Mobi Friends, Game Stop and others fall victim of data leaks.

A total of 6 breach events were found and analysed resulting in 5,496,941 exposed accounts containing a total of 4 different data types of personal datum . The breaches found publicly and freely available included Mobi Friends, Game Stop, Redmart Lazada, Cambridge University Press and Bell Tree Forums. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Data Breach Analysis

This group of breaches spans a broad digital landscape, from online dating (MobiFriends) and retail gaming (GameStop) to academic publishing (Cambridge University Press) and logistics-focused e-commerce (RedMart via Lazada). Also included is Bell Tree Forums, a community-oriented platform focused on gaming, particularly Animal Crossing.

This diversity underscores a key point about modern data breaches: sensitivity is contextual. Whether it’s an email address used for academic subscriptions or a password tied to a dating profile, leaked data rarely exists in a vacuum. Once it is publicly available, particularly in plain or lightly hashed formats, it becomes part of a growing digital mosaic that can be exploited by malicious actors in subtle, cumulative ways.

MobiFriends, a dating app primarily popular in Spanish-speaking regions, suffered a data breach that came to wider attention in 2020. The implications are profound. Dating apps represent a rich target for threat actors, not only because of the personal nature of the data, but also due to the increased likelihood of account reuse and embarrassment-based extortion. Users may fear reputational harm if their profiles are exposed, especially in regions where dating is still culturally sensitive.

GameStop, a well-known retailer of video games and electronics, faced multiple security concerns in recent years, including a reported data breach in which sensitive customer data was accessed via the company’s website. While this breach may have affected a relatively smaller subset of accounts within this collection, the data is still valuable.

GameStop’s ecosystem includes customer loyalty accounts, pre-orders, and promotional campaigns. A compromised account here can be used for fraudulent gift card redemption, reselling of preorder access, or impersonation in gaming communities where transactions for in-game content take place.

RedMart, a Singapore-based online grocery service, was acquired by Lazada, one of Southeast Asia’s largest e-commerce platforms. In 2020, RedMart was the target of a breach involving over 1.1 million user records.

Though the breach did not involve full credit card data, the availability of full names, addresses, and emails poses a clear phishing and delivery fraud risk. Attackers can pose as couriers or customer support agents, leveraging known personal details to enhance their legitimacy.

Additionally, exposed logistical data can assist in timing-based fraud e.g., knowing when someone expects a delivery and sending fake delay notices or package redirection links.

Cambridge University Press, a cornerstone of academic publishing, represents an unusual but valuable breach target. While this incident likely involved a smaller volume of accounts, the nature of academic systems, tied to institutional emails, research records, and access to paid content, makes even minor data leaks significant.

The threat here isn’t direct financial theft but rather credential-based pivoting into educational systems. Academic credentials are often used for journal access, internal repositories, and cloud tools like Google Workspace or Microsoft 365. A compromised university press login may lead attackers deeper into affiliated academic systems, particularly in under-secured institutions.

Bell Tree Forums is a niche but active online community focused on Animal Crossing and related games. Although this platform appears innocuous, the breach of any tight-knit digital forum introduces risks that transcend the immediate platform.

Beyond the standard credential reuse concerns, forums like Bell Tree often involve community-based currencies, direct messaging systems, and user-generated content. Attackers may attempt to exploit stolen credentials to impersonate trusted users, scam others, or manipulate virtual economies. Even in hobbyist spaces, reputation and digital items carry real value.

Four Data Types, Strategic Reach

With just foundational identifiers, attackers can:
- Run credential stuffing attacks across major services
- Initiate phishing or fraud campaigns with geographic targeting
- Piece together identity chains for synthetic identities or impersonation

The breadth of use cases for even four data types is extensive. The fact that this data is freely available heightens its utility, as it removes financial barriers to entry for threat actors of all skill levels.

Conclusion

Though the number of affected accounts, just under 5.5 million, is modest compared to some larger-scale leaks, this group of breaches exemplifies the richness of low-volume, multi-sector exposure. Whether it’s a dating profile, a grocery delivery address, or a university login, every piece of leaked data feeds into a growing global apparatus of identity exploitation.

The diversity of industries, from gaming and academia to beauty and e-commerce, also highlights how no sector is immune. And while these platforms serve vastly different user groups, their inclusion in a single breach dataset points to a flattened risk landscape, where everyone’s data is in play, all the time.