-28T23:12:16Z","PwnCount":1131636,"Description":"In late 2015, the technology and social site DaniWeb suffered a data breach. The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords. However, DaniWeb have advised that \"the breached password hashes and salts are incorrect\" and that they have since switched to new infrastructure and software.","DataClasses":["Email addresses","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Data Enrichment Records","Name":"DataEnrichment","Domain":"","BreachDate":"2016-12-23","AddedDate":"2017-06-08T16:23:07Z","ModifiedDate":"2017-06-08T16:23:07Z","PwnCount":8176132,"Description":"In December 2016, more than 200 million \"data enrichment profiles\" were found for sale on the darknet. The seller claimed the data was sourced from Experian and whilst that claim was rejected by the company, the data itself was found to be legitimate suggesting it may have been sourced from other legitimate locations. In total, there were more than 8 million unique email addresses in the data which also contained a raft of other personal attributes including credit ratings, home ownership status, family structure and other fields described in the story linked to above. The email addresses alone were provided to HIBP.","DataClasses":["Buying preferences","Charitable donations","Credit status information","Dates of birth","Email addresses","Family structure","Financial investments","Home ownership statuses","Income levels","Job titles","Marital statuses","Names","Net worths","Phone numbers","Physical addresses","Political donations"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"diet.com","Name":"DietCom","Domain":"diet.com","BreachDate":"2014-08-10","AddedDate":"2017-10-13T21:37:10Z","ModifiedDate":"2017-10-13T21:37:10Z","PwnCount":1383759,"Description":"In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Dates of birth","Eating habits","Email addresses","IP addresses","Names","Passwords","Physical attributes","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Disqus","Name":"Disqus","Domain":"disqus.com","BreachDate":"2012-07-01","AddedDate":"2017-10-06T23:03:51Z","ModifiedDate":"2017-10-06T23:03:51Z","PwnCount":17551044,"Description":"In October 2017, the blog commenting service Disqus announced they'd suffered a data breach. The breach dated back to July 2012 but wasn't identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"DLH.net","Name":"DLH","Domain":"dlh.net","BreachDate":"2016-07-31","AddedDate":"2016-09-07T13:29:25Z","ModifiedDate":"2016-09-07T13:29:25Z","PwnCount":3264710,"Description":"In July 2016, the gaming news site DLH.net suffered a data breach which exposed 3.3M subscriber identities. Along with the keys used to redeem and activate games on the Steam platform, the breach also resulted in the exposure of email addresses, birth dates and salted MD5 password hashes. The data was donated to Have I been pwned by data breach monitoring service Vigilante.pw.","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Dodonew.com","Name":"Dodonew","Domain":"dodonew.com","BreachDate":"2011-12-01","AddedDate":"2016-11-10T00:26:01Z","ModifiedDate":"2016-11-10T00:26:01Z","PwnCount":8718404,"Description":"In late 2011, data was allegedly obtained from the Chinese website known as Dodonew.com and contained 8.7M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses and user names. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Domino's","Name":"Dominos","Domain":"pizza.dominos.be","BreachDate":"2014-06-13","AddedDate":"2015-01-04T03:03:34Z","ModifiedDate":"2015-01-04T03:03:34Z","PwnCount":648231,"Description":"In June 2014, Domino's Pizza in France and Belgium was hacked by a group going by the name \"Rex Mundi\" and their customer data held to ransom. Domino's refused to pay the ransom and six months later, the attackers released the data along with troves of other hacked accounts. Amongst the customer data was passwords stored with a weak MD5 hashing algorithm and no salt.","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Dropbox","Name":"Dropbox","Domain":"dropbox.com","BreachDate":"2012-07-01","AddedDate":"2016-08-31T00:19:19Z","ModifiedDate":"2016-08-31T00:19:19Z","PwnCount":68648009,"Description":"In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Dungeons & Dragons Online","Name":"DDO","Domain":"ddo.com","BreachDate":"2013-04-02","AddedDate":"2016-03-12T10:59:56Z","ModifiedDate":"2016-03-12T10:59:56Z","PwnCount":1580933,"Description":"In April 2013, the interactive video game Dungeons & Dragons Online suffered a data breach that exposed almost 1.6M players' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Duowan.com","Name":"Duowan","Domain":"duowan.com","BreachDate":"2011-01-01","AddedDate":"2016-11-07T12:53:19Z","ModifiedDate":"2016-11-07T12:53:19Z","PwnCount":2639894,"Description":"In approximately 2011, data was allegedly obtained from the Chinese gaming website known as Duowan.com and contained 2.6M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses, user names and plain text passwords. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"dvd-shop.ch","Name":"DVDShopCH","Domain":"dvd-shop.ch","BreachDate":"2017-12-05","AddedDate":"2017-12-10T04:58:09Z","ModifiedDate":"2017-12-10T04:58:09Z","PwnCount":67973,"Description":"In December 2017, the online Swiss DVD store known as dvd-shop.ch suffered a data breach. The incident led to the exposure of 68k email addresses and plain text passwords. The site has since been updated to indicate that it is currently closed.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Edmodo","Name":"Edmodo","Domain":"edmodo.com","BreachDate":"2017-05-11","AddedDate":"2017-06-01T05:59:24Z","ModifiedDate":"2017-06-01T05:59:24Z","PwnCount":43423561,"Description":"In May 2017, the education platform Edmodo was hacked resulting in the exposure of 77 million records comprised of over 43 million unique customer email addresses. The data was consequently published to a popular hacking forum and made freely available. The records in the breach included usernames, email addresses and bcrypt hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Elance","Name":"Elance","Domain":"elance.com","BreachDate":"2009-01-01","AddedDate":"2017-02-18T02:54:48Z","ModifiedDate":"2017-02-18T02:54:48Z","PwnCount":1291178,"Description":"Sometime in 2009, staffing platform Elance suffered a data breach that impacted 1.3 million accounts. Appearing online 8 years later, the data contained usernames, email addresses, phone numbers and SHA1 hashes of passwords, amongst other personal data.","DataClasses":["Email addresses","Employers","Geographic locations","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Epic Games","Name":"EpicGames","Domain":"epicgames.com","BreachDate":"2016-08-11","AddedDate":"2016-11-07T10:19:34Z","ModifiedDate":"2016-11-07T10:19:34Z","PwnCount":251661,"Description":"In August 2016, the Epic Games forum suffered a data breach, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 252k accounts including usernames, email addresses and salted MD5 hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Eroticy","Name":"Eroticy","Domain":"eroticy.com","BreachDate":"2015-06-01","AddedDate":"2017-01-10T02:19:56Z","ModifiedDate":"2017-01-10T02:19:56Z","PwnCount":1370175,"Description":"In mid-2016, it's alleged that the adult website known as Eroticy was hacked. Almost 1.4 million unique accounts were found circulating in late 2016 which contained a raft of personal information ranging from email addresses to phone numbers to plain text passwords. Whilst many HIBP subscribers confirmed their data was legitimate, the actual source of the breach remains inconclusive. A detailed account of the data has been published in the hope of identifying the origin of the breach.","DataClasses":["Email addresses","IP addresses","Names","Passwords","Payment histories","Phone numbers","Physical addresses","Usernames","Website activity"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Estonian Citizens (via Estonian Cybercrime Bureau)","Name":"Estonia","Domain":"","BreachDate":"2018-06-07","AddedDate":"2018-06-11T09:41:17Z","ModifiedDate":"2018-06-11T09:41:17Z","PwnCount":655161,"Description":"In June 2018, the Cybercrime Bureau of the Estonian Central Criminal Police contacted HIBP and asked for assistance in making a data set of 655k email addresses searchable. The Estonian police suspected the email addresses and passwords they obtained were being used to access mailboxes, cryptocurrency exchanges, cloud service accounts and other similar online assets. They've requested that individuals who find themselves in the data set and also identify that cryptocurrency has been stolen contact them at cybercrime@politsei.ee.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"eThekwini Municipality","Name":"eThekwiniMunicipality","Domain":"eservices.durban.gov.za","BreachDate":"2016-09-07","AddedDate":"2016-09-15T00:01:47Z","ModifiedDate":"2016-09-15T00:01:47Z","PwnCount":81830,"Description":"In September 2016, the new eThekwini eServices website in South Africa was launched with a number of security holes that lead to the leak of over 98k residents' personal information and utility bills across 82k unique email addresses. Emails were sent prior to launch containing passwords in plain text and the site allowed anyone to download utility bills without sufficient authentication. Various methods of customer data enumeration was possible and phishing attacks began appearing the day after launch.","DataClasses":["Dates of birth","Deceased date","Email addresses","Genders","Government issued IDs","Names","Passport numbers","Passwords","Phone numbers","Physical addresses","Utility bills"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Ethereum","Name":"Ethereum","Domain":"ethereum.org","BreachDate":"2016-12-16","AddedDate":"2016-12-20T23:56:26Z","ModifiedDate":"2016-12-20T23:56:26Z","PwnCount":16431,"Description":"In December 2016, the forum for the public blockchain-based distributed computing platform Ethereum suffered a data breach. The database contained over 16k unique email addresses along with IP addresses, private forum messages and (mostly) bcrypt hashed passwords. Ethereum elected to self-submit the data to HIBP, providing the service with a list of email addresses impacted by the incident.","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Evermotion","Name":"Evermotion","Domain":"evermotion.org","BreachDate":"2015-05-07","AddedDate":"2017-07-02T13:49:09Z","ModifiedDate":"2017-07-02T13:49:09Z","PwnCount":435510,"Description":"In May 2015, the Polish 3D modelling website known as Evermotion suffered a data breach resulting in the exposure of 435k unique user records. The data was sourced from a vBulletin forum and contained email addresses, usernames, dates of birth and salted MD5 hashes of passwords. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Evony","Name":"Evony","Domain":"evony.com","BreachDate":"2016-06-01","AddedDate":"2017-03-25T23:43:45Z","ModifiedDate":"2017-03-25T23:43:45Z","PwnCount":29396116,"Description":"In June 2016, the online multiplayer game Evony was hacked and over 29 million unique accounts were exposed. The attack led to the exposure of usernames, email and IP addresses and MD5 hashes of passwords (without salt).","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Exactis","Name":"Exactis","Domain":"exactis.com","BreachDate":"2018-06-01","AddedDate":"2018-07-25T20:00:44Z","ModifiedDate":"2018-07-25T20:00:44Z","PwnCount":131577763,"Description":"In June 2018, the marketing firm Exactis inadvertently publicly leaked 340 million records of personal data. Security researcher Vinny Troia of Night Lion Security discovered the leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data. The data was collected as part of Exactis' service as a \"compiler and aggregator of premium business & consumer data\" which they then sell for profiling and marketing purposes. A small subset of the exposed fields were provided to Have I Been Pwned and contained 132 million unique email addresses.","DataClasses":["Credit status information","Dates of birth","Education levels","Email addresses","Ethnicities","Family structure","Financial investments","Genders","Home ownership statuses","Income levels","IP addresses","Marital statuses","Names","Net worths","Occupations","Personal interests","Phone numbers","Physical addresses","Religions","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Experian","Name":"Experian","Domain":"experian.com","BreachDate":"2015-09-16","AddedDate":"2016-09-06T23:49:00Z","ModifiedDate":"2016-09-06T23:49:00Z","PwnCount":7196890,"Description":"In September 2015, the US based credit bureau and consumer data broker Experian suffered a data breach that impacted 15 million customers who had applied for financing from T-Mobile. An alleged data breach was subsequently circulated containing personal information including names, physical and email addresses, birth dates and various other personal attributes. Multiple Have I been pwned subscribers verified portions of the data as being accurate, but the actual source of it was inconclusive therefor this breach has been flagged as \"unverified\".","DataClasses":["Credit status information","Dates of birth","Email addresses","Ethnicities","Family structure","Genders","Home ownership statuses","Income levels","IP addresses","Names","Phone numbers","Physical addresses","Purchasing habits"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Exploit.In","Name":"ExploitIn","Domain":"","BreachDate":"2016-10-13","AddedDate":"2017-05-06T07:03:18Z","ModifiedDate":"2017-05-06T07:03:18Z","PwnCount":593427119,"Description":"In late 2016, a huge list of email address and password pairs appeared in a \"combo list\" referred to as \"Exploit.In\". The list contained 593 million unique email addresses, many with multiple different passwords hacked from various online systems. The list was broadly circulated and used for \"credential stuffing\", that is attackers employ it in an attempt to identify other online systems where the account owner had reused their password. For detailed background on this incident, read Password reuse, credential stuffing and another billion records in Have I been pwned.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Exposed VINs","Name":"VINs","Domain":"","BreachDate":"2017-06-05","AddedDate":"2017-06-09T05:35:19Z","ModifiedDate":"2017-06-09T05:35:19Z","PwnCount":396650,"Description":"In June 2017, an unsecured database with more than 10 million VINs (vehicle identification numbers) was discovered by researchers. Believed to be sourced from US car dealerships, the data included a raft of personal information and vehicle data along with 397k unique email addresses.","DataClasses":["Dates of birth","Email addresses","Family structure","Genders","Names","Phone numbers","Physical addresses","Vehicle details"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Fashion Nexus","Name":"WhiteRoom","Domain":"fashionnexus.co.uk","BreachDate":"2018-07-09","AddedDate":"2018-07-31T08:20:54Z","ModifiedDate":"2018-07-31T08:20:54Z","PwnCount":1279263,"Description":"In July 2018, UK-based ecommerce company Fashion Nexus suffered a data breach which exposed 1.4 million records. Multiple websites developed by sister company White Room Solutions were impacted in the breach amongst which were sites including Jaded London and AX Paris. The various sites exposed in the incident included a range of different data types including names, phone numbers, addresses and passwords stored as a mix of salted MD5 and SHA-1 as well as unsalted MD5 passwords. When asked by reporter Graham Cluley if a public statement on the incident was available, a one-word response of \"No\" was received.","DataClasses":["Browser user agent details","Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"FashionFantasyGame","Name":"FashionFantasyGame","Domain":"fashionfantasygame.com","BreachDate":"2016-12-01","AddedDate":"2017-04-20T10:33:38Z","ModifiedDate":"2017-04-20T10:33:38Z","PwnCount":2357872,"Description":"In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I been pwned courtesy of rip@creep.im.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Final Fantasy Shrine","Name":"FFShrine","Domain":"ffshrine.org","BreachDate":"2015-09-18","AddedDate":"2015-10-31T12:43:58Z","ModifiedDate":"2015-10-31T12:43:58Z","PwnCount":620677,"Description":"In September 2015, the Final Fantasy discussion forum known as FFShrine was breached and the data dumped publicly. Approximately 620k records were released containing email addresses, IP addresses and salted hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Flash Flash Revolution","Name":"FlashFlashRevolution","Domain":"flashflashrevolution.com","BreachDate":"2016-02-01","AddedDate":"2016-09-06T08:08:29Z","ModifiedDate":"2016-09-06T08:08:29Z","PwnCount":1771845,"Description":"In February 2016, the music-based rhythm game known as Flash Flash Revolution was hacked and 1.8M accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Flashback","Name":"Flashback","Domain":"flashback.se","BreachDate":"2015-02-11","AddedDate":"2015-02-12T05:42:12Z","ModifiedDate":"2015-02-12T05:42:12Z","PwnCount":40256,"Description":"In February 2015, the Swedish forum known as Flashback had sensitive internal data on 40k members published via the tabloid newspaper Aftonbladet. The data was allegedly sold to them via Researchgruppen (The Research Group) who have a history of exposing otherwise anonymous users, primarily those who they believe participate in \"troll like\" behaviour. The compromised data includes social security numbers, home and email addresses.","DataClasses":["Email addresses","Government issued IDs","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Fling","Name":"Fling","Domain":"fling.com","BreachDate":"2011-03-10","AddedDate":"2016-05-28T23:08:07Z","ModifiedDate":"2016-05-28T23:08:07Z","PwnCount":40767652,"Description":"In 2011, the self-proclaimed \"World's Best Adult Social Network\" website known as Fling was hacked and more than 40 million accounts obtained by the attacker. The breached data included highly sensitive personal attributes such as sexual orientation and sexual interests as well as email addresses and passwords stored in plain text.