'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
Diva Chix, Guangxi Brapin Tribute Tea Investment Co and others fall victim of data leaks.
20 February 2022BREACHAWARE HQ
A total of 20 breach events were found and analysed resulting in 1,172,427 exposed accounts containing a total of 13 different data types of personal datum . The breaches found publicly and freely available included Diva Chix, Guangxi Brapin Tribute Tea Investment Co., Ltd, GiveSendGo, Dalben and Veporno. Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact Data, Technical Data, Communications Data, Socia-Demographic Data, Usage Data, Financial Data.
Data Breach Analysis
Among the breached entities was Diva Chix, a virtual fashion and gaming community with a long-standing user base. Gaming and hobbyist communities, particularly those with active forums or legacy databases, are frequently targeted due to outdated security practices and persistent user engagement over long periods.Guangxi Brapin Tribute Tea Investment Co., Ltd, a lesser-known company involved in traditional Chinese investments, also appeared in the breach sample. The presence of such organisations underscores how business and regional portals with even modest digital footprints are susceptible to unauthorised data access, especially when hosted on less robust infrastructures or reliant on third-party development.
GiveSendGo, a Christian crowdfunding platform known for its association with politically or socially polarising campaigns, also appeared among the compromised services. The nature of platforms like these often involves sensitive payment and identity information tied to ideological affiliations, raising significant concerns about targeted exploitation or reputational harm for those involved.
Another breach included Dalben, a Brazilian supermarket chain, indicating that even regionally focused e-commerce or retail portals aren’t immune from intrusion, especially if they retain customer loyalty data, purchase histories, or account registration details in inadequately secured systems.
The final notable mention in this set is Veporno, an adult content platform. Breaches involving adult services often carry an outsized risk to affected users due to the sensitive nature of the content and the reputational exposure it can create. Such breaches may include usernames, email addresses, and other identifiers, posing not only privacy issues but also vectors for extortion or targeted phishing campaigns.
The total account count may appear modest in comparison to mega breaches, but the diversity and specificity of the impacted platforms make this cluster particularly notable. Each breach represents a distinct risk context, from users seeking anonymity to those tied to ideological or geographic identities. As such, security hygiene practices such as unique passwords per site, cautious use of personal identifiers, and regular monitoring of credential exposure remain crucial.
These findings continue to reinforce a core trend: no sector is immune from exposure, and even platforms with relatively low public profiles or niche user bases can be points of entry for broader digital harm.
