Total Database Credentials
8,672,558,392
   Total Databases Imported
200
   Number of Cleartext Passwords
6,007,534,452
  Number of Hashed Passwords
2,904,906,340

Leaked.Domains Database Summery by Year

Leaked.Domains Database Summery

Leaked Website / Service Leaked Info Site URL Year Leaked Email Count Cleartext Password Count Hashed Password Count Leak is Verified Leak is Sensitive Password Hash Type PII IP Address Category
000Webhost
More Info In approximately March 2015, the free web hosting provider 000webhost suffered a major data breach that exposed almost 15 million customer records. The data was sold and traded before 000webhost was alerted in October. The breach included names, email addresses and plain text passwords.
https://www.000webhost.com/ 2,015 15,083,886 15,064,004 262 NO NO Data exposed Cleartext Data exposed Data exposed Hosting
17.media
More Info In April 2016, customer data obtained from the streaming app known as "17" appeared listed for sale on a Tor hidden service marketplace. The data contained over 4 million unique email addresses along with IP addresses, usernames and passwords stored as unsalted MD5 hashes.
https://17.media 2,016 27,869,360 22,355,700 27,063,665 NO NO Data exposed MD5 --- Data exposed Social
17173.com
More Info In late 2011, a series of data breaches in China affected up to 100 million users, including 7.5 million from the gaming site known as 17173.
https://www.17173.com/ 2,011 9,601,698 9,598,760 9,601,698 NO NO Data exposed MD5 --- --- Social
212300.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.212300.com/ 2,012 710,696 --- 710,696 NO NO Data exposed MD5 --- Data exposed Various
2games.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.2games.com/ Unknown 3,427,004 3,426,944 --- NO NO Data exposed Cleartext --- --- Gaming
51cto.com
More Info In 2013, 51cto, a Chinese social media site was hacked and over 2 million accounts were leaked to the internet.
http://www.51cto.com/ 2,017 2,153,548 --- 2,153,548 NO NO Data exposed MD5 --- --- Social
51Wdata(KR)
More Info In 2017, a leak surfaced from an unknown site which contained sensitive data for Korean nationals including names, phone numbers, and Korean Social Security Numbers.
Compilation Data Unknown 510,151 510,148 --- NO NO Data exposed Cleartext Data exposed Data exposed unkn
52pk.com
More Info In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as 52pk. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains usernames, email addresses and cleartext passwords
http://www.52pk.com/ 2,011 15,528,926 15,527,580 --- NO NO Data exposed Cleartext --- --- Social
7k7k.com
More Info In approximately 2011, it's alleged that the Chinese gaming site known as 7k7k suffered a data breach that impacted 9.1 million subscribers. The data in the breach contains usernames, email addresses and plain text passwords.
http://www.7k7k.com/ 2,011 14,243,839 14,232,075 --- NO NO Data exposed MD5 --- --- Gaming
8fit.com
More Info In July 2018, the health and fitness service 8fit suffered a data breach. The data subsequently appeared for sale on a dark web marketplace in February 2019 and included over 15M unique email addresses alongside names, genders, IP addresses and passwords stored as bcrypt hashes.
https://8fit.com/ 2,018 12,427,667 68,879 12,427,667 NO NO Data exposed Bcrypt Data exposed Data exposed Health
8tracks.com
More Info In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts. In their disclosure, 8Tracks advised that "the vector for the attack was an employee’s GitHub account, which was not secured using two-factor authentication". Salted SHA-1 password hashes for users who didn't sign up with either Google or Facebook authentication were also included.
https://8tracks.com/ 2,017 17,966,126 --- 17,964,987 NO NO Data exposed SHA1 --- --- Streaming
Adobe.com
More Info In October 2013, 153 million Adobe accounts were breached with each containing an internal ID, username, email, encrypted password and a password hint in plain text. The password cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints also disclosed much about the passwords adding further to the risk that hundreds of millions of Adobe customers already faced.
https://www.adobe.com/ 2,013 152,463,136 --- 129,805,424 NO NO Data exposed 3DES --- --- Software
AdultFriendFinder
More Info In October 2016, the adult entertainment company Friend Finder Networks suffered a massive data breach. The incident impacted multiple separate online assets owned by the company, the largest of which was the Adult FriendFinder website alleged to be "the world's largest sex & swinger community". Exposed data included usernames, passwords stored as SHA-1 hashes and 170 million unique email addresses. This incident is separate to the 2015 data breach Adult FriendFinder also suffered.