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Passwords","Phone numbers","Sexual fetishes","Sexual orientations","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Florida Virtual School","Name":"FLVS","Domain":"flvs.net","BreachDate":"2018-02-12","AddedDate":"2018-03-18T01:40:31Z","ModifiedDate":"2018-03-18T01:40:31Z","PwnCount":542902,"Description":"In March 2018, the Florida Virtual School (FLVS) posted a data breach notification to their website. The school had identified a data breach which had occurred sometime between 6 May 2016 and 12 Feb 2018 and an XML file containing 368k student records was subsequently found circulating. Each record contained student name, date of birth, password, grade, email and parent email resulting in a total of 543k unique email addresses. Due to the prevalence of email addresses belonging to individuals who are still legally children, the data breach has been flagged as \"sensitive\".","DataClasses":["Dates of birth","Email addresses","Names","Passwords","School grades (class levels)","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Forbes","Name":"Forbes","Domain":"forbes.com","BreachDate":"2014-02-15","AddedDate":"2014-02-15T11:24:42Z","ModifiedDate":"2014-02-15T11:24:42Z","PwnCount":1057819,"Description":"In February 2014, the Forbes website succumbed to an attack that leaked over 1 million user accounts. The attack was attributed to the Syrian Electronic Army, allegedly as retribution for a perceived \"Hate of Syria\". The attack not only leaked user credentials, but also resulted in the posting of fake news stories to forbes.com.","DataClasses":["Email addresses","Passwords","User website URLs","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Foxy Bingo","Name":"FoxyBingo","Domain":"foxybingo.com","BreachDate":"2008-04-04","AddedDate":"2015-11-22T01:05:05Z","ModifiedDate":"2015-11-22T01:05:05Z","PwnCount":252216,"Description":"In April 2007, the online gambling site Foxy Bingo was hacked and 252,000 accounts were obtained by the hackers. The breached records were subsequently sold and traded and included personal information data such as plain text passwords, birth dates and home addresses.","DataClasses":["Account balances","Browser user agent details","Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Freedom Hosting II","Name":"FreedomHostingII","Domain":"fhostingesps6bly.onion","BreachDate":"2017-01-31","AddedDate":"2017-02-05T10:06:58Z","ModifiedDate":"2017-02-05T10:06:58Z","PwnCount":380830,"Description":"In January 2017, the free hidden service host Freedom Hosting II suffered a data breach. The attack allegedly took down 20% of dark web sites running behind Tor hidden services with the attacker claiming that of the 10,613 impacted sites, more than 50% of the content was child pornography. The hack led to the exposure of MySQL databases for the sites which included a vast amount of information on the hidden services Freedom Hosting II was managing. The impacted data classes far exceeds those listed for the breach and differ between the thousands of impacted sites.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"FreshMenu","Name":"FreshMenu","Domain":"freshmenu.com","BreachDate":"2016-07-01","AddedDate":"2018-09-10T12:27:19Z","ModifiedDate":"2018-09-10T12:27:19Z","PwnCount":110355,"Description":"In July 2016, the India-based food delivery service FreshMenu suffered a data breach. The incident exposed the personal data of over 110k customers and included their names, email addresses, phone numbers, home addresses and order histories. When advised of the incident, FreshMenu acknowledged being already aware of the breach but stated they had decided not to notify impacted customers.","DataClasses":["Device information","Email addresses","Names","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Fridae","Name":"Fridae","Domain":"fridae.asia","BreachDate":"2014-05-02","AddedDate":"2014-05-06T02:48:35Z","ModifiedDate":"2014-05-06T02:48:35Z","PwnCount":35368,"Description":"In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as \"Fridae\". The attack which was announced on Twitter appears to have been orchestrated by Deletesec who claim that \"Digital weapons shall annihilate all secrecy within governments and corporations\". The exposed data included password stored in plain text. ","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Funimation","Name":"Funimation","Domain":"funimation.com","BreachDate":"2016-07-01","AddedDate":"2017-02-20T00:43:26Z","ModifiedDate":"2017-02-20T00:43:26Z","PwnCount":2491103,"Description":"In July 2016, the anime site Funimation suffered a data breach that impacted 2.5 million accounts. The data contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords.","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Funny Games","Name":"FunnyGames","Domain":"funny-games.biz","BreachDate":"2018-04-28","AddedDate":"2018-07-24T03:01:35Z","ModifiedDate":"2018-07-24T03:01:35Z","PwnCount":764357,"Description":"In April 2018, the online entertainment site Funny Games suffered a data breach that disclosed 764k records including usernames, email and IP addresses and salted MD5 password hashes. The incident was disclosed to Funny Games in July who acknowledged the breach and identified it had been caused by legacy code no longer in use. The record count in the breach constitute approximately half of the user base.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Fur Affinity","Name":"FurAffinity","Domain":"furaffinity.net","BreachDate":"2016-05-17","AddedDate":"2016-05-27T09:36:18Z","ModifiedDate":"2016-05-27T09:36:18Z","PwnCount":1270564,"Description":"In May 2016, the Fur Affinity website for people with an interest in anthropomorphic animal characters (also known as \"furries\") was hacked. The attack exposed 1.2M email addresses (many accounts had a different \"first\" and \"last\" email against them) and hashed passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Gaadi","Name":"Gaadi","Domain":"gaadi.com","BreachDate":"2015-05-14","AddedDate":"2018-07-01T07:17:02Z","ModifiedDate":"2018-07-01T07:17:02Z","PwnCount":4261179,"Description":"In May 2015, the Indian motoring website known as Gaadi had 4.3 million records exposed in a data breach. The data contained usernames, email and IP addresses, genders, the city of users as well as passwords stored in both plain text and as MD5 hashes. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Gamerzplanet","Name":"GamerzPlanet","Domain":"gamerzplanet.net","BreachDate":"2015-10-23","AddedDate":"2016-02-05T20:12:26Z","ModifiedDate":"2016-02-05T20:12:26Z","PwnCount":1217166,"Description":"In approximately October 2015, the online gaming forum known as Gamerzplanet was hacked and more than 1.2M accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"GameTuts","Name":"GameTuts","Domain":"game-tuts.com","BreachDate":"2015-03-01","AddedDate":"2016-09-23T23:59:38Z","ModifiedDate":"2016-09-23T23:59:38Z","PwnCount":2064274,"Description":"Likely in early 2015, the video game website GameTuts suffered a data breach and over 2 million user accounts were exposed. The site later shut down in July 2016 but was identified as having been hosted on a vBulletin forum. The exposed data included usernames, email and IP addresses and salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Gamigo","Name":"Gamigo","Domain":"gamigo.com","BreachDate":"2012-03-01","AddedDate":"2016-01-18T16:26:24Z","ModifiedDate":"2016-01-18T16:26:24Z","PwnCount":8243604,"Description":"In March 2012, the German online game publisher Gamigo was hacked and more than 8 million accounts publicly leaked. The breach included email addresses and passwords stored as weak MD5 hashes with no salt.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Gawker","Name":"Gawker","Domain":"gawker.com","BreachDate":"2010-12-11","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":1247574,"Description":"In December 2010, Gawker was attacked by the hacker collective \"Gnosis\" in retaliation for what was reported to be a feud between Gawker and 4Chan. Information about Gawkers 1.3M users was published along with the data from Gawker's other web presences including Gizmodo and Lifehacker. Due to the prevalence of password reuse, many victims of the breach then had their Twitter accounts compromised to send Acai berry spam.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"GeekedIn","Name":"GeekedIn","Domain":"geekedin.net","BreachDate":"2016-08-15","AddedDate":"2016-11-17T19:44:24Z","ModifiedDate":"2016-11-17T19:44:24Z","PwnCount":1073164,"Description":"In August 2016, the technology recruitment site GeekedIn left a MongoDB database exposed and over 8M records were extracted by an unknown third party. The breached data was originally scraped from GitHub in violation of their terms of use and contained information exposed in public profiles, including over 1 million members' email addresses. Full details on the incident (including how impacted members can see their leaked data) are covered in the blog post on 8 million GitHub profiles were leaked from GeekedIn's MongoDB - here's how to see yours.","DataClasses":["Email addresses","Geographic locations","Names","Professional skills","Usernames","Years of professional experience"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"GFAN","Name":"GFAN","Domain":"gfan.com","BreachDate":"2016-10-10","AddedDate":"2016-10-10T16:32:34Z","ModifiedDate":"2016-10-10T16:32:34Z","PwnCount":22526334,"Description":"In October 2016, data surfaced that was allegedly obtained from the Chinese website known as GFAN and contained 22.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email and IP addresses, user names and salted and hashed passwords. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"gPotato","Name":"gPotato","Domain":"gpotato.com","BreachDate":"2007-07-12","AddedDate":"2016-09-24T21:37:43Z","ModifiedDate":"2016-09-24T21:37:43Z","PwnCount":2136520,"Description":"In July 2007, the multiplayer game portal known as gPotato (link to archive of the site at that time) suffered a data breach and over 2 million user accounts were exposed. The site later merged into the Webzen portal where the original accounts still exist today. The exposed data included usernames, email and IP addresses, MD5 hashes and personal attributes such as gender, birth date, physical address and security questions and answers stored in plain text.","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Passwords","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"GTAGaming","Name":"GTAGaming","Domain":"gtagaming.com","BreachDate":"2016-08-01","AddedDate":"2016-08-23T20:41:17Z","ModifiedDate":"2016-08-23T20:41:17Z","PwnCount":197184,"Description":"In August 2016, the Grand Theft Auto forum GTAGaming was hacked and nearly 200k user accounts were leaked. The vBulletin based forum included usernames, email addresses and password hashes.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Guns and Robots","Name":"Playgar","Domain":"play-gar.com","BreachDate":"2016-04-01","AddedDate":"2018-02-14T22:32:25Z","ModifiedDate":"2018-02-14T22:32:25Z","PwnCount":143569,"Description":"In approximately April 2016, the gaming website Guns and Robots suffered a data breach resulting in the exposure of 143k unique records. The data contained email and IP addresses, usernames and SHA-1 password hashes. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"hackforums.net","Name":"HackForums","Domain":"hackforums.net","BreachDate":"2011-06-25","AddedDate":"2014-05-11T10:30:43Z","ModifiedDate":"2014-05-11T10:30:43Z","PwnCount":191540,"Description":"In June 2011, the hacktivist group known as \"LulzSec\" leaked one final large data breach they titled \"50 days of lulz\". The compromised data came from sources such as AT&T, Battlefield Heroes and the hackforums.net website. The leaked Hack Forums data included credentials and personal information of nearly 200,000 registered forum users.","DataClasses":["Dates of birth","Email addresses","Instant messenger identities","IP addresses","Passwords","Social connections","Spoken languages","Time zones","User website URLs","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Hacking Team","Name":"HackingTeam","Domain":"hackingteam.com","BreachDate":"2015-07-06","AddedDate":"2015-07-12T23:52:27Z","ModifiedDate":"2015-07-12T23:52:27Z","PwnCount":32310,"Description":"In July 2015, the Italian security firm Hacking Team suffered a major data breach that resulted in over 400GB of their data being posted online via a torrent. The data searchable on \"Have I been pwned?\" is from 189GB worth of PST mail folders in the dump. The contents of the PST files is searchable on Wikileaks.","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Health Now Networks","Name":"HealthNowNetworks","Domain":"healthnow.co","BreachDate":"2017-03-25","AddedDate":"2017-04-07T18:37:15Z","ModifiedDate":"2017-04-07T18:37:15Z","PwnCount":321920,"Description":"In March 2017, the telemarketing service Health Now Networks left a database containing hundreds of thousands of medical records exposed. There were over 900,000 records in total containing significant volumes of personal information including names, dates of birth, various medical conditions and operator notes on the individuals' health. The data included over 320k unique email addresses.","DataClasses":["Dates of birth","Email addresses","Genders","Health insurance information","IP addresses","Names","Personal health data","Phone numbers","Physical addresses","Security questions and answers","Social connections"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Hemmakväll","Name":"Hemmakvall","Domain":"hemmakvall.se","BreachDate":"2015-07-08","AddedDate":"2015-07-09T09:23:52Z","ModifiedDate":"2015-07-09T09:23:52Z","PwnCount":47297,"Description":"In July 2015, the Swedish video store chain Hemmakväll was hacked and nearly 50k records dumped publicly. The disclosed data included various attributes of their customers including email and physical addresses, names and phone numbers. Passwords were also leaked, stored with a weak MD5 hashing algorithm.","DataClasses":["Email addresses","Names","Passwords","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"hemmelig.com","Name":"Hemmelig","Domain":"hemmelig.com","BreachDate":"2011-12-21","AddedDate":"2014-03-25T07:23:52Z","ModifiedDate":"2014-03-25T07:23:52Z","PwnCount":28641,"Description":"In December 2011, Norway's largest online sex shop hemmelig.com was hacked by a collective calling themselves \"Team Appunity\". The attack exposed over 28,000 usernames and email addresses along with nicknames, gender, year of birth and unsalted MD5 password hashes.","DataClasses":["Email addresses","Genders","Nicknames","Passwords","Usernames","Years of birth"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Heroes of Gaia","Name":"HeroesOfGaia","Domain":"heroesofgaia.com","BreachDate":"2013-01-04","AddedDate":"2016-11-07T08:11:03Z","ModifiedDate":"2016-11-07T08:11:03Z","PwnCount":179967,"Description":"In early 2013, the online fantasy multiplayer game Heroes of Gaia suffered a data breach. The newest records in the data set indicate a breach date of 4 January 2013 and include usernames, IP and email addresses but no passwords.","DataClasses":["Browser user agent details","Email addresses","IP addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Heroes of Newerth","Name":"HeroesOfNewerth","Domain":"heroesofnewerth.com","BreachDate":"2012-12-17","AddedDate":"2016-01-24T16:27:23Z","ModifiedDate":"2016-01-24T16:27:23Z","PwnCount":8089103,"Description":"In December 2012, the multiplayer online battle arena game known as Heroes of Newerth was hacked and over 8 million accounts extracted from the system. The compromised data included usernames, email addresses and passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"HiAPK","Name":"HIAPK","Domain":"hiapk.com","BreachDate":"2014-01-01","AddedDate":"2018-04-01T07:13:44Z","ModifiedDate":"2018-04-01T07:13:44Z","PwnCount":13873674,"Description":"In approximately 2014, it's alleged that the Chinese Android store known as HIAPK suffered a data breach that impacted 13.8 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided to HIBP by white hat security researcher and data analyst Adam Davies. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"HLTV","Name":"HLTV","Domain":"hltv.org","BreachDate":"2016-06-19","AddedDate":"2017-03-22T08:58:10Z","ModifiedDate":"2017-03-22T08:58:10Z","PwnCount":611070,"Description":"In June 2016, the \"home of competitive Counter Strike\" website HLTV was hacked and 611k accounts were exposed. The attack led to the exposure of names, usernames, email addresses and bcrypt hashes of passwords.","DataClasses":["Email addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"HongFire","Name":"HongFire","Domain":"hongfire.com","BreachDate":"2015-03-01","AddedDate":"2017-02-05T20:36:21Z","ModifiedDate":"2017-02-05T20:36:21Z","PwnCount":999991,"Description":"In March 2015, the anime and manga forum HongFire suffered a data breach. The hack of their vBulletin forum led to the exposure of 1 million accounts along with email and IP addresses, usernames, dates of birth and salted MD5 passwords.