Evony, Fandango Media and others fall victim of data leaks.

A total of 8 breach events were found and analysed resulting in 29,335,334 exposed accounts containing a total of 5 different data types of personal datum . The breaches found publicly and freely available included Evony, Fandango Media, Linux Mint, Liker and DJ Chat. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Data Breach Analysis

The breaches affected services ranging from gaming and entertainment to operating system communities and social interaction platforms. The named organisations and services included in the exposed datasets were Evony, Fandango Media, Linux Mint, Liker, and DJ Chat.

Evony, known for its browser-based real-time strategy game, has a history stretching back to the late 2000s. The game, popular for its viral ads and freemium model, garnered a large player base over the years. Given the game’s use of in-game purchases and account progression, stolen credentials could be used to take over accounts with valuable virtual assets. In some cases, user-to-user communication and IP logs may also be present in the dataset, increasing the risk of targeted harassment or broader social engineering.

The gaming sector, especially older games like Evony, presents unique risks due to the combination of long-standing user databases and often outdated security infrastructure. Unlike modern games that frequently undergo audits and updates, older titles may retain legacy databases that have not been properly secured or decommissioned.

Fandango Media is a prominent American movie ticketing company and entertainment news platform. Its breach, depending on the scope and timeframe, could involve a significant number of data types.

Fandango's position as a media and commerce hybrid adds another layer of concern. Should data like location preferences (used to suggest nearby theatres) or past movie interests be tied to account credentials, it could allow malicious actors to build relatively accurate user profiles. This level of behavioural data is useful in designing more convincing scams or targeted advertising fraud. Furthermore, Fandango often integrates with external platforms like Google and Apple accounts for sign-ins, raising the risk of credential stuffing attacks on third-party services.

Linux Mint is a widely used open-source Linux distribution. While the project has a strong community and has made significant strides in user-focused security, there have been previous incidents linked to their infrastructure.

Although this type of data might appear less sensitive at first glance, users of Linux distributions are often tech-savvy individuals involved in development, system administration, or cybersecurity. The exposure of account credentials from such a community carries broader implications, particularly if reused passwords or identifiable email handles can be traced to other professional environments. It also introduces reputational risks to the open-source ecosystem, which relies heavily on trust and collaboration.

Liker, although less mainstream, appears to be a social media or engagement platform possibly involved in content interaction or ratings. The type of data, while generally more superficial, has been leveraged in the past to perform psychological profiling and influence campaigns. If messages or biographical data were included in the dump, the reputational damage could escalate.

The challenge with mid-sized or little-known platforms like Liker is that users often assume a low profile reduces their risk of data exposure. However, smaller platforms are frequently under-resourced in terms of cybersecurity, and may store user data with weak encryption or retain unnecessary logs. As such, when a breach does occur, it may be more severe than expected and remain unnoticed by the user base.

DJ Chat rounds out the list. It appears to be a niche social or community-driven platform, potentially for DJs or music enthusiasts. The nature of these communities fosters openness, and users may inadvertently disclose additional PII in bios or public posts.

Across all eight breaches, five distinct data types were exposed. One of the key patterns evident in this cluster of breaches is the mix of entertainment and community platforms, each with varied engagement models. This diversity reflects a broader reality: breaches are no longer confined to obvious high-value targets. Whether users are buying movie tickets, discussing open-source software, or engaging with niche online communities, the collection and storage of personal data create exposure surfaces that persist long after a user’s activity has ceased.

Another recurring issue is the persistence of legacy data. In many of these platforms, especially older or smaller ones, accounts may have remained dormant for years. Yet the data remains, stored often in poorly secured databases and forgotten until it is unearthed by a malicious actor or security researcher. As data storage costs decrease and regulatory pressures remain uneven, more platforms fall into this category.

The reputational risk is also notable. Even where financial damage may be minimal, affected platforms can suffer long-term trust erosion. Users who learn of a breach months or years after it occurs may be unwilling to return, and in the case of open-source or community-driven efforts, the damage can be more existential. In cases like Linux Mint, such incidents can fuel skepticism about the security of open-source projects, despite the broad contributions of their communities.

In total, these eight breaches add another significant volume to the growing tally of exposed personal data across the internet. While not every data type included poses immediate danger, the combination of account credentials, user behaviour, and platform-specific context offers fertile ground for exploitation across both automated and targeted attacks.