A total of 6 breaches were found and analysed resulting in 1,033,545 leaked accounts containing a total of 13 different data types. The breaches found publicly and freely available included Disk Union, Unmined, Cyphoma, Bitmain and Xcoins. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A fraud protection site that offers a service that "Guaranteed fraud protection for e-commerce merchants" has had a data breach with a variety of credentials been dumped onto a hacking forum. The user, and possibly the hacker who dumped the file, commented on the terrible security of the server. Obviously, no one is safe, but maybe next time if you’re going to flog fraud protection, make sure your own security is up to date. Datasets include the payment method of the users along with their physical address and full names.

This next data breach is an interesting one. An artificial intelligence site based in the US was breached back in 2017. The company has a variety of offices around the world and has landed some large grants from big names in the industry. However, a member of the team picked up several files of their user-base which were doing the rounds on the unsavoury parts of the internet. A range of data types were present in the files. The most notable are tax information and email addresses. Not so intelligent after all?

The last data breach we’re going to talk about is from a French sailing and boating website. It's a small data leak, but experience tells us that the more important and slightly better off people use sites like this. Several years ago, there was a data leak from a yacht mooring company that ended up having some important celebrities and politicians within the data. It's leaks like this that could be great for OSINT work. The files contained email addresses, hashed SHA1 passwords, and IP addresses, in addition to the users' names and mobile phone numbers.