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"HoundDawgs","Name":"HoundDawgs","Domain":"hounddawgs.org","BreachDate":"2017-12-30","AddedDate":"2018-01-03T12:48:10Z","ModifiedDate":"2018-01-03T12:48:10Z","PwnCount":45701,"Description":"In December 2017, the Danish torrent tracker known as HoundDawgs suffered a data breach. More than 55GB of data was dumped publicly and whilst there was initially contention as to the severity of the incident, the data did indeed contain more than 45k unique email addresses complete extensive logs of torrenting activity, IP addresses and SHA1 passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"i-Dressup","Name":"iDressup","Domain":"i-dressup.com","BreachDate":"2016-07-15","AddedDate":"2016-09-26T20:14:51Z","ModifiedDate":"2016-09-26T20:14:51Z","PwnCount":2191565,"Description":"In June 2016, the teen social site known as i-Dressup was hacked and over 2 million user accounts were exposed. At the time the hack was reported, the i-Dressup operators were not contactable and the underlying SQL injection flaw remained open, allegedly exposing a total of 5.5 million accounts. The breach included email addresses and passwords stored in plain text.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"ILikeCheats","Name":"ILikeCheats","Domain":"ilikecheats.net","BreachDate":"2014-10-18","AddedDate":"2018-04-22T08:18:28Z","ModifiedDate":"2018-04-22T08:27:56Z","PwnCount":188847,"Description":"In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts. The vBulletin based forum leaked usernames, IP and email addresses and weak MD5 hashes of passwords. The data was provided with support from dehashed.com.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"iMesh","Name":"iMesh","Domain":"imesh.com","BreachDate":"2013-09-22","AddedDate":"2016-07-02T05:42:13Z","ModifiedDate":"2016-07-02T05:42:13Z","PwnCount":49467477,"Description":"In September 2013, the media and file sharing client known as iMesh was hacked and approximately 50M accounts were exposed. The data was later put up for sale on a dark market website in mid-2016 and included email and IP addresses, usernames and salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"imgur","Name":"imgur","Domain":"imgur.com","BreachDate":"2013-09-01","AddedDate":"2017-11-25T00:00:33Z","ModifiedDate":"2017-11-25T00:00:33Z","PwnCount":1749806,"Description":"In September 2013, the online image sharing community imgur suffered a data breach. A selection of the data containing 1.7 million email addresses and passwords surfaced more than 4 years later in November 2017. Although imgur stored passwords as SHA-256 hashes, the data in the breach contained plain text passwords suggesting that many of the original hashes had been cracked. imgur advises that they rolled over to bcrypt hashes in 2016.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Insanelyi","Name":"Insanelyi","Domain":"insanelyi.com","BreachDate":"2014-07-22","AddedDate":"2014-07-22T22:56:15Z","ModifiedDate":"2014-07-22T22:56:15Z","PwnCount":104097,"Description":"In July 2014, the iOS forum Insanelyi was hacked by an attacker known as Kim Jong-Cracks. A popular source of information for users of jailbroken iOS devices running Cydia, the Insanelyi breach disclosed over 104k users' emails addresses, user names and weakly hashed passwords (salted MD5).","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"InterPals","Name":"Interpals","Domain":"interpals.net","BreachDate":"2015-11-04","AddedDate":"2016-08-30T11:22:42Z","ModifiedDate":"2016-08-30T11:22:42Z","PwnCount":3439414,"Description":"In late 2015, the online penpal site InterPals had their website hacked and 3.4 million accounts exposed. The compromised data included email addresses, geographical locations, birthdates and salted hashes of passwords.","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"iPmart","Name":"iPmart","Domain":"ipmart-forum.com","BreachDate":"2015-07-01","AddedDate":"2016-02-23T10:13:22Z","ModifiedDate":"2016-02-23T10:13:22Z","PwnCount":2460787,"Description":"During 2015, the iPmart forum (now known as Mobi NUKE) was hacked and over 2 million forum members' details were exposed. The vBulletin forum included IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 368k accounts were added to \"Have I been pwned\" in March 2016 bringing the total to over 2.4M.","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"JobStreet","Name":"JobStreet","Domain":"jobstreet.com","BreachDate":"2012-03-07","AddedDate":"2017-10-30T01:12:14Z","ModifiedDate":"2017-10-30T01:12:14Z","PwnCount":3883455,"Description":"In October 2017, the Malaysian website lowyat.net ran a story on a massive set of breached data affecting millions of Malaysians after someone posted it for sale on their forums. The data spanned multiple separate breaches including the JobStreet jobs website which contained almost 4 million unique email addresses. The dates in the breach indicate the incident occurred in March 2012. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers including names, genders, birth dates, phone numbers, physical addresses and passwords.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Government issued IDs","Marital statuses","Names","Nationalities","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Justdate.com","Name":"JustDate","Domain":"justdate.com","BreachDate":"2016-09-29","AddedDate":"2017-02-07T01:28:41Z","ModifiedDate":"2017-02-07T01:28:41Z","PwnCount":24451312,"Description":"An alleged breach of the dating website Justdate.com began circulating in approximately September 2016. Comprised of over 24 million records, the data contained various personal attributes such as email addresses, dates of birth and physical locations. However, upon verification with HIBP subscribers, only a fraction of the data was found to be accurate and no account owners recalled using the Justdate.com service. This breach has consequently been flagged as fabricated; it's highly unlikely the data was sourced from Justdate.com.","DataClasses":["Dates of birth","Email addresses","Geographic locations","Names"],"IsVerified":false,"IsFabricated":true,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Kayo.moe Credential Stuffing List","Name":"KayoMoe","Domain":"","BreachDate":"2018-09-11","AddedDate":"2018-09-13T09:37:49Z","ModifiedDate":"2018-09-13T20:12:18Z","PwnCount":41826763,"Description":"In September 2018, a collection of almost 42 million email address and plain text password pairs was uploaded to the anonymous file sharing service kayo.moe. The operator of the service contacted HIBP to report the data which, upon further investigation, turned out to be a large credential stuffing list. For more information, read about The 42M Record kayo.moe Credential Stuffing Data.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Kickstarter","Name":"Kickstarter","Domain":"kickstarter.com","BreachDate":"2014-02-16","AddedDate":"2017-10-06T07:29:07Z","ModifiedDate":"2017-10-06T07:29:07Z","PwnCount":5176463,"Description":"In February 2014, the crowdfunding platform Kickstarter announced they'd suffered a data breach. The breach contained almost 5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Kimsufi","Name":"Kimsufi","Domain":"kimsufi.com","BreachDate":"2015-05-01","AddedDate":"2016-12-27T07:05:43Z","ModifiedDate":"2016-12-27T07:05:43Z","PwnCount":504565,"Description":"In mid-2015, the forum for the providers of affordable dedicated servers known as Kimsufi suffered a data breach. The vBulletin forum contained over half a million accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"KM.RU","Name":"KMRU","Domain":"km.ru","BreachDate":"2016-02-29","AddedDate":"2016-03-03T06:12:04Z","ModifiedDate":"2016-03-03T06:12:04Z","PwnCount":1476783,"Description":"In February 2016, the Russian portal and email service KM.RU was the target of an attack which was consequently detailed on Reddit. Allegedly protesting \"the foreign policy of Russia in regards to Ukraine\", KM.RU was one of several Russian sites in the breach and impacted almost 1.5M accounts including sensitive personal information.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Recovery email addresses","Security questions and answers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Lanwar","Name":"Lanwar","Domain":"lanwar.com","BreachDate":"2018-07-28","AddedDate":"2018-08-08T02:57:06Z","ModifiedDate":"2018-08-08T02:57:06Z","PwnCount":45120,"Description":"In July 2018, staff of the Lanwar gaming site discovered a data breach they believe dates back to sometime over the previous several months. The data contained 45k names, email addresses, usernames and plain text passwords. A Lanwar staff member self-submitted the breach to HIBP and has also contacted the relevant authorities about the incident after identifying a phishing attempt to extort Bitcoin from a user.","DataClasses":["Email addresses","Names","Passwords","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Last.fm","Name":"Lastfm","Domain":"last.fm","BreachDate":"2012-03-22","AddedDate":"2016-09-20T20:00:49Z","ModifiedDate":"2016-09-20T20:00:49Z","PwnCount":37217682,"Description":"In March 2012, the music website Last.fm was hacked and 43 million user accounts were exposed. Whilst Last.fm knew of an incident back in 2012, the scale of the hack was not known until the data was released publicly in September 2016. The breach included 37 million unique email addresses, usernames and passwords stored as unsalted MD5 hashes.","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"League of Legends","Name":"LeagueOfLegends","Domain":"leagueoflegends.com","BreachDate":"2012-06-11","AddedDate":"2018-07-28T21:52:12Z","ModifiedDate":"2018-07-28T21:52:12Z","PwnCount":339487,"Description":"In June 2012, the multiplayer online game League of Legends suffered a data breach. At the time, the service had more than 32 million registered accounts and the breach affected various personal data attributes including \"encrypted\" passwords. In 2018, a 339k record subset of the data emerged with email addresses, usernames and plain text passwords, likely cracked from the original cryptographically protected ones.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Leet","Name":"Leet","Domain":"leet.cc","BreachDate":"2016-09-10","AddedDate":"2016-09-30T22:00:48Z","ModifiedDate":"2016-09-30T22:00:48Z","PwnCount":5081689,"Description":"In August 2016, the service for creating and running Pocket Minecraft edition servers known as Leet was reported as having suffered a data breach that impacted 6 million subscribers. The incident reported by Softpedia had allegedly taken place earlier in the year, although the data set sent to HIBP was dated as recently as early September but contained only 2 million subscribers. The data included usernames, email and IP addresses and SHA512 hashes. A further 3 million accounts were obtained and added to HIBP several days after the initial data was loaded bringing the total to over 5 million.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Lifeboat","Name":"Lifeboat","Domain":"lbsg.net","BreachDate":"2016-01-01","AddedDate":"2016-04-25T21:51:50Z","ModifiedDate":"2016-04-25T21:51:50Z","PwnCount":7089395,"Description":"In January 2016, the Minecraft community known as Lifeboat was hacked and more than 7 million accounts leaked. Lifeboat knew of the incident for three months before the breach was made public but elected not to advise customers. The leaked data included usernames, email addresses and passwords stored as straight MD5 hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Light's Hope","Name":"LightsHope","Domain":"lightshope.org","BreachDate":"2018-06-25","AddedDate":"2018-07-04T13:32:01Z","ModifiedDate":"2018-07-04T13:32:01Z","PwnCount":30484,"Description":"In June 2018, the World of Warcraft service Light's Hope suffered a data breach which they subsequently self-submitted to HIBP. Over 30K unique users were impacted and their exposed data included email addresses, dates of birth, private messages and passwords stored as bcrypt hashes.","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"LinkedIn","Name":"LinkedIn","Domain":"linkedin.com","BreachDate":"2012-05-05","AddedDate":"2016-05-21T21:35:40Z","ModifiedDate":"2016-05-21T21:35:40Z","PwnCount":164611595,"Description":"In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Linux Forums","Name":"LinuxForums","Domain":"linuxforums.org","BreachDate":"2018-05-01","AddedDate":"2018-06-07T12:55:25Z","ModifiedDate":"2018-06-07T12:55:25Z","PwnCount":275785,"Description":"In May 2018, the Linux Forums website suffered a data breach which resulted in the disclosure of 276k unique email addresses. Running on an old version of vBulletin, the breach also disclosed usernames, IP addresses and salted MD5 password hashes. Linux Forums did not respond to multiple attempts to contact them about the breach.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Linux Mint","Name":"LinuxMint","Domain":"linuxmint.com","BreachDate":"2016-02-21","AddedDate":"2016-02-22T01:28:08Z","ModifiedDate":"2016-02-22T01:28:08Z","PwnCount":144989,"Description":"In February 2016, the website for the Linux distro known as Linux Mint was hacked and the ISO infected with a backdoor. The site also ran a phpBB forum which was subsequently put up for sale complete with almost 145k email addresses, passwords and other personal subscriber information.","DataClasses":["Avatars","Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Time zones","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Little Monsters","Name":"LittleMonsters","Domain":"littlemonsters.com","BreachDate":"2017-01-01","AddedDate":"2017-03-07T20:39:08Z","ModifiedDate":"2017-03-07T20:39:08Z","PwnCount":995698,"Description":"In approximately January 2017, the Lady Gaga fan site known as \"Little Monsters\" suffered a data breach that impacted 1 million accounts. The data contained usernames, email addresses, dates of birth and bcrypt hashes of passwords.","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Lizard Squad","Name":"LizardSquad","Domain":"lizardstresser.su","BreachDate":"2015-01-16","AddedDate":"2015-01-18T01:24:24Z","ModifiedDate":"2015-01-18T01:24:24Z","PwnCount":13451,"Description":"In January 2015, the hacker collective known as \"Lizard Squad\" created a DDoS service by the name of \"Lizard Stresser\" which could be procured to mount attacks against online targets. Shortly thereafter, the service suffered a data breach which resulted in the public disclosure of over 13k user accounts including passwords stored in plain text.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"jpg"},{"Title":"Lookbook","Name":"Lookbook","Domain":"lookbook.nu","BreachDate":"2012-08-24","AddedDate":"2016-11-08T09:03:44Z","ModifiedDate":"2016-11-08T09:03:44Z","PwnCount":1074948,"Description":"In August 2012, the fashion site Lookbook suffered a data breach. The data later appeared listed for sale in June 2016 and included 1.1 million usernames, email and IP addresses, birth dates and plain text passwords.","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Lord of the Rings Online","Name":"LOTR","Domain":"lotro.com","BreachDate":"2013-08-01","AddedDate":"2016-03-12T12:46:03Z","ModifiedDate":"2016-03-12T12:46:03Z","PwnCount":1141278,"Description":"In August 2013, the interactive video game Lord of the Rings Online suffered a data breach that exposed over 1.1M players' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Lounge Board","Name":"LoungeBoard","Domain":"loungeboard.net","BreachDate":"2013-08-01","AddedDate":"2014-07-06T10:22:01Z","ModifiedDate":"2014-07-06T10:22:01Z","PwnCount":45018,"Description":"At some point in 2013, 45k accounts were breached from the Lounge Board \"General Discussion Forum\" and then dumped publicly. Lounge Board was a MyBB forum launched in 2012 and discontinued in mid 2013 (the last activity in the logs was from August 2013).","DataClasses":["Email addresses","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Lyrics Mania","Name":"LyricsMania","Domain":"lyricsmania.com","BreachDate":"2017-12-21","AddedDate":"2018-01-15T06:32:46Z","ModifiedDate":"2018-01-15T06:32:46Z","PwnCount":109202,"Description":"In December 2017, the song lyrics website known as Lyrics Mania suffered a data breach. The data in the breach included 109k usernames, email addresses and plain text passwords. Numerous attempts were made to contact Lyrics Mania about the incident, however no responses were received.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Mac-Torrents","Name":"Mac-Torrents","Domain":"mac-torrents.com","BreachDate":"2015-10-31","AddedDate":"2015-10-31T23:54:26Z","ModifiedDate":"2015-10-31T23:54:26Z","PwnCount":93992,"Description":"In October 2015, the torrent site Mac-Torrents was hacked and almost 94k usernames, email addresses and passwords were leaked. The passwords were hashed with MD5 and no salt.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"mail.ru Dump","Name":"MailRu","Domain":"mail.ru","BreachDate":"2014-09-10","AddedDate":"2014-09-12T04:50:22Z","ModifiedDate":"2018-01-09T03:38:56Z","PwnCount":16630988,"Description":"In September 2014, several large dumps of user accounts appeared on the Russian Bitcoin Security Forum including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain. Whilst unlikely to be the result of a direct attack against mail.ru, the credentials were confirmed by many as legitimate for other services they had subscribed to. Further data allegedly valid for mail.ru and containing email addresses and plain text passwords was added in January 2018 bringing to total to more than 16M records. The incident was also then flagged as \"unverified\", a concept that was introduced after the initial data load in 2014.