Travelio – 471,376 breached accounts
In November 2021, the Indonesian real estate website Travelio suffered a data breach that exposed over 470k customer accounts. The...
TroyHunt
Royal Enfield – 420,873 breached accounts
In January 2020, motorcycle maker Royal Enfield left a database publicly exposed that resulted in the inadvertent publication of over...
ZAP-Hosting – 746,682 breached accounts
In November 2021, web host ZAP-Hosting suffered a data breach that exposed over 60GB of data containing 746k unique email...
CDEK (unverified) – 19,218,203 breached accounts
In early 2022, a collective known as IT Army whose stated goal is to "completely de-anonymise most Russian users by...
Robinhood – 5,003,937 breached accounts
In November 2021, the online trading platform Robinhood suffered a data breach after a customer service representative was socially engineered....
MacGeneration – 101,004 breached accounts
In January 2022, the French Apple news website MacGeneration suffered a data breach. The incident exposed over 100k usernames, email...
NVIDIA – 71,335 breached accounts
In February 2022, microchip company NVIDIA suffered a data breach that exposed employee credentials and proprietary code. Impacted data included...
GiveSendGo – 89,966 breached accounts
In February 2022, the Christian fundraising service GiveSendGo suffered a data breach which exposed the personal data of 90k donors...
RedDoorz – 5,890,277 breached accounts
In September 2020, the hotel management & booking platform RedDoorz suffered a data breach that exposed over 5.8M user accounts....
BTC-Alpha – 362,426 breached accounts
In November 2021, the crypto exchange platform BTC-Alpha suffered a ransomware attack data breach after which customer data was publicly...
Open Subtitles – 6,783,158 breached accounts
In August 2021, the subtitling website Open Subtitles suffered a data breach and subsequent ransom demand. The breach exposed almost...
Upstox – 111,002 breached accounts
In April 2021, Indian brokerage firm Upstox suffered a data breach. The incident exposed extensive personal information on over 100k...
Aditya Birla Fashion and Retail – 5,470,063 breached accounts
In December 2021, Indian retailer Aditya Birla Fashion and Retail Ltd was breached and ransomed. The ransom demand was allegedly...
FlexBooker – 3,756,794 breached accounts
In December 2021, the online booking service FlexBooker suffered a data breach that exposed 3.7 million accounts. The data included...
DatPiff – 7,476,940 breached accounts
In late 2021, email address and plain text password pairs from the rap mixtape website DatPiff appeared for sale on...
RedLine Stealer – 441,657 breached accounts
In December 2021, logs from the RedLine Stealer malware were left publicly exposed and were then obtained by security researcher...
Protemps – 49,591 breached accounts
In October 2021, the Singaporean recruitment website Protemps suffered a data breach that exposed almost 50,000 unique email addresses. The...
Gravatar – 113,990,759 breached accounts
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for...
IDC Games – 3,966,871 breached accounts
In March 2021, 4 million records sourced from IDC Games were shared on a public hacking forum. The data included...
Ducks Unlimited – 1,324,364 breached accounts
In mid-2021, Risk Based Security reported on a database sourced from Ducks Unlimited being traded online. The data dated back...
ActMobile (unverified) – 1,583,193 breached accounts
In October 2021, security researcher Bob Diachenko discovered an exposed database he attributed to ActMobile, the operators of Dash VPN...
CoinMarketCap – 3,117,548 breached accounts
During October 2021, 3.1 million email addresses with accounts on the cryptocurrency market capitalisation website CoinMarketCap were discovered being traded...
Thingiverse – 228,102 breached accounts
In October 2021, a database backup taken from the 3D model sharing service Thingiverse began extensively circulating within the hacking...
Playbook – 50,538 breached accounts
In September 2021, a publicly accessible PostgresSQL database belonging to the Playbook service was identified. Run by VC firm Plug...