https://secure.adultfriendfinder.com/ 2,016 219,950,221 --- 119,195,497 NO YES Data exposed SHA1 --- --- Dating
AhaShare.com
More Info In May 2013, the torrent site AhaShare.com suffered a breach which resulted in more than 180k user accounts being published publicly. The breach included a raft of personal information on registered users plus despite assertions of not distributing personally identifiable information, the site also leaked the IP addresses used by the registered identities.
https://www.ahashare.com 2,013 192,522 178,733 180,435 NO NO Data exposed MD5 Data exposed Data exposed Torrents
Aipai.com
More Info In September 2016, data allegedly obtained from the Chinese gaming website known as Aipai.com and containing 6.5M accounts was leaked online. The data in the breach contains email addresses and MD5 password hashes.
http://www.aipai.com/ 2,011 7,378,151 7,238,353 7,378,151 NO NO Data exposed MD5 --- --- Gaming
AndroidForums.com
More Info In October 2011, the Android Forums website was hacked and 745k user accounts were subsequently leaked publicly. The compromised data included email addresses, user birth dates and passwords stored as a salted MD5 hash.
https://androidforums.com/ 2,011 742,289 641,673 742,289 NO NO Data exposed VBulletin Data exposed Data exposed Social
Animoto.com
More Info In July 2018, the cloud-based video making service Animoto suffered a data breach. The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes.
https://animoto.com/ 2,018 22,427,909 13,646,157 22,427,909 NO NO Data exposed SHA256 Data exposed --- Video Editing
ArmorGames.com
More Info In January 2019, the game portal website website Armor Games suffered a data breach. A total of 10.6 million email addresses were impacted by the breach which also exposed usernames, IP addresses, birthdays of administrator accounts and passwords stored as salted SHA-1 hashes.
https://armorgames.com/ 2,019 10,778,390 7,692,279 10,695,501 NO NO Data exposed SHA1 Data exposed Data exposed Gaming
Aruon.com
More Info In 2015, a database claiming to be from the Korean gaming site Aruon.com was leaked online. The site appears to be offline since 2013.
http://www.aruon.com/ 2,013 146,044 146,043 --- NO NO Data exposed Cleartext Data exposed --- Gaming
AshleyMadison.com
More Info In July 2015, the infidelity website Ashley Madison suffered a serious data breach. The attackers threatened Ashley Madison with the full disclosure of the breach unless the service was shut down. One month later, the database was dumped including more than 30M unique email addresses. This breach has been classed as "sensitive" and is not publicly searchable, although individuals may discover if they've been impacted by registering for notifications. Read about this approach in detail.
https://www.ashleymadison.com/ 2,015 36,380,999 15,928,625 36,376,839 NO YES Data exposed Bcrypt Data exposed --- Dating
Aternos.org
More Info In December 2015, the service for creating and running free Minecraft servers known as Aternos suffered a data breach that impacted 1.4 million subscribers. The data included usernames, email and IP addresses and hashed passwords.
https://aternos.org/ 2,017 1,241,044 860,034 1,241,044 NO NO Data exposed MD5/Cleartext --- Data exposed Gaming
Badoo.com
More Info In June 2016, a data breach allegedly originating from the social website Badoo was found to be circulating amongst traders. Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes.
https://badoo.com/ 2,013 125,357,878 124,673,864 125,357,878 NO YES Data exposed MD5 Data exposed --- Dating
Baihe.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.baihe.com/ Unknown 10,708,480 10,484,407 10,708,480 NO YES Data exposed MD5 Data exposed --- Dating
BearPawshop.com
More Info In 2017, a database backup from a Korean market site was discovered online.
http://www.bearpawshop.com/ Unknown 96,757 96,163 --- NO NO Data exposed MySql4.1 --- --- Market
BinWeevils.com
More Info In September 2014, the online game Bin Weevils suffered a data breach. net indicated that a more extensive set of personal attributes were impacted (comments there also suggest the data may have come from a later breach). Data matching that pattern was later provided to Have I been pwned by @akshayindia6 and included almost 1.3m unique email addresses, genders, ages and plain text passwords.