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"MajorGeeks","Name":"MajorGeeks","Domain":"majorgeeks.com","BreachDate":"2015-11-15","AddedDate":"2016-03-03T02:45:09Z","ModifiedDate":"2016-03-03T02:45:09Z","PwnCount":269548,"Description":"In November 2015, almost 270k accounts from the MajorGeeks support forum were breached. The accounts were being actively sold and traded online and included email addresses, salted password hashes and IP addresses.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"gif"},{"Title":"MALL.cz","Name":"MallCZ","Domain":"mall.cz","BreachDate":"2017-07-27","AddedDate":"2017-09-04T12:46:39Z","ModifiedDate":"2017-09-04T12:46:39Z","PwnCount":735405,"Description":"In July 2017, the Czech Republic e-commerce site MALL.cz suffered a data breach after which 735k unique accounts including email addresses, names, phone numbers and passwords were later posted online. Whilst passwords were stored as hashes, a number of different algorithms of varying strength were used over time. All passwords included in the publicly distributed data were in plain text and were likely just those that had been successfully cracked (members with strong passwords don't appear to be included). According to MALL.cz, the breach only impacted accounts created before 2015.","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Malwarebytes","Name":"Malwarebytes","Domain":"malwarebytes.org","BreachDate":"2014-11-15","AddedDate":"2016-03-09T11:15:43Z","ModifiedDate":"2016-03-09T11:15:43Z","PwnCount":111623,"Description":"In November 2014, the Malwarebytes forum was hacked and 111k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Manga Traders","Name":"MangaTraders","Domain":"mangatraders.com","BreachDate":"2014-10-06","AddedDate":"2014-06-10T03:49:45Z","ModifiedDate":"2014-06-10T03:49:45Z","PwnCount":855249,"Description":"In June 2014, the Manga trading website Mangatraders.com had the usernames and passwords of over 900k users leaked on the internet (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them vulnerable to being easily cracked.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"MangaFox.me","Name":"MangaFox","Domain":"mangafox.me","BreachDate":"2016-06-01","AddedDate":"2018-03-17T01:43:24Z","ModifiedDate":"2018-03-17T01:43:24Z","PwnCount":1311610,"Description":"In approximately July 2016, the manga website known as mangafox.me suffered a data breach. The vBulletin based forum exposed 1.3 million accounts including usernames, email and IP addresses, dates of birth and salted MD5 password hashes.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Master Deeds","Name":"MasterDeeds","Domain":"","BreachDate":"2017-03-14","AddedDate":"2017-10-18T11:01:46Z","ModifiedDate":"2017-10-18T11:03:37Z","PwnCount":2257930,"Description":"In March 2017, a 27GB database backup file named \"Master Deeds\" was sent to HIBP by a supporter of the project. Upon detailed analysis later that year, the file was found to contain the personal data of tens of millions of living and deceased South African residents. The data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government issued personal identification numbers and 2.2 million email addresses. At the time of publishing, it's alleged the data was sourced from Dracore Data Sciences (Dracore is yet to publicly confirm or deny the data was sourced from their systems). On 18 October 2017, the file was found to have been published to a publicly accessible web server where it was located at the root of an IP address with directory listing enabled. The file was dated 8 April 2015.","DataClasses":["Dates of birth","Deceased statuses","Email addresses","Employers","Ethnicities","Genders","Government issued IDs","Home ownership statuses","Job titles","Names","Nationalities","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Mate1.com","Name":"Mate1","Domain":"mate1.com","BreachDate":"2016-02-29","AddedDate":"2016-04-14T23:37:15Z","ModifiedDate":"2016-04-14T23:37:15Z","PwnCount":27393015,"Description":"In February 2016, the dating site mate1.com suffered a huge data breach resulting in the disclosure of over 27 million subscribers' information. The data included deeply personal information about their private lives including drug and alcohol habits, incomes levels and sexual fetishes as well as passwords stored in plain text.","DataClasses":["Astrological signs","Dates of birth","Drinking habits","Drug habits","Education levels","Email addresses","Ethnicities","Fitness levels","Genders","Geographic locations","Income levels","Job titles","Names","Parenting plans","Passwords","Personal descriptions","Physical attributes","Political views","Relationship statuses","Religions","Sexual fetishes","Travel habits","Usernames","Website activity","Work habits"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"MCBans","Name":"MCBans","Domain":"mcbans.com","BreachDate":"2016-10-27","AddedDate":"2017-07-23T05:34:55Z","ModifiedDate":"2017-07-23T05:34:55Z","PwnCount":119948,"Description":"In October 2016, the Minecraft banning service known as MCBans suffered a data breach resulting in the exposure of 120k unique user records. The data contained email and IP addresses, usernames and password hashes of unknown format. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"MDPI","Name":"MDPI","Domain":"mdpi.com","BreachDate":"2016-08-30","AddedDate":"2018-03-25T22:50:36Z","ModifiedDate":"2018-03-25T22:50:36Z","PwnCount":845012,"Description":"In August 2016, the Swiss scholarly open access publisher known as MDPI had 17.5GB of data obtained from an unprotected Mongo DB instance. The data contained email exchanges between MDPI and their authors and reviewers which included 845k unique email addresses. MDPI have confirmed that the system has since been protected and that no data of a sensitive nature was impacted. As such, they concluded that notification to their subscribers was not necessary due to the fact that all their authors and reviewers are available online on their website.","DataClasses":["Email addresses","Email messages","IP addresses","Names"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Minecraft Pocket Edition Forum","Name":"MinecraftPocketEditionForum","Domain":"minecraftpeforum.net","BreachDate":"2015-05-24","AddedDate":"2015-06-30T09:19:43Z","ModifiedDate":"2015-06-30T09:19:43Z","PwnCount":16034,"Description":"In May 2015, the Minecraft Pocket Edition forum was hacked and over 16k accounts were dumped public. Allegedly hacked by @rmsg0d, the forum data included numerous personal pieces of data for each user. The forum has subsequently been decommissioned.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Minecraft World Map","Name":"MinecraftWorldMap","Domain":"minecraftworldmap.com","BreachDate":"2016-01-15","AddedDate":"2016-08-29T01:07:38Z","ModifiedDate":"2016-08-29T01:07:38Z","PwnCount":71081,"Description":"In approximately January 2016, the Minecraft World Map site designed for sharing maps created for the game was hacked and over 71k user accounts were exposed. The data included usernames, email and IP addresses along with salted and hashed passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Minefield","Name":"Minefield","Domain":"minefield.fr","BreachDate":"2015-06-28","AddedDate":"2016-03-09T08:18:43Z","ModifiedDate":"2016-03-09T08:18:43Z","PwnCount":188343,"Description":"In June 2015, the French Minecraft server known as Minefield was hacked and 188k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"MoDaCo","Name":"MoDaCo","Domain":"modaco.com","BreachDate":"2016-01-01","AddedDate":"2016-09-20T07:32:50Z","ModifiedDate":"2016-09-20T07:32:50Z","PwnCount":879703,"Description":"In approximately January 2016, the UK based Android community known as MoDaCo suffered a data breach which exposed 880k subscriber identities. The data included email and IP addresses, usernames and passwords stored as salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Modern Business Solutions","Name":"ModernBusinessSolutions","Domain":"modbsolutions.com","BreachDate":"2016-10-08","AddedDate":"2016-10-12T09:09:11Z","ModifiedDate":"2016-10-12T09:09:11Z","PwnCount":58843488,"Description":"In October 2016, a large Mongo DB file containing tens of millions of accounts was shared publicly on Twitter (the file has since been removed). The database contained over 58M unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of birth and phone numbers. The data was subsequently attributed to \"Modern Business Solutions\", a company that provides data storage and database hosting solutions. They've yet to acknowledge the incident or explain how they came to be in possession of the data.","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Money Bookers","Name":"MoneyBookers","Domain":"moneybookers.com","BreachDate":"2009-01-01","AddedDate":"2015-11-30T09:21:55Z","ModifiedDate":"2015-11-30T09:21:55Z","PwnCount":4483605,"Description":"Sometime in 2009, the e-wallet service known as Money Bookers suffered a data breach which exposed almost 4.5M customers. Now called Skrill, the breach was not discovered until October 2015 and included names, email addresses, home addresses and IP addresses.","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Mortal Online","Name":"MortalOnline","Domain":"mortalonline.com","BreachDate":"2018-06-17","AddedDate":"2018-08-31T05:38:46Z","ModifiedDate":"2018-08-31T05:40:41Z","PwnCount":569703,"Description":"In June 2018, the massively multiplayer online role-playing game (MMORPG) Mortal Online suffered a data breach. A file containing 570k email addresses and cracked passwords was subsequently distributed online. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"MPGH","Name":"MPGH","Domain":"mpgh.net","BreachDate":"2015-10-22","AddedDate":"2015-10-26T03:20:20Z","ModifiedDate":"2015-10-26T03:20:20Z","PwnCount":3122898,"Description":"In October 2015, the multiplayer game hacking website MPGH was hacked and 3.1 million user accounts disclosed. The vBulletin forum breach contained usernames, email addresses, IP addresses and salted hashes of passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"MrExcel","Name":"MrExcel","Domain":"mrexcel.com","BreachDate":"2016-12-05","AddedDate":"2017-01-22T07:39:17Z","ModifiedDate":"2017-01-22T07:39:17Z","PwnCount":366140,"Description":"In December 2016, the forum for the Microsoft Excel tips and solutions site Mr Excel suffered a data breach. The hack of the vBulletin forum led to the exposure of over 366k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5. The owner of the MrExcel forum subsequently self-submitted the data to HIBP.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Social connections","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"mSpy","Name":"mSpy","Domain":"mspy.com","BreachDate":"2015-05-14","AddedDate":"2015-05-28T18:09:16Z","ModifiedDate":"2015-05-28T18:09:16Z","PwnCount":699793,"Description":"In May 2015, the \"monitoring\" software known as mSpy suffered a major data breach. The software (allegedly often used to spy on unsuspecting victims), stored extensive personal information within their online service which after being breached, was made freely available on the internet.","DataClasses":["Device usage tracking data"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Muslim Directory","Name":"MuslimDirectory","Domain":"muslimdirectory.co.uk","BreachDate":"2014-02-17","AddedDate":"2014-02-23T03:09:38Z","ModifiedDate":"2014-02-23T03:09:38Z","PwnCount":37784,"Description":"In February 2014, the UK guide to services and business known as the Muslim Directory was attacked by the hacker known as @th3inf1d3l. The data was consequently dumped publicly and included the web accounts of tens of thousands of users which contained data including their names, home address, age group, email, website activity and password in plain text.","DataClasses":["Age groups","Email addresses","Employers","Names","Passwords","Phone numbers","Physical addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Muslim Match","Name":"MuslimMatch","Domain":"muslimmatch.com","BreachDate":"2016-06-24","AddedDate":"2016-06-29T19:08:15Z","ModifiedDate":"2016-06-29T19:08:15Z","PwnCount":149830,"Description":"In June 2016, the Muslim Match dating website had 150k email addresses exposed. The data included private chats and messages between relationship seekers and numerous other personal attributes including passwords hashed with MD5.","DataClasses":["Chat logs","Email addresses","Geographic locations","IP addresses","Passwords","Private messages","User statuses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"MyFHA","Name":"MyFHA","Domain":"myfha.net","BreachDate":"2015-02-18","AddedDate":"2018-08-09T20:26:35Z","ModifiedDate":"2018-08-09T20:26:35Z","PwnCount":972629,"Description":"In approximately February 2015, the home financing website MyFHA suffered a data breach which disclosed the personal information of nearly 1 million people. The data included extensive personal information relating to home financing including personal contact info, credit statuses, household incomes, loan amounts and notes on personal circumstances, often referring to legal issues, divorces and health conditions. Multiple parties contacted HIBP with the data after which MyFHA was alerted in mid-July and acknowledged the legitimacy of the breach then took the site offline.","DataClasses":["Credit status information","Email addresses","Home loan information","Income levels","IP addresses","Names","Passwords","Personal descriptions","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"myRepoSpace","Name":"myRepoSpace","Domain":"myrepospace.com","BreachDate":"2015-07-06","AddedDate":"2015-07-08T08:44:51Z","ModifiedDate":"2015-07-08T08:44:51Z","PwnCount":252751,"Description":"In July 2015, the Cydia repository known as myRepoSpace was hacked and user data leaked publicly. Cydia is designed to facilitate the installation of apps on jailbroken iOS devices. The repository service was allegedly hacked by @its_not_herpes and 0x8badfl00d in retaliation for the service refusing to remove pirated tweaks.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"MySpace","Name":"MySpace","Domain":"myspace.com","BreachDate":"2008-07-01","AddedDate":"2016-05-31T00:12:29Z","ModifiedDate":"2016-05-31T00:12:29Z","PwnCount":359420698,"Description":"In approximately 2008, MySpace suffered a data breach that exposed almost 360 million accounts. In May 2016 the data was offered up for sale on the \"Real Deal\" dark market website and included email addresses, usernames and SHA1 hashes of the first 10 characters of the password converted to lowercase and stored without a salt. The exact breach date is unknown, but analysis of the data suggests it was 8 years before being made public.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"MyVidster","Name":"MyVidster","Domain":"myvidster.com","BreachDate":"2015-08-15","AddedDate":"2015-10-10T07:06:17Z","ModifiedDate":"2015-10-10T07:06:17Z","PwnCount":19863,"Description":"In August 2015, the social video sharing and bookmarking site MyVidster was hacked and nearly 20,000 accounts were dumped online. The dump included usernames, email addresses and hashed passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"NapsGear","Name":"NapsGear","Domain":"napsgear.org","BreachDate":"2015-10-21","AddedDate":"2018-09-10T11:07:00Z","ModifiedDate":"2018-09-10T11:07:00Z","PwnCount":287071,"Description":"In October 2015, the anabolic steroids retailer NapsGear suffered a data breach. An extensive amount of personal information on 287k customers was exposed including email addresses, names, addresses, phone numbers, purchase histories and salted MD5 password hashes.","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Naughty America","Name":"NaughtyAmerica","Domain":"naughtyamerica.com","BreachDate":"2016-03-14","AddedDate":"2016-04-24T06:14:42Z","ModifiedDate":"2016-04-24T06:14:42Z","PwnCount":1398630,"Description":"In March 2016, the adult website Naughty America was hacked and the data consequently sold online. The breach included data from numerous systems with various personal identity attributes, the largest of which had passwords stored as easily crackable MD5 hashes. There were 1.4 million unique email addresses in the breach.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Neopets","Name":"Neopets","Domain":"neopets.com","BreachDate":"2013-05-05","AddedDate":"2016-07-07T23:00:10Z","ModifiedDate":"2016-07-07T23:00:10Z","PwnCount":26892897,"Description":"In May 2016, a set of breached data originating from the virtual pet website \"Neopets\" was found being traded online. Allegedly hacked \"several years earlier\", the data contains sensitive personal information including birthdates, genders and names as well as almost 27 million unique email addresses. Passwords were stored in plain text and IP addresses were also present in the breach.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"NetEase","Name":"NetEase","Domain":"163.com","BreachDate":"2015-10-19","AddedDate":"2016-10-09T06:13:31Z","ModifiedDate":"2016-10-09T06:13:31Z","PwnCount":234842089,"Description":"In October 2015, the Chinese site known as NetEase (located at 163.com) was reported as having suffered a data breach that impacted hundreds of millions of subscribers. Whilst there is evidence that the data itself is legitimate (multiple HIBP subscribers confirmed a password they use is in the data), due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses and plain text passwords. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Neteller","Name":"Neteller","Domain":"neteller.com","BreachDate":"2010-05-17","AddedDate":"2015-11-30T10:26:47Z","ModifiedDate":"2015-11-30T10:26:47Z","PwnCount":3619948,"Description":"In May 2010, the e-wallet service known as Neteller suffered a data breach which exposed over 3.6M customers. The breach was not discovered until October 2015 and included names, email addresses, home addresses and account balances.","DataClasses":["Account balances","Dates of birth","Email addresses","Genders","IP addresses","Names","Phone numbers","Physical addresses","Security questions and answers","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"NetProspex","Name":"NetProspex","Domain":"netprospex.com","BreachDate":"2016-09-01","AddedDate":"2017-03-15T01:57:04Z","ModifiedDate":"2017-03-15T01:57:04Z","PwnCount":33698126,"Description":"In 2016, a list of over 33 million individuals in corporate America sourced from Dun & Bradstreet's NetProspex service was leaked online. D&B believe the targeted marketing data was lost by a customer who purchased it from them. It contained extensive personal and corporate information including names, email addresses, job titles and general information about the employer.","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Netshoes","Name":"Netshoes","Domain":"netshoes.com.br","BreachDate":"2017-12-07","AddedDate":"2017-12-10T04:01:03Z","ModifiedDate":"2017-12-10T04:01:03Z","PwnCount":499836,"Description":"In December 2017, the online Brazilian retailer known as Netshoes had half a million records allegedly hacked from their system posted publicly. The company was contacted by local Brazilian media outlet Tecmundo and subsequently advised that no indications have been identified of an invasion of the company's systems. However, Netshoes' own systems successfully confirm the presence of matching identifiers and email addresses from the data set, indicating a high likelihood that the data originated from them.","DataClasses":["Dates of birth","Email addresses","Names","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"NextGenUpdate","Name":"NextGenUpdate","Domain":"nextgenupdate.com","BreachDate":"2014-04-22","AddedDate":"2015-06-05T04:12:29Z","ModifiedDate":"2015-06-05T04:12:29Z","PwnCount":1194597,"Description":"Early in 2014, the video game website NextGenUpdate reportedly suffered a data breach that disclosed almost 1.2 million accounts. Amongst the data breach was usernames, email addresses, IP addresses and salted and hashed passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Nexus Mods","Name":"NexusMods","Domain":"nexusmods.com","BreachDate":"2013-07-22","AddedDate":"2016-01-17T17:18:47Z","ModifiedDate":"2016-01-17T17:18:47Z","PwnCount":5915013,"Description":"In December 2015, the game modding site Nexus Mods released a statement notifying users that they had been hacked. They subsequently dated the hack as having occurred in July 2013 although there is evidence to suggest the data was being traded months in advance of that. The breach contained usernames, email addresses and passwords stored as a salted hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Nihonomaru","Name":"Nihonomaru","Domain":"nihonomaru.net","BreachDate":"2015-12-01","AddedDate":"2016-08-30T09:54:55Z","ModifiedDate":"2016-08-30T09:54:55Z","PwnCount":1697282,"Description":"In late 2015, the anime community known as Nihonomaru had their vBulletin forum hacked and 1.7 million accounts exposed. The compromised data included email and IP addresses, usernames and salted hashes of passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Nival","Name":"Nival","Domain":"nival.com","BreachDate":"2016-02-29","AddedDate":"2016-03-03T00:32:49Z","ModifiedDate":"2016-03-03T00:32:49Z","PwnCount":1535473,"Description":"In February 2016, the Russian gaming company Nival was the target of an attack which was consequently detailed on Reddit. Allegedly protesting \"the foreign policy of Russia in regards to Ukraine\", Nival was one of several Russian sites in the breach and impacted over 1.5M accounts including sensitive personal information.","DataClasses":["Avatars","Dates of birth","Email addresses","Genders","Names","Spoken languages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Non Nude Girls","Name":"NonNudeGirls","Domain":"nonnudegirls.org","BreachDate":"2013-05-21","AddedDate":"2017-01-25T06:38:36Z","ModifiedDate":"2017-01-25T06:38:36Z","PwnCount":75383,"Description":"In May 2013, the non-consensual voyeurism site \"Non Nude Girls\" suffered a data breach. The hack of the vBulletin forum led to the exposure of over 75k accounts along with email and IP addresses, names and plain text passwords.","DataClasses":["Email addresses","IP addresses","Names","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Nulled","Name":"Nulled","Domain":"nulled.cr","BreachDate":"2016-05-06","AddedDate":"2016-05-09T11:28:01Z","ModifiedDate":"2016-05-09T11:28:01Z","PwnCount":599080,"Description":"In May 2016, the cracking community forum known as Nulled was hacked and 599k user accounts were leaked publicly. The compromised data included email and IP addresses, weak salted MD5 password hashes and hundreds of thousands of private messages between members.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Onliner Spambot","Name":"OnlinerSpambot","Domain":"","BreachDate":"2017-08-28","AddedDate":"2017-08-29T19:25:56Z","ModifiedDate":"2017-08-29T19:25:56Z","PwnCount":711477622,"Description":"In August 2017, a spambot by the name of Onliner Spambot was identified by security researcher Benkow moʞuƎq. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords. A full write-up on what data was found is in the blog post titled Inside the Massive 711 Million Record Onliner Spambot Dump.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Onverse","Name":"Onverse","Domain":"onverse.com","BreachDate":"2016-01-01","AddedDate":"2016-09-06T06:28:30Z","ModifiedDate":"2016-09-06T06:28:30Z","PwnCount":800157,"Description":"In January 2016, the online virtual world known as Onverse was hacked and 800k accounts were exposed. Along with email and IP addresses, the site also exposed salted MD5 password hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Open CS:GO","Name":"OpenCSGO","Domain":"opencsgo.com","BreachDate":"2017-11-28","AddedDate":"2018-01-15T06:14:55Z","ModifiedDate":"2018-01-15T06:14:55Z","PwnCount":512311,"Description":"In December 2017, the website for purchasing Counter-Strike skins known as Open CS:GO (Counter-Strike: Global Offensive) suffered a data breach (address since redirects to dropgun.com). The 10GB file contained an extensive amount of personal information including email and IP addresses, phone numbers, physical addresses and purchase histories. Numerous attempts were made to contact Open CS:GO about the incident, however no responses were received.","DataClasses":["Avatars","Email addresses","IP addresses","Phone numbers","Physical addresses","Purchases","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"OVH","Name":"OVH","Domain":"ovh.com","BreachDate":"2015-05-01","AddedDate":"2016-12-27T07:49:12Z","ModifiedDate":"2016-12-27T07:49:12Z","PwnCount":452899,"Description":"In mid-2015, the forum for the hosting provider known as OVH suffered a data breach. The vBulletin forum contained 453k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"OwnedCore","Name":"OwnedCore","Domain":"OwnedCore.com","BreachDate":"2013-08-01","AddedDate":"2016-02-06T02:53:13Z","ModifiedDate":"2016-02-06T02:53:13Z","PwnCount":880331,"Description":"In approximately August 2013, the World of Warcraft exploits forum known as OwnedCore was hacked and more than 880k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Paddy Power","Name":"PaddyPower","Domain":"paddypower.com","BreachDate":"2010-10-25","AddedDate":"2015-10-11T01:26:05Z","ModifiedDate":"2015-10-11T01:26:05Z","PwnCount":590954,"Description":"In October 2010, the Irish bookmaker Paddy Power suffered a data breach that exposed 750,000 customer records with nearly 600,000 unique email addresses. The breach was not disclosed until July 2014 and contained extensive personal information including names, addresses, phone numbers and plain text security questions and answers.","DataClasses":["Account balances","Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Patreon","Name":"Patreon","Domain":"patreon.com","BreachDate":"2015-10-01","AddedDate":"2015-10-02T02:29:20Z","ModifiedDate":"2015-10-02T02:29:20Z","PwnCount":2330382,"Description":"In October 2015, the crowdfunding site Patreon was hacked and over 16GB of data was released publicly. The dump included almost 14GB of database records with more than 2.3M unique email addresses and millions of personal messages.","DataClasses":["Email addresses","Payment histories","Physical addresses","Private messages","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"PayAsUGym","Name":"PayAsUGym","Domain":"payasugym.com","BreachDate":"2016-12-15","AddedDate":"2016-12-17T06:45:44Z","ModifiedDate":"2016-12-17T06:45:44Z","PwnCount":400260,"Description":"In December 2016, an attacker breached PayAsUGym's website exposing over 400k customers' personal data. The data was consequently leaked publicly and broadly distributed via Twitter. The leaked data contained personal information including email addresses and passwords hashed using MD5 without a salt.","DataClasses":["Browser user agent details","Email addresses","IP addresses","Names","Partial credit card data","Passwords","Phone numbers","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Pemiblanc","Name":"Pemiblanc","Domain":"pemiblanc.com","BreachDate":"2018-04-02","AddedDate":"2018-07-09T22:16:26Z","ModifiedDate":"2018-07-09T22:16:26Z","PwnCount":110964206,"Description":"In April 2018, a credential stuffing list containing 111 million email addresses and passwords known as Pemiblanc was discovered on a French server. The list contained email addresses and passwords collated from different data breaches and used to mount account takeover attacks against other services. Read more about the incident.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"PHP Freaks","Name":"PHPFreaks","Domain":"phpfreaks.com","BreachDate":"2015-10-27","AddedDate":"2015-10-30T14:19:52Z","ModifiedDate":"2015-10-30T14:19:52Z","PwnCount":173891,"Description":"In October 2015, the PHP discussion board PHP Freaks was hacked and 173k user accounts were publicly leaked. The breach included multiple personal data attributes as well as salted and hashed passwords.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Pixel Federation","Name":"PixelFederation","Domain":"pixelfederation.com","BreachDate":"2013-12-04","AddedDate":"2013-12-06T00:00:00Z","ModifiedDate":"2013-12-06T00:00:00Z","PwnCount":38108,"Description":"In December 2013, a breach of the web-based game community based in Slovakia exposed over 38,000 accounts which were promptly posted online. The breach included email addresses and unsalted MD5 hashed passwords, many of which were easily converted back to plain text.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Plex","Name":"Plex","Domain":"plex.tv","BreachDate":"2015-07-02","AddedDate":"2016-02-08T01:35:48Z","ModifiedDate":"2016-02-08T01:35:48Z","PwnCount":327314,"Description":"In July 2015, the discussion forum for Plex media centre was hacked and over 327k accounts exposed. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Pokébip","Name":"Pokebip","Domain":"pokebip.com","BreachDate":"2015-07-28","AddedDate":"2016-09-09T04:43:00Z","ModifiedDate":"2016-09-09T04:43:00Z","PwnCount":657001,"Description":"In July 2015, the French Pokémon site Pokébip suffered a data breach which exposed 657k subscriber identities. The data included email and IP addresses, usernames and passwords stored as unsalted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Time zones","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Pokémon Creed","Name":"PokemonCreed","Domain":"pokemoncreed.net","BreachDate":"2014-08-08","AddedDate":"2014-08-10T00:03:59Z","ModifiedDate":"2014-08-10T00:03:59Z","PwnCount":116465,"Description":"In August 2014, the Pokémon RPG website Pokémon Creed was hacked after a dispute with rival site, Pokémon Dusk. In a post on Facebook, \"Cruz Dusk\" announced the hack then pasted the dumped MySQL database on pkmndusk.in. The breached data included over 116k usernames, email addresses and plain text passwords.","DataClasses":["Email addresses","Genders","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Pokémon Negro","Name":"PokemonNegro","Domain":"pokemonnegro.com","BreachDate":"2016-10-01","AddedDate":"2017-01-03T20:45:24Z","ModifiedDate":"2017-01-03T20:45:24Z","PwnCount":830155,"Description":"In approximately October 2016, the Spanish Pokémon site Pokémon Negro suffered a data breach. The attack resulted in the disclosure of 830k accounts including email and IP addresses along with plain text passwords. Pokémon Negro did not respond when contacted about the breach.","DataClasses":["Email addresses","IP addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"PoliceOne","Name":"PoliceOne","Domain":"policeone.com","BreachDate":"2014-07-01","AddedDate":"2017-11-15T07:57:11Z","ModifiedDate":"2017-11-15T07:57:11Z","PwnCount":709926,"Description":"In February 2017, the law enforcement website PoliceOne confirmed they'd suffered a data breach. The breach contained over 700k accounts which appeared for sale by a data broker and included email and IP addresses, usernames and salted MD5 password hashes. The file the data was contained in indicated the original breach dated back to July 2014.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Powerbot","Name":"Powerbot","Domain":"powerbot.org","BreachDate":"2014-09-01","AddedDate":"2017-07-01T16:12:37Z","ModifiedDate":"2017-07-01T16:12:37Z","PwnCount":503501,"Description":"In approximately September 2014, the RuneScape bot website Powerbot suffered a data breach resulting in the exposure of over half a million unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Programming Forums","Name":"ProgrammingForums","Domain":"programmingforums.org","BreachDate":"2015-12-01","AddedDate":"2017-07-01T16:42:46Z","ModifiedDate":"2017-07-01T16:42:46Z","PwnCount":707432,"Description":"In approximately late 2015, the programming forum at programmingforums.org suffered a data breach resulting in the exposure of 707k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"PS3Hax","Name":"PS3Hax","Domain":"ps3hax.net","BreachDate":"2015-07-01","AddedDate":"2016-02-07T04:44:49Z","ModifiedDate":"2016-02-07T04:44:49Z","PwnCount":447410,"Description":"In approximately July 2015, the Sony Playstation hacks and mods forum known as PS3Hax was hacked and more than 447k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"PSP ISO","Name":"PSPISO","Domain":"pspiso.com","BreachDate":"2015-09-25","AddedDate":"2017-01-29T07:28:23Z","ModifiedDate":"2017-01-29T07:28:23Z","PwnCount":1274070,"Description":"In approximately September 2015, the PlayStation PSP forum known as PSP ISO was hacked and almost 1.3 million accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"PSX-Scene","Name":"PSX-Scene","Domain":"psx-scene.com","BreachDate":"2015-02-01","AddedDate":"2016-02-07T03:46:46Z","ModifiedDate":"2016-02-07T03:46:46Z","PwnCount":341118,"Description":"In approximately February 2015, the Sony Playstation forum known as PSX-Scene was hacked and more than 340k accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Qatar National Bank","Name":"QatarNationalBank","Domain":"qnb.com","BreachDate":"2015-07-01","AddedDate":"2016-05-01T01:06:35Z","ModifiedDate":"2016-05-01T01:06:35Z","PwnCount":88678,"Description":"In July 2015, the Qatar National Bank suffered a data breach which exposed 15k documents totalling 1.4GB and detailing more than 100k accounts with passwords and PINs. The incident was made public some 9 months later in April 2016 when the documents appeared publicly on a file sharing site. Analysis of the breached data suggests the attack began by exploiting a SQL injection flaw in the bank's website.","DataClasses":["Bank account numbers","Customer feedback","Dates of birth","Financial transactions","Genders","Geographic locations","Government issued IDs","IP addresses","Marital statuses","Names","Passwords","Phone numbers","Physical addresses","PINs","Security questions and answers","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"QIP","Name":"QIP","Domain":"qip.ru","BreachDate":"2011-06-01","AddedDate":"2017-01-08T22:23:19Z","ModifiedDate":"2017-01-08T22:23:19Z","PwnCount":26183992,"Description":"In mid-2011, the Russian instant messaging service known as QIP (Quiet Internet Pager) suffered a data breach. The attack resulted in the disclosure of over 26 million unique accounts including email addresses and passwords with the data eventually appearing in public years later.","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Quantum Booter","Name":"QuantumBooter","Domain":"quantumbooter.net","BreachDate":"2014-03-18","AddedDate":"2015-04-04T06:40:05Z","ModifiedDate":"2015-04-04T06:40:05Z","PwnCount":48592,"Description":"In March 2014, the booter service Quantum Booter (also referred to as Quantum Stresser) suffered a breach which lead to the disclosure of their internal database. The leaked data included private discussions relating to malicious activity Quantum Booter users were performing against online adversaries, including the IP addresses of those using the service to mount DDoS attacks.","DataClasses":["Email addresses","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"QuinStreet","Name":"QuinStreet","Domain":"quinstreet.com","BreachDate":"2015-12-14","AddedDate":"2016-12-17T07:44:31Z","ModifiedDate":"2016-12-17T07:44:31Z","PwnCount":4907802,"Description":"In approximately late 2015, the maker of \"performance marketing products\" QuinStreet had a number of their online assets compromised. The attack impacted 28 separate sites, predominantly technology forums such as flashkit.com, codeguru.com and webdeveloper.com (view a full list of sites). QuinStreet advised that impacted users have been notified and passwords reset. The data contained details on over 4.9 million people and included email addresses, dates of birth and salted MD5 hashes.