Share this analysis

TeeSpring, Gate Hub and others fall victim of data leaks.

07 February 2021
BREACHAWARE HQ
TShirt

A total of 8 breach events were found and analysed resulting in 14,617,384 exposed accounts containing a total of 9 different data types of personal datum . The breaches found publicly and freely available included TeeSpring, Gate Hub, Mashable, DaniWeb and Paddy Power. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Categories of Personal Data Discovered

Contact Data, Technical Data, Socia-Demographic Data.

Data Breach Analysis

The data, publicly and freely accessible at the time of discovery, involved a total of nine different data types. The breached platforms varied widely in scope and purpose, including TeeSpring, GateHub, Mashable, DaniWeb, and Paddy Power.

TeeSpring, a popular e-commerce platform that allows creators to design and sell custom merchandise, was one of the compromised entities. As a user-driven service, TeeSpring holds a wide range of data from both creators and customers. Given that many creators on TeeSpring also link their social media profiles to drive sales, compromised TeeSpring credentials can serve as a jumping-off point for attackers to hijack associated Twitter, Instagram, or YouTube accounts.

The exposure of TeeSpring data also threatens the broader creator economy, where the blending of personal branding and monetisation makes online trust critical. A hijacked storefront could be used to scam buyers, launch phishing pages, or redirect traffic to malicious sites. Moreover, if internal creator revenue data was leaked, it could reveal sensitive insights into individual earnings and market strategies.

GateHub, a digital wallet and gateway for cryptocurrency, especially Ripple (XRP), presents a different risk category. Breaches involving crypto platforms often have immediate financial consequences. Cryptocurrency accounts present one of the highest-risk categories for exposed data. Even if the data released did not include private keys or direct wallet access, attackers can use email addresses and user behaviour patterns to socially engineer victims into giving up access. For example, phishing emails appearing to come from GateHub’s support team could exploit panic over the breach itself. Any misstep could lead to irreversible financial loss. The inclusion of GateHub in this breach dataset highlights once again the vulnerability of even crypto-native platforms that market themselves on trustlessness and decentralisation.

Mashable, an online media outlet focused on technology, digital culture, and entertainment, represents the media and publishing sector. While the direct impact of such a breach might seem lower compared to crypto wallets or financial accounts, media platforms are an important part of the digital trust ecosystem.

A compromised Mashable account could be used to comment or post under someone’s name, potentially damaging reputation or trust. Additionally, as a tech-savvy readership site, attackers may use this dataset to launch further phishing attacks tailored to people interested in technology trends, gadgets, or business innovation.

DaniWeb is an online tech community and forum for developers, IT professionals, and computer enthusiasts. The platform allows for Q&A discussions on coding issues, career advice, and technology troubleshooting. Developer forums are often overlooked targets, but they can be exceptionally rich for attackers. Many users share project links, personal websites, GitHub accounts, and workplace details in their forum signatures or posts.

An attacker who cross-references these details can build fairly accurate profiles of IT professionals, potentially using those profiles to access corporate infrastructure or perform identity impersonation in job-related contexts. Additionally, DaniWeb users may reuse passwords across other forums, development tools, or work systems. In aggregate, this data could also be used to feed into credential stuffing attacks aimed at DevOps platforms, version control systems, or cloud providers.

Paddy Power, the online betting and gambling company, represents the most regulated and financially sensitive sector among the breached entities. Gambling platforms handle not only user identity and financial transaction data but also behavioural data such as betting history, account balances, and personal preferences.

Users of gambling services may already be concerned about stigma or privacy. An exposure could lead to blackmail, targeted marketing by unlicensed betting operations, or account fraud if attackers are able to socially engineer customer support using the leaked data.

The presence of nine different data types across this collection of breaches significantly increases the potential for cross-platform identity profiling. This data can then be sold in underground markets, used to assemble identity graphs, or leveraged in targeted campaigns across email, SMS, and social media.

Notably, many of these platforms represent overlapping segments of internet usage. A single user could easily be a crypto investor on GateHub, a tee-shirt creator on TeeSpring, a reader of Mashable, and a contributor to DaniWeb. Each account on its own might not seem high risk, but together, they form a more complete picture of an individual's digital behaviour, identity, and vulnerabilities.

This data set also reflects the widening reach of breaches across sectors: from content platforms and forums to financial services and commerce. It’s no longer isolated to email providers or social networks. Every platform that requires an account login, whether to share code, order merchandise, place bets, or read articles, is a potential exposure point. These breaches remind us that the modern internet identity is spread thin across a multitude of services, each a possible weak link.

The breach analysis also underscores a pattern where mid-sized and niche platforms are increasingly the source of compromised data, rather than the tech giants that now often have more robust cybersecurity practices in place. These smaller platforms can lack the budget or awareness needed to implement modern protection mechanisms like salting passwords, enforcing two-factor authentication, or monitoring for credential stuffing attacks.

  • Key Stats
  • BREACH EVENTS
    0
  • EXPOSED ACCOUNTS
    0
  • EXPOSED DATUM TYPES
    0