Kreditplus – 768,890 breached accounts
In June 2020, the Indonesian credit service Kreditplus suffered a data breach which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup, information on spouses, income and expenses, religions and...
TrueFire – 599,667 breached accounts
In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided...
집꾸미기 – 1,298,651 breached accounts
In March 2020, the Korean interior decoration website ???? (Decorating the House) suffered a data breach which impacted almost 1.3 million members. Served via the URL ggumim.co.kr, the exposed data included email addresses, names, usernames and phone numbers, all...
Vakinha – 4,775,203 breached accounts
In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which...
Havenly – 1,369,180 breached accounts
In June 2020, the interior design website Havenly suffered a data breach which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all...
Swvl – 4,195,918 breached accounts
In June 2020, the Egyptian bus operator Swvl suffered a data breach which impacted over 4 million members of the service. The exposed data included names, email addresses, phone numbers, profile photos and passwords stored as bcrypt hashes, all...
Appen – 5,888,405 breached accounts
In June 2020, the AI training data company Appen suffered a data breach exposing the details of almost 5.9 million users which were subsequently sold online. Included in the breach were names, email addresses and passwords stored as bcrypt...
Scentbird – 5,814,988 breached accounts
In June 2020, the online fragrance service Scentbird suffered a data breach that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of birth, passwords stored as bcrypt hashes and indicators...
Chatbooks – 2,520,441 breached accounts
In March 2020, the photo print service Chatbooks suffered a data breach which was subsequently put up for sale on a dark web marketplace. The breach contained 15 million user records with 2.5 million unique email addresses alongside names,...
Dunzo – 3,465,259 breached accounts
In approximately June 2019, the Indian delivery service Dunzo suffered a data breach. Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking...
Drizly – 2,479,044 breached accounts
In approximately July 2020, the US-based online alcohol delivery service Drizly suffered a data breach. The data was sold online before being extensively redistributed and contained 2.5 million unique email addresses alongside names, physical and IP addresses, phone numbers,...
Hurb – 20,727,771 breached accounts
In approximately March 2019, the online Brazilian travel agency Hurb (formerly Hotel Urbano) suffered a data breach. The data subsequently appeared online for download the following year and included over 20 million customer records with email and IP addresses,...
Dave – 2,964,182 breached accounts
In June 2020, the digital banking app Dave suffered a data breach which exposed 7.5 million rows of data and subsequently appeared for public download on a hacking forum. The breach exposed extensive personal information including almost 3 million...
Promo – 14,610,585 breached accounts
In July 2020, the self-proclaimed "World's #1 Marketing Video Maker" Promo suffered a data breach which was then shared extensively on a hacking forum. The incident exposed 22 million records containing almost 15 million unique email addresses alongside IP...
Wattpad – 268,765,495 breached accounts
In June 2020, the user-generated stories website Wattpad suffered a huge data breach that exposed almost 270 million records. The data was initially sold then published on a public hacking forum where it was broadly shared. The incident exposed...
New Spin on a Longtime DNS Intel Tool
Domain Name Service database service Farsight Security, the brainchild of DNS expert Paul Vixie, celebrates 10 years with new modern features.
6 Dangerous Defaults Attackers Love (and You Should Know)
Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.
GreyNoise Raises $4.8 Million in Seed Funding to Combat Alert Fatigue
GreyNoise Intelligence, a startup focused on helping security teams reduce alert fatigue, has raised nearly $5 million in seed investment to help the company expand its intelligence service that helps teams “prioritize alerts that matter by quieting ones that...
Tampa Teenager Accused in Twitter Hack Pleads Not Guilty
A Florida teen identified as the mastermind of a scheme that gained control of Twitter accounts of prominent politicians, celebrities and technology moguls pleaded not guilty on Tuesday to multiple counts of fraud.
read more
Google Patches Over 50 Vulnerabilities in Android With August 2020 Updates
Google on Monday announced the August 2020 security updates for the Android operating system, with patches for a total of more than 50 vulnerabilities.
read more