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"R2 (2017 forum breach)","Name":"R2-2017","Domain":"r2games.com","BreachDate":"2017-01-01","AddedDate":"2017-04-25T11:04:29Z","ModifiedDate":"2017-04-25T11:04:29Z","PwnCount":1023466,"Description":"In early 2017, the forum for the gaming website R2 Games was hacked. R2 had previously appeared on HIBP in 2015 after a prior incident. This one exposed over 1 million unique user accounts and corresponding MD5 password hashes with no salt.","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"R2Games","Name":"R2Games","Domain":"r2games.com","BreachDate":"2015-11-01","AddedDate":"2016-02-09T12:20:35Z","ModifiedDate":"2016-02-09T12:20:35Z","PwnCount":22281337,"Description":"In late 2015, the gaming website R2Games was hacked and more than 2.1M personal records disclosed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 11M accounts were added to \"Have I been pwned\" in March 2016 and another 9M in July 2016 bringing the total to over 22M.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Rambler","Name":"Rambler","Domain":"rambler.ru","BreachDate":"2014-03-01","AddedDate":"2016-11-01T09:33:34Z","ModifiedDate":"2016-11-01T09:33:34Z","PwnCount":91436280,"Description":"In late 2016, a data dump of almost 100M accounts from Rambler, sometimes referred to as \"The Russian Yahoo\", was discovered being traded online. The data set provided to Have I been pwned included 91M unique usernames (which also form part of Rambler email addresses) and plain text passwords. According to Rambler, the data dates back to March 2014.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"RankWatch","Name":"Rankwatch","Domain":"rankwatch.com","BreachDate":"2016-11-19","AddedDate":"2017-11-03T07:04:08Z","ModifiedDate":"2017-11-03T07:04:08Z","PwnCount":7445067,"Description":"In approximately November 2016, the search engine optimisation management company RankWatch exposed a Mongo DB with no password publicly whereupon their data was exfiltrated and posted to an online forum. The data contained 7.4 million unique email addresses along with names, employers, phone numbers and job titles in a table called \"us_emails\". When contacted and advised of the incident, RankWatch would not reveal the purpose of the data, where it had been acquired from and whether the data owners had consented to its collection. The forum which originally posted the data explained it as being \"in the same vein as the modbsolutions leak\", a large list of corporate data allegedly used for spam purposes.","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Regpack","Name":"BlueSnapRegpack","Domain":"bluesnap.com","BreachDate":"2016-05-20","AddedDate":"2016-09-13T04:35:05Z","ModifiedDate":"2016-09-13T04:35:05Z","PwnCount":104977,"Description":"In July 2016, a tweet was posted with a link to an alleged data breach of BlueSnap, a global payment gateway and merchant account provider. The data contained 324k payment records across 105k unique email addresses and included personal attributes such as name, home address and phone number. The data was verified with multiple Have I been pwned subscribers who confirmed it also contained valid transactions, partial credit card numbers, expiry dates and CVVs. A downstream consumer of BlueSnap services known as Regpack was subsequently identified as the source of the data after they identified human error had left the transactions exposed on a publicly facing server. A full investigation of the data and statement by Regpack is detailed in the post titled Someone just lost 324k payment records, complete with CVVs.","DataClasses":["Browser user agent details","Credit card CVV","Email addresses","IP addresses","Names","Partial credit card data","Phone numbers","Physical addresses","Purchases"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Retina-X","Name":"RetinaX","Domain":"retinax.com","BreachDate":"2017-02-23","AddedDate":"2017-04-30T01:51:55Z","ModifiedDate":"2017-04-30T01:51:55Z","PwnCount":71153,"Description":"In February 2017, the mobile device monitoring software developer Retina-X was hacked and customer data downloaded before being wiped from their servers. The incident was covered in the Motherboard article titled Inside the 'Stalkerware' Surveillance Market, Where Ordinary People Tap Each Other's Phones. The service, used to monitor mobile devices, had 71k email addresses and MD5 hashes with no salt exposed. Retina-X disclosed the incident in a blog post on April 27, 2017.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"ReverbNation","Name":"Reverb-Nation","Domain":"reverbnation.com","BreachDate":"2014-01-01","AddedDate":"2017-10-05T06:56:23Z","ModifiedDate":"2017-10-05T06:56:23Z","PwnCount":7040725,"Description":"In January 2014, the online service for assisting musicians to build their careers ReverbNation suffered a data breach which wasn't identified until September the following year. The breach contained over 7 million accounts with unique email addresses and salted SHA1 passwords.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"River City Media Spam List","Name":"RiverCityMedia","Domain":"rivercitymediaonline.com","BreachDate":"2017-01-01","AddedDate":"2017-03-08T23:49:53Z","ModifiedDate":"2017-03-08T23:49:53Z","PwnCount":393430309,"Description":"In January 2017, a massive trove of data from River City Media was found exposed online. The data was found to contain almost 1.4 billion records including email and IP addresses, names and physical addresses, all of which was used as part of an enormous spam operation. Once de-duplicated, there were 393 million unique email addresses within the exposed data.","DataClasses":["Email addresses","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Rosebutt Board","Name":"RosebuttBoard","Domain":"rosebuttboard.com","BreachDate":"2016-05-09","AddedDate":"2016-05-10T07:37:46Z","ModifiedDate":"2016-05-10T07:37:46Z","PwnCount":107303,"Description":"Some time prior to May 2016, the forum known as \"Rosebutt Board\" was hacked and 107k accounts were exposed. The self-described \"top one board for anal fisting, prolapse, huge insertions and rosebutt fans\" had email and IP addresses, usernames and weakly stored salted MD5 password hashes hacked from the IP.Board based forum.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Russian America","Name":"RussianAmerica","Domain":"russianamerica.com","BreachDate":"2017-01-01","AddedDate":"2018-09-13T04:48:08Z","ModifiedDate":"2018-09-13T04:48:08Z","PwnCount":182717,"Description":"In approximately 2017, the website for Russian speakers in America known as Russian America suffered a data breach. The incident exposed 183k unique records including names, email addresses, phone numbers and passwords stored in both plain text and as MD5 hashes. Russian America was contacted about the breach but did not respond.","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"SC Daily Phone Spam List","Name":"SCDailyPhoneSpamList","Domain":"data4marketers.com","BreachDate":"2015-04-14","AddedDate":"2016-11-24T06:04:34Z","ModifiedDate":"2016-11-24T06:04:34Z","PwnCount":32939105,"Description":"In early 2015, a spam list known as SC Daily Phone emerged containing almost 33M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. Read more about spam lists in HIBP.","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Seedpeer","Name":"Seedpeer","Domain":"seedpeer.eu","BreachDate":"2015-07-12","AddedDate":"2016-03-09T02:49:28Z","ModifiedDate":"2016-03-09T02:49:28Z","PwnCount":281924,"Description":"In July 2015, the torrent site Seedpeer was hacked and 282k member records were exposed. The data included usernames, email addresses and passwords stored as weak MD5 hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"ServerPact","Name":"ServerPact","Domain":"serverpact.com","BreachDate":"2016-01-01","AddedDate":"2016-09-06T04:21:06Z","ModifiedDate":"2016-09-06T04:21:06Z","PwnCount":73587,"Description":"In mid-2015, the Dutch Minecraft site ServerPact was hacked and 73k accounts were exposed. Along with birth dates, email and IP addresses, the site also exposed SHA1 password hashes with the username as the salt.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Shotbow","Name":"Shotbow","Domain":"shotbow.net","BreachDate":"2016-05-09","AddedDate":"2017-10-29T23:53:20Z","ModifiedDate":"2017-10-29T23:53:20Z","PwnCount":1052753,"Description":"In May 2016, the multiplayer server for Minecraft service Shotbow announced they'd suffered a data breach. The incident resulted in the exposure of over 1 million unique email addresses, usernames and salted SHA-256 password hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"SkTorrent","Name":"SkTorrent","Domain":"sktorrent.eu","BreachDate":"2016-02-19","AddedDate":"2016-02-23T03:30:49Z","ModifiedDate":"2016-02-23T03:30:49Z","PwnCount":117070,"Description":"In February 2016, the Slovak torrent tracking site SkTorrent was hacked and over 117k records leaked online. The data dump included usernames, email addresses and passwords stored in plain text.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Smogon","Name":"Smogon","Domain":"smogon.com","BreachDate":"2017-09-10","AddedDate":"2018-04-11T00:12:09Z","ModifiedDate":"2018-04-11T00:12:09Z","PwnCount":386489,"Description":"In April 2018, the Pokémon website known as Smogon announced they'd suffered a data breach. The breach dated back to September 2017 and affected their XenForo based forum. The exposed data included usernames, email addresses, genders and both bcrypt and MD5 password hashes.","DataClasses":["Email addresses","Genders","Geographic locations","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Snapchat","Name":"Snapchat","Domain":"snapchat.com","BreachDate":"2014-01-01","AddedDate":"2014-01-02T00:00:00Z","ModifiedDate":"2014-01-02T00:00:00Z","PwnCount":4609615,"Description":"In January 2014 just one week after Gibson Security detailed vulnerabilities in the service, Snapchat had 4.6 million usernames and phone number exposed. The attack involved brute force enumeration of a large number of phone numbers against the Snapchat API in what appears to be a response to Snapchat's assertion that such an attack was \"theoretical\". Consequently, the breach enabled individual usernames (which are often used across other services) to be resolved to phone numbers which users usually wish to keep private.","DataClasses":["Geographic locations","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Sony","Name":"Sony","Domain":"sony.com","BreachDate":"2011-06-02","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":37103,"Description":"In 2011, Sony suffered breach after breach after breach — it was a very bad year for them. The breaches spanned various areas of the business ranging from the PlayStation network all the way through to the motion picture arm, Sony Pictures. A SQL Injection vulnerability in sonypictures.com lead to tens of thousands of accounts across multiple systems being exposed complete with plain text passwords.","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Soundwave","Name":"Soundwave","Domain":"soundwave.com","BreachDate":"2015-07-16","AddedDate":"2017-03-17T22:36:34Z","ModifiedDate":"2017-03-17T22:36:34Z","PwnCount":130705,"Description":"In approximately mid 2015, the music tracking app Soundwave suffered a data breach. The breach stemmed from an incident whereby \"production data had been used to populate the test database\" and was then inadvertently exposed in a MongoDB. The data contained 130k records and included email addresses, dates of birth, genders and MD5 hashes of passwords without a salt.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","Names","Passwords","Social connections"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Special K Data Feed Spam List","Name":"SpecialKSpamList","Domain":"data4marketers.com","BreachDate":"2015-10-07","AddedDate":"2016-11-24T00:18:27Z","ModifiedDate":"2016-11-24T00:18:27Z","PwnCount":30741620,"Description":"In mid to late 2015, a spam list known as the Special K Data Feed was discovered containing almost 31M identities. The data includes personal attributes such as names, physical and IP addresses, genders, birth dates and phone numbers. Read more about spam lists in HIBP.","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Names","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Spirol","Name":"Spirol","Domain":"spirol.com","BreachDate":"2014-02-22","AddedDate":"2014-02-22T20:47:56Z","ModifiedDate":"2014-02-22T20:47:56Z","PwnCount":55622,"Description":"In February 2014, Connecticut based Spirol Fastening Solutions suffered a data breach that exposed over 70,000 customer records. The attack was allegedly mounted by exploiting a SQL injection vulnerability which yielded data from Spirol’s CRM system ranging from customers’ names, companies, contact information and over 55,000 unique email addresses.","DataClasses":["Email addresses","Employers","Job titles","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"SpyFone","Name":"SpyFone","Domain":"spyfone.com","BreachDate":"2018-08-16","AddedDate":"2018-08-24T04:36:24Z","ModifiedDate":"2018-08-24T04:36:24Z","PwnCount":44109,"Description":"In August 2018, the spyware company SpyFone left terabytes of data publicly exposed. Collected surreptitiously whilst the targets were using their devices, the data included photos, audio recordings, text messages and browsing history which were then exposed via a number of misconfigurations within SpyFone's systems. The data belonged the thousands of SpyFone customers and included 44k unique email addresses, many likely belonging to people the targeted phones had contact with.","DataClasses":["Audio recordings","Browsing histories","Device information","Email addresses","Geographic locations","IMEI numbers","IP addresses","Names","Passwords","Photos","SMS messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Staminus","Name":"Staminus","Domain":"staminus.net","BreachDate":"2016-03-11","AddedDate":"2017-10-05T03:58:50Z","ModifiedDate":"2017-10-05T03:58:50Z","PwnCount":26815,"Description":"In March 2016, the DDoS protection service Staminus was \"massively hacked\" resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data. 27k unique email addresses were found in the data which was subsequently released to the public. Staminus is no longer in operation.","DataClasses":["Credit cards","Email addresses","IP addresses","Passwords","Support tickets","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"StarNet","Name":"StarNet","Domain":"starnet.md","BreachDate":"2015-02-26","AddedDate":"2015-04-11T06:35:46Z","ModifiedDate":"2015-04-11T06:35:46Z","PwnCount":139395,"Description":"In February 2015, the Moldavian ISP \"StarNet\" had it's database published online. The dump included nearly 140k email addresses, many with personal details including contact information, usage patterns of the ISP and even passport numbers.","DataClasses":["Customer interactions","Dates of birth","Email addresses","Genders","IP addresses","MAC addresses","Names","Passport numbers","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Ster-Kinekor","Name":"SterKinekor","Domain":"sterkinekor.co.za","BreachDate":"2017-03-09","AddedDate":"2017-03-13T10:13:16Z","ModifiedDate":"2017-03-13T10:13:16Z","PwnCount":1619544,"Description":"In 2016, the South African cinema company Ster-Kinekor had a security flaw which leaked a large amount of customer data via an enumeration vulnerability in the API of their old website. Whilst more than 6 million accounts were leaked by the flaw, the exposed data only contained 1.6 million unique email addresses. The data also included extensive personal information such as names, addresses, birthdates, genders and plain text passwords.","DataClasses":["Dates of birth","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Stratfor","Name":"Stratfor","Domain":"stratfor.com","BreachDate":"2011-12-24","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":859777,"Description":"In December 2011, \"Anonymous\" attacked the global intelligence company known as \"Stratfor\" and consequently disclosed a veritable treasure trove of data including hundreds of gigabytes of email and tens of thousands of credit card details which were promptly used by the attackers to make charitable donations (among other uses). The breach also included 860,000 user accounts complete with email address, time zone, some internal system data and MD5 hashed passwords with no salt.","DataClasses":["Credit cards","Email addresses","Names","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Sumo Torrent","Name":"SumoTorrent","Domain":"sumotorrent.sx","BreachDate":"2014-06-21","AddedDate":"2016-03-09T01:23:23Z","ModifiedDate":"2016-03-09T01:23:23Z","PwnCount":285191,"Description":"In June 2014, the torrent site Sumo Torrent was hacked and 285k member records were exposed. The data included IP addresses, email addresses and passwords stored as weak MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"SvenskaMagic","Name":"SvenskaMagic","Domain":"svenskamagic.com","BreachDate":"2015-07-01","AddedDate":"2018-08-30T05:05:04Z","ModifiedDate":"2018-08-30T05:08:09Z","PwnCount":30327,"Description":"Sometime in 2015, the Swedish magic website SvenskaMagic suffered a data breach that exposed over 30k records. The compromised data included usernames, email addresses and MD5 password hashes. The data was self-submitted to HIBP by SvenskaMagic.