3,593 Total Breaches
408,873 Total Pastes
0 Breaches (30 days)
25,843 Pastes (30 days)

Breach Index

An aggregated list of data breaches in the BreachAware database
  Title Breach Date Description Credentials  
astropid.com AstroPID
Domain: astropid.com
December 2013 In December 2013, the vBulletin forum for the social engineering site known as "AstroPID" was breached and leaked publicly. The site provided tips on fraudulently obtaining goods and services, often by providing a legitimate "PID" or Product Information Description. The breach resulted in over 6,000 user accounts and over 220,000 private messages between forum members being exposed. 6,031 More Information
torrent-invites.com Torrent-Invites
Domain: torrent-invites.com
December 2013 In December 2013, the torrent site Torrent Invites was hacked and over 354,000 accounts were exposed. The vBulletin forum contained usernames, email and IP addresses, birth dates and salted MD5 hashes of passwords. 354,251 More Information
imesh.com iMesh
Domain: imesh.com
September 2013 In September 2013, the file sharing app iMesh was hacked, exposing almost 50 million unique accounts. Three years later the data appeared for sale on a darkweb marketplace and included email addresses, usernames, salted MD5 hashed passwords and IP addresses. In 2018, a huge collection of almost 40 million dehashed credentials from the iMesh breach appeared in a popular hacking forum, resulting in a subsequent influx of credential stuffing using these plaintext credential combinations. 49,467,475 More Information
win7vista.com Win7Vista Forum
Domain: win7vista.com
September 2013 In September 2013, the Win7Vista Windows forum (since renamed to the "Beyond Windows 9" forum) was hacked and later had its internal database dumped. The dump included over 200,000 members’ personal information and other internal data extracted from the forum. 203,717 More Information
badoo.com Badoo
Domain: badoo.com
June 2013 In June 2016, a data breach allegedly originating from the dating-focused social website Badoo was found to be circulating amongst traders. Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes. Whilst there are many indicators suggesting Badoo did indeed suffer a data breach, the legitimacy of the data could not be emphatically proven. 112,005,531 More Information
neopets.com Neopets
Domain: neopets.com
May 2013 In May 2016, a set of breached data originating from the virtual pet website "Neopets" was found being traded online. Allegedly hacked "several years earlier", the data contains sensitive personal information including birthdates, genders and names as well as over 35 million email addresses. Passwords were stored in plain text and IP addresses were also contained within the breach. 35,892,436 More Information
tumblr.com Tumblr
Domain: tumblr.com
February 2013 In early 2013, tumblr suffered a data breach which resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes. 65,469,298 More Information
yahoo.com Yahoo
Domain: yahoo.com
July 2012 In July 2012, Yahoo! had their online publishing service "Voices" compromised via a SQL injection attack. The breach resulted in the disclosure of nearly half a million usernames and passwords stored in plain text. The breach showed that of the compromised accounts, a staggering 59% of people who also had accounts in the Sony breach reused their passwords across both services. 453,428 More Information
androidforums.com Android Forums
Domain: androidforums.com
July 2012 In October 2011, the Android Forums website was hacked and 745k user accounts were subsequently leaked publicly. The compromised data included email addresses, user birthdays and passwords stored as a salted MD5 hash. 452,537 More Information
adobe.com Adobe
Domain: adobe.com
July 2012 In October 2013, ~153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced. 152,430,748 More Information
disqus.com Disqus
Domain: disqus.com
July 2012 In October 2017, the comment service Disqus publicly announced that they suffered a data breach. Forensics dated the original leak back to July 2012, however it surfaced several years later in mid 2017 and was widely traded within popular hacking forums. The breach contained over 17.5 million unique email addresses. The leak contained hashed passwords of users who registered directly with Disqus. For the users who registered with a social account, the leak contained references to the specific provider. 17,595,562 More Information
dropbox.com Dropbox
Domain: dropbox.com
July 2012 In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt). 68,648,009 More Information
linkedin.com LinkedIn
Domain: linkedin.com
May 2012 In May 2016, LinkedIn had ~164 million email addresses and passwords exposed online. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data. 164,611,595 More Information
last.fm Last.fm
Domain: last.fm
March 2012 In March 2012, the music website Last.fm was hacked and ~43 million user accounts were exposed. Whilst Last.fm knew of an incident back in 2012, the scale of the hack was not known until the data was released publicly in September 2016. The breach included ~37 million unique email addresses, usernames and passwords stored as unsalted MD5 hashes. 37,216,308 More Information
youporn.com YouPorn
Domain: youporn.com
February 2012 In February 2012, the adult website YouPorn had over 1.3M user accounts exposed in a data breach. The publicly released data included both email addresses and plain text passwords. 1,327,567 More Information

Data breaches containing monitored assets are prioritised for uploading into the system. Go PRO to add your organisation assets.

Latest Discoveries
Tuesday, 23-Jul-2019 13:40:51 UTC
3 minutes ago
Pastebin [TEXT] - GBBS6r57
Author: Hs9050
Title: Untitled
2 unique credentials found
Tuesday, 23-Jul-2019 13:37:08 UTC
7 minutes ago
Pastebin [TEXT] - csVHwEFV
Author: Anonymous
Title: Untitled
1 unique credential found
Tuesday, 23-Jul-2019 13:33:57 UTC
10 minutes ago
Pastebin [TEXT] - 8H0jU8Hc
Author: gibson1965
Title: Kedzierski.Mariusz.Niemczyk.Andrzej-Zawod.handlowiec.Skutecz
1 unique credential found
Tuesday, 23-Jul-2019 13:33:11 UTC
11 minutes ago
Pastebin [TEXT] - GfHV1HMb
Author: Anonymous
Title: Untitled
1 unique credential found
Tuesday, 23-Jul-2019 13:31:52 UTC
12 minutes ago
Pastebin [TEXT] - rJ2EqGRr
Author: Anonymous
Title: Untitled
2 unique credentials found
Tuesday, 23-Jul-2019 13:31:16 UTC
12 minutes ago
Pastebin [TEXT] - XKvYssmu
Author: gibson1965
Title: Ketchum.Jack-Straceni.czyt.R.Jarocinski
1 unique credential found
Tuesday, 23-Jul-2019 13:28:42 UTC
15 minutes ago
Pastebin [TEXT] - pVUMRgxk
Author: gibson1965
Title: Kern.Ludwik.Jerzy-Prosze.slonia.czyt.K.Gosztyla
1 unique credential found
Tuesday, 23-Jul-2019 13:28:34 UTC
15 minutes ago
Pastebin [TEXT] - KUBYuEcd
Author: Anonymous
Title: Untitled
6 unique credentials found
Tuesday, 23-Jul-2019 13:27:57 UTC
16 minutes ago
Pastebin [TEXT] - 23FpvNpr
Author: Anonymous
Title: Untitled
1 unique credential found
Tuesday, 23-Jul-2019 13:27:31 UTC
16 minutes ago
Pastebin [TEXT] - VkpH5KQq
Author: edison-avenue
Title: Edison Avenue Consulting LLC
1 unique credential found
Tuesday, 23-Jul-2019 13:23:27 UTC
20 minutes ago
Pastebin [TEXT] - YxfKrBT6
Author: Anonymous
Title: Untitled
1 unique credential found