'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
Truecaller, ToonDoo and others fall victim of data leaks.
15 August 2021BREACHAWARE HQ
A total of 38 breach events were found and analysed resulting in 40,402,675 exposed accounts containing a total of 18 different data types of personal datum . The breaches found publicly and freely available included Truecaller, ToonDoo, 2 Games, Stronghold Kingdoms and Shadi. Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact Data, Technical Data, Socia-Demographic Data, Financial Data, Special Category, Social Relationships Data, Behavioural Data, Transactional Data, Locational Data.
Data Breach Analysis
Truecaller, a widely used caller ID and spam-blocking app, has experienced data exposure events in the past. Given its integration with mobile contact lists, Truecaller data poses a high privacy risk, especially in regions where it is heavily used.ToonDoo, a comic-creation tool, was breached in a 2019 incident. Although not financial in nature, the breach still presents a significant risk due to password reuse.
2Games, a gaming portal, and Stronghold Kingdoms, an online medieval strategy games, are frequent breach targets due to their stored value and reuse of credentials across platforms.
Shadi, a matchmaking service, raises particular privacy concerns, as breaches in such platforms can expose sensitive personal and cultural data. Leaked data is not only sensitive but can also lead to reputational or personal harm if misused.
The variety of platforms and the breadth of personal data types make this batch of breaches particularly notable. The presence of detailed identifiers, behavioural data, and sensitive profile information increases the risk of targeted phishing, fraud, impersonation, and other forms of abuse.
Anyone who has ever used the affected services should assume their data may be at risk. Proactive steps include updating old passwords, enabling two-factor authentication, removing inactive accounts, and monitoring personal or financial accounts for unusual activity.