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"jpg"},{"Title":"SweClockers.com","Name":"SweClockers","Domain":"sweclockers.com","BreachDate":"2015-04-01","AddedDate":"2017-03-22T02:01:20Z","ModifiedDate":"2018-07-27T21:59:04Z","PwnCount":254867,"Description":"In early 2015, the Swedish tech news site SweClockers was hacked and 255k accounts were exposed. The attack led to the exposure of usernames, email addresses and salted hashes of passwords stored with a combination of MD5 and SHA512.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Taobao","Name":"Taobao","Domain":"taobao.com","BreachDate":"2012-01-01","AddedDate":"2016-10-08T10:53:23Z","ModifiedDate":"2016-10-08T10:53:23Z","PwnCount":21149008,"Description":"In approximately 2012, it's alleged that the Chinese shopping site known as Taobao suffered a data breach that impacted over 21 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses and plain text passwords. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Taringa","Name":"Taringa","Domain":"taringa.net","BreachDate":"2017-08-01","AddedDate":"2018-04-19T10:11:37Z","ModifiedDate":"2018-04-19T10:11:37Z","PwnCount":27971100,"Description":"In September 2017, news broke that Taringa had suffered a data breach exposing 28 million records. Known as \"The Latin American Reddit\", Taringa's breach disclosure notice indicated the incident dated back to August that year. The exposed data included usernames, email addresses and weak MD5 hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Team SoloMid","Name":"Solomid","Domain":"solomid.net","BreachDate":"2014-12-22","AddedDate":"2016-03-09T13:04:08Z","ModifiedDate":"2016-03-09T13:04:08Z","PwnCount":442166,"Description":"In December 2014, the electronic sports organisation known as Team SoloMid was hacked and 442k members accounts were leaked. The accounts included email and IP addresses, usernames and salted hashes of passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Telecom Regulatory Authority of India","Name":"TRAI","Domain":"trai.gov.in","BreachDate":"2015-04-27","AddedDate":"2015-04-27T11:21:59Z","ModifiedDate":"2015-04-27T11:21:59Z","PwnCount":107776,"Description":"In April 2015, the Telecom Regulatory Authority of India (TRAI) published tens of thousand of emails sent by Indian citizens supporting net neutrality as part of the SaveTheInternet campaign. The published data included lists of emails including the sender's name and email address as well as the contents of the email as well, often with signatures including other personal data.","DataClasses":["Email addresses","Email messages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Teracod","Name":"Teracod","Domain":"teracod.org","BreachDate":"2016-05-28","AddedDate":"2016-08-22T11:21:27Z","ModifiedDate":"2016-08-22T11:21:27Z","PwnCount":97151,"Description":"In May 2015, almost 100k user records were extracted from the Hungarian torrent site known as Teracod. The data was later discovered being torrented itself and included email addresses, passwords, private messages between members and the peering history of IP addresses using the service.","DataClasses":["Avatars","Email addresses","IP addresses","Passwords","Payment histories","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Tesco","Name":"Tesco","Domain":"tesco.com","BreachDate":"2014-02-12","AddedDate":"2014-02-13T21:19:24Z","ModifiedDate":"2014-02-13T21:19:24Z","PwnCount":2239,"Description":"In February 2014, over 2,000 Tesco accounts with usernames, passwords and loyalty card balances appeared on Pastebin. Whilst the source of the breach is not clear, many confirmed the credentials were valid for Tesco and indeed they have a history of poor online security.","DataClasses":["Email addresses","Passwords","Reward program balances"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"TGBUS","Name":"TGBUS","Domain":"tgbus.com","BreachDate":"2017-09-01","AddedDate":"2018-04-28T02:02:29Z","ModifiedDate":"2018-04-28T02:02:29Z","PwnCount":10371766,"Description":"In approximately 2017, it's alleged that the Chinese gaming site known as TGBUS suffered a data breach that impacted over 10 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains usernames, email addresses and salted MD5 password hashes and was provided with support from dehashed.com. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"The Candid Board","Name":"TheCandidBoard","Domain":"thecandidboard.com","BreachDate":"2015-09-03","AddedDate":"2017-01-22T08:33:43Z","ModifiedDate":"2017-01-22T08:33:43Z","PwnCount":178201,"Description":"In September 2015, the non-consensual voyeurism site \"The Candid Board\" suffered a data breach. The hack of the vBulletin forum led to the exposure of over 178k accounts along with email and IP addresses, dates of birth and salted passwords hashed with MD5.","DataClasses":["Dates of birth","Email addresses","Geographic locations","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"The Fappening","Name":"TheFappening","Domain":"thefappening.so","BreachDate":"2015-12-01","AddedDate":"2016-04-13T01:08:20Z","ModifiedDate":"2016-04-13T01:08:20Z","PwnCount":179030,"Description":"In December 2015, the forum for discussing naked celebrity photos known as "The Fappening" (named after the iCloud leaks of 2014) was compromised and 179k accounts were leaked. Exposed member data included usernames, email addresses and salted hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"The Fly on the Wall","Name":"TheFlyOnTheWall","Domain":"theflyonthewall.com","BreachDate":"2017-12-31","AddedDate":"2018-01-15T06:42:31Z","ModifiedDate":"2018-01-15T06:42:31Z","PwnCount":84011,"Description":"In December 2017, the stock market news website The Fly on the Wall suffered a data breach. The data in the breach included 84k unique email addresses as well as purchase histories and credit card data. Numerous attempts were made to contact The Fly on the Wall about the incident, however no responses were received.","DataClasses":["Age groups","Credit cards","Email addresses","Genders","Names","Passwords","Phone numbers","Physical addresses","Purchases","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"TheTVDB.com","Name":"TheTVDB","Domain":"thetvdb.com","BreachDate":"2017-11-21","AddedDate":"2018-01-29T07:50:12Z","ModifiedDate":"2018-01-29T07:50:12Z","PwnCount":181871,"Description":"In November 2017, the open television database known as TheTVDB.com suffered a data breach. The breached data was posted to a hacking forum and included 182k records with usernames, email addresses and MySQL password hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"ThisHabbo Forum","Name":"ThisHabboForum","Domain":"thishabboforum.com","BreachDate":"2014-01-01","AddedDate":"2015-03-28T05:35:28Z","ModifiedDate":"2015-03-28T05:35:28Z","PwnCount":612414,"Description":"In 2014, the ThisHabbo forum (a fan site for Habbo.com, a Finnish social networking site) appeared among a list of compromised sites which has subsequently been removed from the internet. Whilst the actual date of the exploit is not clear, the breached data includes usernames, email addresses, IP addresses and salted hashes of passwords. A further 584k records were added from a more comprehensive breach file provided in October 2016.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Tianya","Name":"Tianya","Domain":"tianya.cn","BreachDate":"2011-12-26","AddedDate":"2016-06-30T03:39:05Z","ModifiedDate":"2016-06-30T03:39:05Z","PwnCount":29020808,"Description":"In December 2011, China's largest online forum known as Tianya was hacked and tens of millions of accounts were obtained by the attacker. The leaked data included names, usernames and email addresses.","DataClasses":["Email addresses","Names","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Ticketfly","Name":"Ticketfly","Domain":"ticketfly.com","BreachDate":"2018-05-31","AddedDate":"2018-06-03T06:14:14Z","ModifiedDate":"2018-07-14T06:06:15Z","PwnCount":26151608,"Description":"In May 2018, the website for the ticket distribution service Ticketfly was defaced by an attacker and was subsequently taken offline. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location. The data included over 26 million unique email addresses along with names, physical addresses and phone numbers. Whilst there were no passwords in the publicly leaked data, Ticketfly later issued an incident update and stated that \"It is possible, however, that hashed values of password credentials could have been accessed\".","DataClasses":["Email addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Torrent Invites","Name":"TorrentInvites","Domain":"torrent-invites.com","BreachDate":"2013-12-12","AddedDate":"2017-03-22T01:14:11Z","ModifiedDate":"2017-03-22T01:14:11Z","PwnCount":352120,"Description":"In December 2013, the torrent site Torrent Invites was hacked and over 352k accounts were exposed. The vBulletin forum contained usernames, email and IP addresses, birth dates and salted MD5 hashes of passwords.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Trik Spam Botnet","Name":"TrikSpamBotnet","Domain":"","BreachDate":"2018-06-12","AddedDate":"2018-06-14T08:05:50Z","ModifiedDate":"2018-06-14T08:05:50Z","PwnCount":43432346,"Description":"In June 2018, the command and control server of a malicious botnet known as the \"Trik Spam Botnet\" was misconfigured such that it exposed the email addresses of more than 43 million people. The researchers who discovered the exposed Russian server believe the list of addresses was used to distribute various malware strains via malspam campaigns (emails designed to deliver malware).","DataClasses":["Email addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":true,"LogoType":"png"},{"Title":"Trillian","Name":"Trillian","Domain":"trillian.im","BreachDate":"2015-12-27","AddedDate":"2016-07-15T11:14:44Z","ModifiedDate":"2016-07-15T11:14:44Z","PwnCount":3827238,"Description":"In December 2015, the instant messaging application Trillian suffered a data breach. The breach became known in July 2016 and exposed various personal data attributes including names, email addresses and passwords stored as salted MD5 hashes.","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"TruckersMP","Name":"TruckersMP","Domain":"truckersmp.com","BreachDate":"2016-02-25","AddedDate":"2016-04-24T21:27:05Z","ModifiedDate":"2016-04-24T21:27:05Z","PwnCount":83957,"Description":"In February 2016, the online trucking simulator mod TruckersMP suffered a data breach which exposed 84k user accounts. In a first for \"Have I been pwned\", the breached data was self-submitted directly by the organisation that was breached itself.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"tumblr","Name":"Tumblr","Domain":"tumblr.com","BreachDate":"2013-02-28","AddedDate":"2016-05-29T22:59:04Z","ModifiedDate":"2016-05-29T22:59:04Z","PwnCount":65469298,"Description":"In early 2013, tumblr suffered a data breach which resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Uiggy","Name":"Uiggy","Domain":"uiggy.com","BreachDate":"2016-06-01","AddedDate":"2016-06-27T08:07:18Z","ModifiedDate":"2016-06-27T08:07:18Z","PwnCount":2682650,"Description":"In June 2016, the Facebook application known as Uiggy was hacked and 4.3M accounts were exposed, 2.7M of which had email addresses against them. The leaked accounts also exposed names, genders and the Facebook ID of the owners.","DataClasses":["Email addresses","Genders","Names","Social connections","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"UN Internet Governance Forum","Name":"IGF","Domain":"intgovforum.org","BreachDate":"2014-02-20","AddedDate":"2014-02-23T04:32:08Z","ModifiedDate":"2014-02-23T04:32:08Z","PwnCount":3200,"Description":"In February 2014, the Internet Governance Forum (formed by the United Nations for policy dialogue on issues of internet governance) was attacked by hacker collective known as Deletesec. Although tasked with \"ensuring the security and stability of the Internet\", the IGF’s website was still breached and resulted in the leak of 3,200 email addresses, names, usernames and cryptographically stored passwords.","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Underworld Empire","Name":"UnderworldEmpire","Domain":"underworldempireforums.com","BreachDate":"2017-04-25","AddedDate":"2018-02-19T10:28:11Z","ModifiedDate":"2018-02-19T10:28:11Z","PwnCount":428779,"Description":"In April 2017, the vBulletin forum for the Underworld Empire game suffered a data breach that exposed 429k accounts. The data was then posted to a hacking forum in mid-February 2018 where it was made available to download. The source data contained IP and email addresses, usernames and salted MD5 hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Unreal Engine","Name":"UnrealEngine","Domain":"unrealengine.com","BreachDate":"2016-08-11","AddedDate":"2016-11-07T09:04:54Z","ModifiedDate":"2016-11-07T09:04:54Z","PwnCount":530147,"Description":"In August 2016, the Unreal Engine Forum suffered a data breach, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 530k accounts including usernames, email addresses and salted MD5 hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"uTorrent","Name":"uTorrent","Domain":"utorrent.com","BreachDate":"2016-01-14","AddedDate":"2016-11-05T22:32:39Z","ModifiedDate":"2016-11-05T22:32:39Z","PwnCount":395044,"Description":"In early 2016, the forum for the uTorrent BitTorrent client suffered a data breach which came to light later in the year. The database from the IP.Board based forum contained 395k accounts including usernames, email addresses and MD5 password hashes without a salt.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"uuu9","Name":"uuu9","Domain":"uuu9.com","BreachDate":"2016-09-06","AddedDate":"2016-12-27T10:05:41Z","ModifiedDate":"2016-12-27T10:05:41Z","PwnCount":7485802,"Description":"In September 2016, data was allegedly obtained from the Chinese website known as uuu9.com and contained 7.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as \"unverified\". The data in the breach contains email addresses and user names. Read more about Chinese data breaches in Have I been pwned.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":false,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"vBulletin","Name":"VBulletin","Domain":"vbulletin.com","BreachDate":"2015-11-03","AddedDate":"2016-01-24T13:15:11Z","ModifiedDate":"2016-01-24T13:15:11Z","PwnCount":518966,"Description":"In November 2015, the forum software maker vBulletin suffered a serious data breach. The attack lead to the release of both forum user and customer accounts totalling almost 519k records. The breach included email addresses, birth dates, security questions and answers for customers and salted hashes of passwords for both sources.","DataClasses":["Dates of birth","Email addresses","Homepage URLs","Instant messenger identities","IP addresses","Passwords","Security questions and answers","Spoken languages","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Verified","Name":"Verified","Domain":"verified.cm","BreachDate":"2014-01-10","AddedDate":"2014-07-06T04:16:37Z","ModifiedDate":"2014-07-06T04:16:37Z","PwnCount":16919,"Description":"In January 2014, one of the largest communities of Eastern Europe cybercriminals known as \"Verified\" was hacked. The breach exposed nearly 17k users of the vBulletin forum including their personal messages and other potentially personally identifiable information.","DataClasses":["Email addresses","Historical passwords","IP addresses","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Victory Phones","Name":"VictoryPhones","Domain":"victoryphones.com","BreachDate":"2017-01-01","AddedDate":"2017-10-11T21:01:33Z","ModifiedDate":"2017-10-11T21:01:33Z","PwnCount":166046,"Description":"In January 2017, the automated telephony services company Victory Phones left a Mongo DB database publicly facing without a password. Subsequently, 213GB of data was downloaded by an unauthorised party including names, addresses, phone numbers and over 166k unique email addresses.","DataClasses":["Dates of birth","Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"ViewFines","Name":"ViewFines","Domain":"viewfines.co.za","BreachDate":"2018-05-07","AddedDate":"2018-05-24T09:11:55Z","ModifiedDate":"2018-05-24T09:11:55Z","PwnCount":777649,"Description":"In May 2018, the South African website for viewing traffic fines online known as ViewFines suffered a data breach. Over 934k records containing 778k unique email addresses were exposed and included names, phone numbers, government issued IDs and passwords stored in plain text.","DataClasses":["Email addresses","Government issued IDs","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"VK","Name":"VK","Domain":"vk.com","BreachDate":"2012-01-01","AddedDate":"2016-06-09T09:16:36Z","ModifiedDate":"2016-06-09T09:16:36Z","PwnCount":93338602,"Description":"In approximately 2012, the Russian social media site known as VK was hacked and almost 100 million accounts were