https://www.binweevils.com/ 2,017 6,968,952 --- 6,968,951 NO NO Data exposed PeopleSoft(UID) Data exposed Data exposed Gaming
Bit.ly
More Info In May 2014, the link management company Bitly announced they'd suffered a data breach. The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.
https://bitly.com/ 2,014 9,313,997 --- 7,540,214 NO NO Data exposed Bcrypt/MD5 --- --- Linking
Bit2Visitor.com
More Info Very little is known about this leak other than it came from Bit2Visitor.com, a now defunct Bitcoin related site.
http://bit2visitor.com/ Unknown 21,491 20,930 --- NO NO Data exposed Cleartext --- --- Referral
Bitcoin Sec
More Info In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum. ru addresses.
http://btcsec.com/ 2,014 10,617,937 10,614,097 --- NO NO Data exposed Cleartext --- --- Forum
BitcoinTalk.org
More Info In May 2015, the Bitcoin forum Bitcoin Talk was hacked and over 500k unique email addresses were exposed. The attack led to the exposure of a raft of personal data including usernames, email and IP addresses, genders, birth dates, security questions and MD5 hashes of their answers plus hashes of the passwords themselves.
https://bitcointalk.org/ 2,015 77,915 77,848 --- NO NO Data exposed Cleartext Data exposed Data exposed Forum
BitcoinTrading.com
More Info In 2017, a leak appeared from an inactive Bitcoin trading community/forum.
http://bitcointrading.com 2,017 554 554 --- NO NO Data exposed Cleartext --- Data exposed Forum
BitLeak.net
More Info Very little is known about this leak other than it came from BitLeak.net, a now defunct Bitcoin related site.
http://www.bitleak.net/ 2,014 1,293 1,293 --- NO NO Data exposed Cleartext --- Data exposed Forum
BitsCircle.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://bitcircle.com/ 2,016 19,041 18,989 --- NO NO Data exposed Cleartext --- --- Forum
Bizbilla.com
More Info In 2017, a leak from Bizbilla.com surfaced on the clear net. Originally with passwords in MD5 format, they were quickly cracked, and a plaintext version began circling.
https://www.bizbilla.com/ Unknown 174,284 168,791 --- NO NO Data exposed Cleartext --- --- Market
BlankMediaGames.com
More Info In December 2018, the Town of Salem website produced by BlankMediaGames suffered a data breach. The data contained 7.6M unique user email addresses alongside usernames, IP addresses, purchase histories and passwords stored as phpass hashes.
https://www.blankmediagames.com/ 2,018 7,775,056 2,955,602 7,775,056 NO NO Data exposed Phpbb3md5 --- Data exposed Gaming
Bobmunsa.co.kr
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.bobmunsa.co.kr/ Unknown 41,123 --- 41,123 NO NO Data exposed SHA1 --- --- Market
Btc60.net
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://btc60.net/ Unknown 52,179 52,140 --- NO NO Data exposed Cleartext --- --- Forum
ButterFlyLabs.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://butterflylabs.com 2,015 18,185 18,180 --- NO NO Data exposed Cleartext --- --- Market
Cannabis.com
More Info In February 2014, the vBulletin forum for the Marijuana site cannabis.com was breached and leaked publicly.
http://boards.cannabis.com/ 2,014 227,740 210,273 227,740 NO NO Data exposed VBulletin Data exposed Data exposed Social
Canva.com
More Info In May 2019, the graphic design tool website Canva suffered a data breach that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords stored as bcrypt hashes for users not using social logins.
https://www.canva.com/ 2,019 137,490,076 --- --- NO NO Data exposed Bcrypt Data exposed --- Design
CashCrate.com
More Info In June 2017, news broke that CashCrate had suffered a data breach exposing 6.8 million records. The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.
https://www.cashcrate.com/ 2,018 6,869,019 2,224,831 4,643,663 NO NO Data exposed Cleartext Data exposed Data exposed Social
CDProjektRed.com
More Info In March 2016, Polish game developer CD Projekt RED suffered a data breach. The hack of their forum led to the exposure of almost 1.9 million accounts along with usernames, email addresses and salted SHA1 passwords.
