Major Data Breaches
What Is a Data Breach? A data breach occurs when unauthorized parties gain access to sensitive or confidential information. This can include personal data (such as Social Security numbers, bank account details, and healthcare records) or corporate data (like customer records, intellectual property, and financial information). Essentially, any security incident where someone gains unauthorized access to data falls under the umbrella of a data breach.
Name | Website | Date | Details |
---|---|---|---|
ChrisLeong | chrisleong.com | 10/08/2024 | In August 2024, the website of Master Chris Leong "a leading Tit Tar practitioner in Malaysia" suffered a data breach. The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many cases, links to Facebook profiles. The company did not respond when contacted about the breach. |
NotSOCRadar | 03/08/2024 | In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format. | |
Ubook | ubook.com | 28/07/2024 | In July 2024, 700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum. Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to profile photos. |
TelegramStealerLogs | 18/07/2024 | In July 2024, info stealer logs with 26M unique email addresses were collated from malicious Telegram channels. The data contained 22GB of logs consisting of email addresses, passwords and the websites they were used on, all obtained by malware running on infected machines. | |
TheHeritageFoundation | heritage.org | 09/07/2024 | In July 2024, hacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal. The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the comments left) and by content contributors (along with usernames and passwords stored as either MD5 or phpass hashes). |
LuLu | luluhypermarket.com | 06/07/2024 | In July 2024, the Emirati-based LuLu retail store suffered a data breach. The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker". The following month, the threat of leaking the full database was carried out and a backup from October 2022 with a further 2.6M unique email addresses appeared. This data also included names, physical addresses, orders and PBKDF2 password hashes. |
AnimeLeague | animeleague.net | 04/07/2024 | In July 2024, AnimeLeague disclosed a data breach of their services. The data was posted for sale on a popular hacking forum and included 2 databases covering both event registration records and a dump of the phpBB bulletin board. The impacted data included passwords in various hashed formats including SHA-1, salted md5 and bcrypt, as well as usernames, private messages, dates of birth, purchases and 192k unique email addresses. |
HuskyOwners | husky-owners.com | 04/07/2024 | In July 2024, the Husky Owners forum website was defaced and linked to a breach of user data containing 16k records. The exposed data included usernames, email addresses, dates of birth and time zones. |
RobloxDeveloperConference2024 | fntech.com | 04/07/2024 | In July 2024, the events management platform FNTECH suffered a data breach that exposed 10k unique email addresses. The data contained registrants from various events, including participants of the Roblox Developer Conference registration list. The data also included names and IP addresses. |
ShoeZone | shoezone.com | 28/06/2024 | In June 2024, the UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum. The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits), and 46k unique email addresses. The data was provided to HIBP by a source who requested it be attributed to "IntelBroker". |
Truist Bank | 13/06/2024 | One of the largest banks in America – Truist Bank – reveals that it suffered a data breach back in October 2023 after employee information appeared for sale online. A hacking group known as Sp1d3r has claimed responsibility and is reportedly selling the dataset for around $1 million. Truist – which looks after more than $500 billion in assets and has 65,000 staff members on its payroll – said they notified “a small number of clients” at the time of the breach. | |
Tile | tile.com | 11/06/2024 | Life360, the company behind the Tile tracker device, reveals that its databases have been breached, and that the company is being targeted for extortion. In a statement, the company shared that the affected data includes names, addresses, email addresses, phone numbers and Tile device identification numbers. |
mSpy2024 | mspy.com | 09/06/2024 | In June 2024, a huge trove of data from spyware maker mSpy was obtained by hacktivists and published online. Comprising of 142GB of user data and support tickets along with 176GB of more than half a million attachments, the data contained 2.4M unique email addresses, IP addresses names and photos. The data was predominantly support tickets seeking help to install the spyware on target devices, whilst the attachments contained various data including screen grans of financial transactions, photos of credit cards and nude selfies. |