exposed. The data emerged in June 2016 where it was being sold via a dark market website and included names, phone numbers email addresses and plain text passwords.","DataClasses":["Email addresses","Names","Passwords","Phone numbers"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"VNG","Name":"VNG","Domain":"zing.vn","BreachDate":"2015-05-19","AddedDate":"2018-04-28T07:49:02Z","ModifiedDate":"2018-04-28T07:49:02Z","PwnCount":24853850,"Description":"In April 2018, news broke of a massive data breach impacting the Vietnamese company known as VNG after data was discovered being traded on a popular hacking forum where it was extensively redistributed. The breach dated back to an incident in May of 2015 and included of over 163 million customers. The data in the breach contained a wide range of personal attributes including usernames, birth dates, genders and home addresses along with unsalted MD5 hashes and 25 million unique email addresses. The data was provided to HIBP by dehashed.com.","DataClasses":["Dates of birth","Email addresses","Genders","IP addresses","Marital statuses","Names","Occupations","Passwords","Phone numbers","Physical addresses","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Vodafone","Name":"Vodafone","Domain":"vodafone.is","BreachDate":"2013-12-12","AddedDate":"2013-11-30T00:00:00Z","ModifiedDate":"2013-11-30T00:00:00Z","PwnCount":56021,"Description":"In November 2013, Vodafone in Iceland suffered an attack attributed to the Turkish hacker collective \"Maxn3y\". The data was consequently publicly exposed and included user names, email addresses, social security numbers, SMS message, server logs and passwords from a variety of different internal sources.","DataClasses":["Credit cards","Email addresses","Government issued IDs","IP addresses","Names","Passwords","Phone numbers","Physical addresses","Purchases","SMS messages","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"VTech","Name":"VTech","Domain":"vtechda.com","BreachDate":"2015-11-13","AddedDate":"2015-11-25T07:00:57Z","ModifiedDate":"2015-11-25T07:00:57Z","PwnCount":4833678,"Description":"In November 2015, hackers extracted more than 4.8 million parents' and 227k children's accounts from VTech's Learning Lodge website. The Hong Kong company produces learning products for children including software sold via the compromised website. The data breach exposed extensive personal details including home addresses, security questions and answers and passwords stored as weak MD5 hashes. Furthermore, children's details including names, ages, genders and associations to their parents' records were also exposed.","DataClasses":["Dates of birth","Email addresses","Family members' names","Genders","IP addresses","Names","Passwords","Physical addresses","Security questions and answers","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":true,"IsSpamList":false,"LogoType":"svg"},{"Title":"V-Tight Gel","Name":"VTightGel","Domain":"vtightgel.com","BreachDate":"2016-02-13","AddedDate":"2017-11-17T07:31:16Z","ModifiedDate":"2017-11-17T07:47:39Z","PwnCount":2013164,"Description":"In approximately February 2016, data surfaced which was allegedly obtained from V-Tight Gel (vaginal tightening gel). Whilst the data set was titled V-Tight, within there were 50 other (predominantly wellness-related) domain names, most owned by the same entity. Multiple HIBP subscribers confirmed that although they couldn't recall providing data specifically to V-Tight, their personal information including name, phone and physical address was accurate. V-Tight Gel did not reply to multiple requests for comment.","DataClasses":["Email addresses","IP addresses","Names","Phone numbers","Physical addresses"],"IsVerified":false,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"War Inc.","Name":"WarInc","Domain":"thewarinc.com","BreachDate":"2012-07-04","AddedDate":"2016-11-07T11:07:25Z","ModifiedDate":"2016-11-07T11:07:25Z","PwnCount":1020136,"Description":"In mid-2012, the real-time strategy game War Inc. suffered a data breach. The attack resulted in the exposure of over 1 million accounts including usernames, email addresses and salted MD5 hashes of passwords.","DataClasses":["Email addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Warframe","Name":"Warframe","Domain":"warframe.com","BreachDate":"2014-11-24","AddedDate":"2016-07-21T02:25:49Z","ModifiedDate":"2016-07-21T02:25:49Z","PwnCount":819478,"Description":"In November 2014, the online game Warframe was hacked and 819k unique email addresses were exposed. Allegedly due to a SQL injection flaw in Drupal, the attack exposed usernames, email addresses and data in a \"pass\" column which adheres to the salted SHA12 password hashing pattern used by Drupal 7. Digital Extremes (the developers of Warframe), asserts the salted hashes are of \"alias names\" rather than passwords.","DataClasses":["Email addresses","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Warmane","Name":"Warmane","Domain":"warmane.com","BreachDate":"2016-12-01","AddedDate":"2018-09-08T07:54:18Z","ModifiedDate":"2018-09-08T07:57:44Z","PwnCount":1116256,"Description":"In approximately December 2016, the online service for World of Warcraft private servers Warmane suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes. The data was subsequently extensively circulated online and was later provided to HIBP by whitehat security researcher and data analyst Adam Davies.","DataClasses":["Dates of birth","Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"jpg"},{"Title":"We Heart It","Name":"WeHeartIt","Domain":"weheartit.com","BreachDate":"2013-11-03","AddedDate":"2017-10-14T20:14:58Z","ModifiedDate":"2017-10-14T20:14:58Z","PwnCount":8600635,"Description":"In November 2013, the image-based social network We Heart It suffered a data breach. The incident wasn't discovered until October 2017 when 8.6 million user records were sent to HIBP. The data contained user names, email addresses and password hashes, 80% of which were salted SHA-256 with the remainder being MD5 with no salt.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"WHMCS","Name":"WHMCS","Domain":"whmcs.com","BreachDate":"2012-05-21","AddedDate":"2016-06-28T23:47:07Z","ModifiedDate":"2016-06-28T23:47:07Z","PwnCount":134047,"Description":"In May 2012, the web hosting, billing and automation company WHMCS suffered a data breach that exposed 134k email addresses. The breach included extensive information about customers and payment histories including partial credit card numbers.","DataClasses":["Email addresses","Email messages","Employers","IP addresses","Names","Partial credit card data","Passwords","Payment histories","Physical addresses","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"WIIU ISO","Name":"WIIUISO","Domain":"wiiuiso.com","BreachDate":"2015-09-25","AddedDate":"2016-09-06T05:51:12Z","ModifiedDate":"2016-09-06T05:51:12Z","PwnCount":458155,"Description":"In September 2015, the Nintendo Wii U forum known as WIIU ISO was hacked and 458k accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"WildStar","Name":"WildStar","Domain":"wildstar-online.com","BreachDate":"2015-07-11","AddedDate":"2016-03-06T21:41:16Z","ModifiedDate":"2016-03-06T21:41:16Z","PwnCount":738556,"Description":"In July 2015, the IP.Board forum for the gaming website WildStar suffered a data breach that exposed over 738k forum members' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.","DataClasses":["Dates of birth","Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Win7Vista Forum","Name":"Win7Vista","Domain":"win7vista.com","BreachDate":"2013-09-03","AddedDate":"2014-06-01T10:01:32Z","ModifiedDate":"2014-06-01T10:01:32Z","PwnCount":202683,"Description":"In September 2013, the Win7Vista Windows forum (since renamed to the \"Beyond Windows 9\" forum) was hacked and later had its internal database dumped. The dump included over 200k members’ personal information and other internal data extracted from the forum.","DataClasses":["Email addresses","Instant messenger identities","IP addresses","Names","Passwords","Private messages","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Wishbone","Name":"Wishbone","Domain":"wishbone.io","BreachDate":"2016-08-07","AddedDate":"2017-03-15T19:29:52Z","ModifiedDate":"2017-03-15T19:29:52Z","PwnCount":2247314,"Description":"In August 2016, the mobile app to \"compare anything\" known as Wishbone suffered a data breach. The data contained 9.4 million records with 2.2 million unique email addresses and was allegedly a subset of the complete data set. The exposed data included genders, birthdates, email addresses and phone numbers for an audience predominantly composed of teenagers and young adults.","DataClasses":["Auth tokens","Dates of birth","Email addresses","Genders","Names","Phone numbers","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"WPT Amateur Poker League","Name":"WPT","Domain":"wptapl.com","BreachDate":"2014-01-04","AddedDate":"2014-02-01T02:57:21Z","ModifiedDate":"2014-02-01T02:57:21Z","PwnCount":148366,"Description":"In January 2014, the World Poker Tour (WPT) Amateur Poker League website was hacked by the Twitter user @smitt3nz. The attack resulted in the public disclosure of 175,000 accounts including 148,000 email addresses. The plain text password for each account was also included in the breach.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"xat","Name":"xat","Domain":"xat.com","BreachDate":"2015-11-04","AddedDate":"2016-08-05T06:53:35Z","ModifiedDate":"2016-08-05T06:53:35Z","PwnCount":5968783,"Description":"In November 2015, the online chatroom known as \"xat\" was hacked and 6 million user accounts were exposed. Used as a chat engine on websites, the leaked data included usernames, email and IP addresses along with hashed passwords.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames","Website activity"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Xbox 360 ISO","Name":"Xbox360ISO","Domain":"xbox360iso.com","BreachDate":"2015-09-25","AddedDate":"2017-01-29T07:20:52Z","ModifiedDate":"2017-01-29T07:20:52Z","PwnCount":1296959,"Description":"In approximately September 2015, the XBOX 360 forum known as XBOX360 ISO was hacked and 1.2 million accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Xbox-Scene","Name":"Xbox-Scene","Domain":"xboxscene.com","BreachDate":"2015-02-01","AddedDate":"2016-02-07T20:26:56Z","ModifiedDate":"2016-02-07T20:26:56Z","PwnCount":432552,"Description":"In approximately February 2015, the Xbox forum known as Xbox-Scene was hacked and more than 432k accounts were exposed. The IP.Board forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"xHamster","Name":"xHamster","Domain":"xhamster.com","BreachDate":"2016-11-28","AddedDate":"2018-03-08T02:09:26Z","ModifiedDate":"2018-03-08T02:09:26Z","PwnCount":377377,"Description":"In November 2016, news broke that hackers were trading hundreds of thousands of xHamster porn account details. In total, the data contained almost 380k unique user records including email addresses, usernames and unsalted MD5 password hashes.","DataClasses":[],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"XPG","Name":"XPGameSaves","Domain":"xpgamesaves.com","BreachDate":"2016-01-01","AddedDate":"2017-07-01T15:28:17Z","ModifiedDate":"2017-07-01T15:28:17Z","PwnCount":890341,"Description":"In approximately early 2016, the gaming website Xpgamesaves (XPG) suffered a data breach resulting in the exposure of 890k unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site was previously reported as compromised on the Vigilante.pw breached database directory. This data was provided by security researcher and data analyst, Adam Davies.","DataClasses":["Email addresses","IP addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"XSplit","Name":"XSplit","Domain":"xsplit.com","BreachDate":"2013-11-07","AddedDate":"2015-08-08T04:28:48Z","ModifiedDate":"2015-08-08T04:28:48Z","PwnCount":2983472,"Description":"In November 2013, the makers of gaming live streaming and recording software XSplit was compromised in an online attack. The data breach leaked almost 3M names, email addresses, usernames and hashed passwords.","DataClasses":["Email addresses","Names","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Yahoo","Name":"Yahoo","Domain":"yahoo.com","BreachDate":"2012-07-11","AddedDate":"2013-12-04T00:00:00Z","ModifiedDate":"2013-12-04T00:00:00Z","PwnCount":453427,"Description":"In July 2012, Yahoo! had their online publishing service \"Voices\" compromised via a SQL injection attack. The breach resulted in the disclosure of nearly half a million usernames and passwords stored in plain text. The breach showed that of the compromised accounts, a staggering 59% of people who also had accounts in the Sony breach reused their passwords across both services.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Yandex Dump","Name":"Yandex","Domain":"forum.btcsec.com","BreachDate":"2014-09-07","AddedDate":"2014-09-12T04:50:32Z","ModifiedDate":"2014-09-12T04:50:32Z","PwnCount":1186564,"Description":"In September 2014, news broke of a massive leak of accounts from Yandex, the Russian search engine giants who also provides email services. The purported million \"breached\" accounts were disclosed at the same time as nearly 5M mail.ru accounts with both companies claiming the credentials were acquired via phishing scams rather than being obtained as a result of direct attacks against their services.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Yatra","Name":"Yatra","Domain":"yatra.com","BreachDate":"2013-09-01","AddedDate":"2018-07-04T23:15:57Z","ModifiedDate":"2018-07-04T23:15:57Z","PwnCount":5033997,"Description":"In September 2013, the Indian bookings website known as Yatra had 5 million records exposed in a data breach. The data contained email and physical addresses, dates of birth and phone numbers along with both PINs and passwords stored in plain text. The site was previously reported as compromised on the Vigilante.pw breached database directory.","DataClasses":["Dates of birth","Email addresses","Names","Passwords","Phone numbers","Physical addresses","PINs"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Youku","Name":"Youku","Domain":"youku.com","BreachDate":"2016-12-01","AddedDate":"2017-04-15T11:02:35Z","ModifiedDate":"2017-04-15T11:02:35Z","PwnCount":91890110,"Description":"In late 2016, the online Chinese video service Youku suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I been pwned courtesy of rip@creep.im.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"YouPorn","Name":"YouPorn","Domain":"youporn.com","BreachDate":"2012-02-21","AddedDate":"2015-07-30T05:32:00Z","ModifiedDate":"2018-05-20T05:24:11Z","PwnCount":1327567,"Description":"In February 2012, the adult website YouPorn had over 1.3M user accounts exposed in a data breach. The publicly released data included both email addresses and plain text passwords.","DataClasses":["Email addresses","Passwords"],"IsVerified":true,"IsFabricated":false,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Zomato","Name":"Zomato","Domain":"zomato.com","BreachDate":"2017-05-17","AddedDate":"2017-09-04T21:06:46Z","ModifiedDate":"2017-09-04T21:06:46Z","PwnCount":16472873,"Description":"In May 2017, the restaurant guide website Zomato was hacked resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Zoosk","Name":"Zoosk","Domain":"zoosk.com","BreachDate":"2011-01-01","AddedDate":"2017-02-08T07:59:39Z","ModifiedDate":"2017-02-08T07:59:39Z","PwnCount":52578183,"Description":"In approximately 2011, an alleged breach of the dating website Zoosk began circulating. Comprised of almost 53 million records, the data contained email addresses and plain text passwords. However, during extensive verification in May 2016 no evidence could be found that the data was indeed sourced from the dating service. This breach has consequently been flagged as fabricated; it's highly unlikely the data was sourced from Zoosk.","DataClasses":["Email addresses","Passwords"],"IsVerified":false,"IsFabricated":true,"IsSensitive":true,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"svg"},{"Title":"Пара Па","Name":"Parapa","Domain":"parapa.mail.ru","BreachDate":"2016-08-08","AddedDate":"2016-12-28T07:03:17Z","ModifiedDate":"2016-12-28T07:03:17Z","PwnCount":4946850,"Description":"In August 2016, the Russian gaming site known as Пара Па (or parapa.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 4.9 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.","DataClasses":["Email addresses","Passwords","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"},{"Title":"Спрашивай.ру","Name":"SprashivaiRu","Domain":"sprashivai.ru","BreachDate":"2015-05-11","AddedDate":"2015-05-12T23:50:08Z","ModifiedDate":"2015-05-12T23:50:08Z","PwnCount":3474763,"Description":"In May 2015, Спрашивай.ру (a the Russian website for anonymous reviews) was reported to have had 6.7 million user details exposed by a hacker known as \"w0rm\". Intended to be a site for expressing anonymous opinions, the leaked data included email addresses, birth dates and other personally identifiable data about almost 3.5 million unique email addresses found in the leak.","DataClasses":["Dates of birth","Email addresses","Genders","Geographic locations","IP addresses","* Connection #0 to host fx-breach-alerts.herokuapp.com left intact Passwords","Spoken languages"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsActive":true,"IsRetired":false,"IsSpamList":false,"LogoType":"png"}]The same request on stage gets a
304😢 :curl -v -H "If-Modified-Since: Mon, 3 Sep 2018 00:00:00 GMT" https://blurts-server.stage.mozaws.net/hibp/breaches