https://en.cdprojektred.com/ 2,016 1,871,467 623,992 1,871,467 NO NO Data exposed MD5 --- --- Gaming
Cfire.mail.ru
More Info In August 2016, the Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.
https://cfire.mail.ru/ 2,016 12,881,731 8,943,004 12,881,731 NO NO Data exposed MD5 --- --- Social
Chanti.se
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.chanti.se/ Unknown 93,113 85,821 --- NO NO Data exposed Cleartext --- --- Market
Cheat-master.net
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://cheat-master.net Unknown 2,027,072 2,026,749 --- NO NO Data exposed Cleartext --- --- Gaming
Chegg.com
More Info In April 2018, the textbook rental service Chegg suffered a data breach that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes.
https://www.chegg.com/ 2,018 39,795,446 29,868,681 39,473,960 NO NO Data exposed MD5 Data exposed --- Rental
ClassicKorea.co.kr
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.classickorea.co.kr/ 2,019 472,438 464,023 472,438 NO NO Data exposed MD2 --- --- Music
ClixSense.com
More Info In September 2016, the paid-to-click site ClixSense suffered a data breach which exposed 2.4 million subscriber identities. The breached data was then posted online by the attackers who claimed it was a subset of a larger data breach totalling 6.6 million records. The leaked data was extensive and included names, physical, email and IP addresses, genders and birth dates, account balances and passwords stored as plain text.
https://www.clixsense.com/ 2,016 2,222,508 2,221,417 --- NO NO Data exposed Cleartext Data exposed Data exposed Surveys
CompDB
More Info This is a compliation of numerous untitled email:password leaks including giant lists like Colletion #1-#5, Breach Comp, Exploit.In, Anti Public, etc... Note: This list does not include data from many of the most popular free email services. If your org uses a free email service, contact us for a more detailed search.
Compilation Data 2,019 3,655,966,717 3,655,966,717 --- NO NO Data exposed Cleartext --- --- Comp
CouponMom.com
More Info In 2014, a file allegedly containing data hacked from Coupon Mom was created and included 11 million email addresses and plain text passwords. On further investigation, the file was also found to contain data indicating it had been sourced from Armor Games.
https://www.couponmom.com/ 2,014 11,032,684 11,031,205 --- NO NO Data exposed Cleartext --- --- Social
CSDN.net
More Info One of the biggest programming communities in China, leaked 6M user data. A text file with 6M CSDN user info: user name, password, emails, all in clear text, was found on the internet.
https://www.csdn.net/ 2,011 6,427,814 6,423,045 295 NO NO Data exposed Cleartext --- --- News
DailyMotion
More Info In October 2016, the video sharing platform Dailymotion suffered a data breach. The attack led to the exposure of more than 85 million user accounts and included email addresses, usernames and bcrypt hashes of passwords.
https://www.dailymotion.com/ 2,016 85,198,342 823,537 16,146,026 NO NO Data exposed Bcrypt --- --- Entertainment
Daniweb.com
More Info In late 2015, the technology and social site DaniWeb suffered a data breach. The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords. However, DaniWeb have advised that "the breached password hashes and salts are incorrect" and that they have since switched to new infrastructure and software.
https://www.daniweb.com/ 2,015 1,130,749 592,156 1,130,600 NO NO Data exposed MD5 --- Data exposed Technology
ddo.com
More Info In April 2013, the interactive video game Dungeons & Dragons Online suffered a data breach that exposed almost 1.6M players' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.
http://ddo.com/ 2,016 1,645,214 1,496,956 1,645,214 NO NO Data exposed MD5 Data exposed Data exposed Gaming
Desura.com
More Info In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as Desura. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and cleartext passwords
http://www.desura.com/ 2,018 1,146,788 1,144,919 --- NO NO Data exposed Cleartext --- --- Games
DFB.de
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.dfb.de/ 2,016 2,946,178 2,945,788 --- NO NO Data exposed Cleartext --- --- Sports
Diet.com
More Info In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary information about the site members including eating habits, BMI and birth date. The site was previously reported as compromised on the Vigilante.pw breached database directory.