AdvanceAutoParts | advanceautoparts.com | 05/06/2024 | In June 2024, Advance Auto Parts confirmed they had suffered a data breach which was posted for sale to a popular hacking forum. Linked to unauthorised access to Snowflake cloud services, the breach exposed a large number of records related to both customers and employees. In total, 79M unique email addresses were included in the breach, alongside names, phone numbers, addresses and further data attributes related to company employees. |
Spytech | spytech-web.com | 04/06/2024 | In July 2024, spyware maker Spytech suffered a data breach that exposed data collected as recently as the previous month. Designed to "invisibly record everything users do", the breach exposed information related to both purchasers and targets of the product. Target data collection (and subsequent exposure) included the infected computer name, browsing history, applications used, usernames of authenticated users, keywords being monitored, file operations (creation and deletion), computer usage times and email addresses, often captured within the spyware's logs. The data also included the names, purchases and md5 password hashes of purchasers. |
Ticketmaster | ticketmaster.com | 01/06/2024 | Ticketmaster confirms a rumored data breach from earlier in the year that saw records for its customers, including name, address, phone number, email address, order history and partial payment information, being offered for sale by hackers. Over 560 million customers are expected to be impacted. |
Ticketek | ticketek.com.au | 31/05/2024 | In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third party cloud-based platform. The following month, the data appeared for sale on a popular hacking forum and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords. |
OperationEndgame | 30/05/2024 | In May 2024, a coalition of international law enforcement agencies took down a series of botnets in a campaign they coined "Operation Endgame". Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims learn of their exposure. | |
TelegramCombolists | 28/05/2024 | In May 2024, 2B rows of data with 361M unique email addresses were collated from malicious Telegram channels. The data contained 122GB across 1.7k files with email addresses, usernames, passwords and in many cases, the website they were entered into. The data appears to have been sourced from a combination of existing combolists and info stealer malware. | |
pcTattletale | pctattletale.com | 25/05/2024 | In May 2024, the spyware service pcTattletale suffered a data breach that defaced the website and posted tens of gigabytes of data to the homepage, allegedly due to pcTattletale not responding to a previous security vulnerability report. The breach exposed data including membership records, infected PC names, captured messages and extensive logs of IP addresses and device information. |
Helsinki City Council | 13/05/2024 | Local government systems in the Finnish capital Helsinki have suffered a data breach after a hack targeted at their education systems. Students and guardians may have had their personal information stolen from the system by a threat actor who managed to find a way in via a remote access server. The hack is known to have occurred at the beginning of the month, but that information was only made public by city officials this week. | |
JP Morgan Chase | jpmorganchase.com | 10/05/2024 | The Maine District Attorney’s Office has been notified that almost half a million people banking with JPMorgan Chase could have had their personal information extracted from the company’s systems thanks to a software flaw dating back to 2021. Luckily, at present, there seems to be no evidence of foul play or the data being misused in any manner. It could, however, have been accessed by authorized parties associated or working with the bank at the time. |
Dell | dell.com | 09/05/2024 | Dell emails customers to inform that that their data may have been compromised after an attack on its customer portal. According to Dell, while no financial information was accessed, customers home addresses and order information may have been compromised. Data purportedly from the breach is being offered for sale on hacker forums, suggesting details of 49 million customers have been obtained. |
ThePostMillennial | thepostmillennial.com | 02/05/2024 | In May 2024, the conservative news website The Post Millennial suffered a data breach. The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens of thousands of subscribers to the site (name, email, username, phone and plain text password exposed), and tens of millions of email addresses from thousands of mailing lists alleged to have been used by The Post Millennial (this has not been independently verified). The mailing lists appear to be sourced from various campaigns not necessarily run by The Post Millennial and contain a variety of different personal attributes including name, phone and physical address (depending on the campaign). The data was subsequently posted to a popular hacking forum and extensively torrented. |
Dropbox #2 | dropbox.com | 01/05/2024 | Dropbox tells users that its Dropbox Sign service has been accessed by a threat actor, who was able to see data including email addresses, phone numbers, hashed passwords and multi factor authenticator details. Dropbox cloud customers are unaffected. |
Name | Website | Date | Details |