Video game publisher based in the US suffered a data leak.

A total of 33 breach events were found and analysed resulting in 2,068,944 exposed accounts containing a total of 25 different data types of personal datum . The breaches found publicly and freely available included Kiwi Taxi [2], TaxNet USA, Athletics Federation of India, Stealer - Meta 0239 and B Tech. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Data Breach Analysis

Kiwi Taxi, appearing appearing for the second time, operates in the transportation industry, likely managing customer and driver data including contact details and travel histories. Such exposure can facilitate targeted fraud, stalking risks, or misuse of ride records, impacting both users and employees within the company.

TaxNet USA is a tax-related platform, dealing with highly sensitive financial and personal information like social security numbers, tax filings, and income details. A breach here puts individuals at a heightened risk of identity theft, tax fraud, and financial scams, while also presenting regulatory and reputational challenges for the company.

The Athletics Federation of India represents the sports administration sector, where leaked data may include athlete registrations, medical records, and internal communications. This can affect athlete privacy and expose organisational vulnerabilities to sabotage or reputational damage.

“Stealer - Meta 0239” indicates data aggregated from infostealer logs, likely capturing credentials and private user data from multiple sources. Such collections are often used in broad credential stuffing attacks, escalating risks across platforms linked to the stolen accounts.

B Tech, presumably an educational technology provider, may have exposed student and staff records, including enrolment data and academic performance. The impact extends to students’ privacy and potentially to institutional trust and compliance obligations.

Spotlight

A very well-known video game publisher based in the US suffered a leak via a service platform they use that is hosted by Microsoft. There’s not a huge amount of information surrounding exactly how the data was dumped online however the kinds of datasets compromised are great for threat actors to use for spear phishing campaigns.

Members of a well-known dark-web forum have requested or encouraged the data of high schools throughout the US to be leaked online via pupils or threat actors. So far a member of the team has come across a high school in the state of Maryland's data in circulation for free. For the moment, only email addresses and full names were exposed.

A delivery company out in the US that works closely with Amazon has seen a partially dumped SQL database appear online. The company supplies software that caters to such things as generating unique tracking numbers. So far, they have provided tracking for over 5 million parcels.

Smarter Privacy Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan