E-mail ended up despatched ahead of launch that contains passwords in basic textual content and the location authorized everyone to down load utility expenses without the need of enough authentication. Various methods of consumer data enumeration was attainable and phishing attacks started showing the working day right after start.
The data was sourced from their vBulletin forum and contained electronic mail and IP addresses, usernames and salted MD5 password hashes. The location was Formerly reported as compromised on the Vigilante.pw breached database Listing.
The Fly about the Wall In December 2017, the inventory current market news website The Fly about the Wall suffered a data breach. The data while in the breach integrated 84k exclusive email addresses together with invest in histories and credit card data.
RankWatch In about November 2016, the online search engine optimisation management firm RankWatch exposed a Mongo DB without password publicly whereupon their data was exfiltrated and posted to an internet forum. The data contained seven.four million exclusive electronic mail addresses along with names, employers, cellphone quantities and occupation titles in a very desk termed "us_emails".
In November 2015, the courting website Lovely Individuals was hacked and above 1.1M accounts had been leaked. The data was getting traded in underground circles and bundled a tremendous sum of private information related to courting.
xat In November 2015, the web chatroom referred to as "xat" was hacked and 6 million consumer accounts had been exposed. Utilised for a chat motor on Sites, the leaked data involved usernames, electronic mail and IP addresses together with hashed passwords.
Heroes of Newerth In December 2012, the multiplayer on line battle arena match generally known as Heroes of Newerth was hacked and in excess of eight million accounts extracted from the process. The compromised data provided usernames, e-mail addresses and passwords.
Although imgur saved passwords as SHA-256 hashes, the data in the breach contained plain textual content passwords suggesting that many of the initial hashes were cracked. imgur advises that they rolled above to bcrypt hashes in 2016.
The record was broadly circulated and utilized for "credential stuffing", that is certainly attackers make use of it within an try to recognize other on-line techniques exactly where the account owner had reused their password. For in depth qualifications on this incident, browse Password reuse, credential stuffing and A further billion records in Have I been pwned.
Various get-togethers contacted HIBP Along with the data after which MyFHA was alerted in mid-July and acknowledged the legitimacy in the breach then took the site offline.
The data belonged the Many SpyFone prospects and involved 44k unique e mail addresses, several likely belonging to persons the targeted phones experienced connection with.
As a result, the breach enabled specific usernames (which can be typically applied throughout other services) to get solved to cellular phone numbers which customers usually want to help keep non-public.
HLTV In June 2016, the "residence of competitive Counter Strike" Web page HLTV was hacked and 611k accounts have been exposed. The assault led to your exposure of names, usernames, email addresses and bcrypt hashes of passwords.
TruckersMP In February 2016, the online trucking https://wowitloveithaveit.com simulator mod TruckersMP experienced a data breach which exposed 84k user accounts. In a first for "Have I been pwned", the breached data was self-submitted specifically with the organisation that was breached itself.