https://www.diet.com/ 2,014 1,305,298 1,260,424 36 NO NO Data exposed Cleartext Data exposed Data exposed Health
Disqus.com
More Info In October 2017, the blog commenting service Disqus announced they'd suffered a data breach. The breach dated back to July 2012 but wasn't identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.
https://disqus.com/ 2,012 18,256,322 4,840,393 6,075,360 NO NO Data exposed SHA1 --- --- Social
DLH.net
More Info In July 2016, the gaming news site DLH.net suffered a data breach which exposed 3.3M subscriber identities. Along with the keys used to redeem and activate games on the Steam platform, the breach also resulted in the exposure of email addresses, birth dates and salted MD5 password hashes. The data was donated to Have I been pwned by data breach monitoring service Vigilante.pw.
https://www.dlh.net/ 2,016 3,231,237 3,159,872 3,230,626 NO NO Data exposed SHA1/MD5 Data exposed --- Gaming
Dodonew.com
More Info In late 2011, data was allegedly obtained from the Chinese website known as Dodonew.com and contained 8.7M accounts. The data in the breach contains email addresses and user names.
http://dodonew.com/ 2,011 16,044,055 16,026,949 --- NO NO --- Cleartext --- --- Software
DragonNest.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://us.dragonnest.com/ 2,013 3,143,905 478,065 --- NO NO Data exposed Cleartext Data exposed Data exposed Gaming
Dropbox
More Info In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
https://www.dropbox.com/ 2,016 68,679,913 5,999,707 68,676,267 NO NO Data exposed BCrypt/SHA1 --- --- File Sharing
Dubsmash.com
More Info In December 2018, the video messaging service Dubsmash suffered a data breach. The incident exposed 162 million unique email addresses alongside usernames and PBKDF2 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
https://dubsmash.com/ 2,018 161,540,830 15,138,634 161,540,830 NO NO Data exposed SHA256/Cleartext Data exposed --- Social/Video
Edmodo.com
More Info In May 2017, the education platform Edmodo was hacked resulting in the exposure of 77 million records comprised of over 43 million unique customer email addresses. The data was consequently published to a popular hacking forum and made freely available. The records in the breach included usernames, email addresses and bcrypt hashes of passwords.
https://www.edmodo.com/ 2,017 76,025,976 --- 74,612,305 NO NO Data exposed Bcrypt --- --- Education
Elle.co.kr
More Info In 2018, a leak from the Korean fashion site Elle.co.kr was discovered and contained a lot of personally identifiable information.
http://www.elle.co.kr/ 2,010 187,393 187,379 --- NO NO Data exposed Cleartext Data exposed --- Blog
EloBuddy.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://elobuddy.net/ 2,016 177,355 --- 177,355 NO NO Data exposed VBulletin --- Data exposed Gaming
Email2Name
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Compilation Data 2,017 64,474,140 --- --- NO NO --- None Data exposed --- SpamList
EuroNics.it
More Info In early 2018, a large dataset consisting of over 1400 individual databases was found online. This leak contained a file named lavoraconnoi.euronics.it.txt consisting of email addresses and a combination of hashed and plaintext passwords. While the validity of this breach cannot be confirmed, many of the accounts had not been seen in previous data breaches.
https://www.euronics.it/ Unknown 438,585 437,593 --- NO NO Data exposed Cleartext --- --- Market
Evony
More Info In June 2016, the online multiplayer game Evony was hacked and over 29 million unique accounts were exposed. The attack led to the exposure of usernames, email and IP addresses and MD5 hashes of passwords (without salt).
https://www.evony.com/ 2,016 29,468,248 28,559,542 14,353,413 NO NO Data exposed MD5/Cleartext --- Data exposed Game
Eyeem.com
More Info In February 2018, photography website EyeEm suffered a data breach. The breach was identified among a collection of other large incidents and exposed almost 20M unique email addresses, names, usernames, bios and password hashes.
https://www.eyeem.com/ 2,018 17,680,303 3,340,680 11,328,968 NO NO Data exposed SHA1 Data exposed --- Photography
Fashionfantasygame.com
More Info In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I been pwned courtesy of rip@creep.im.
http://www.fashionfantasygame.com/ 2,016 2,498,594 2,496,297 --- NO NO Data exposed Cleartext --- --- Gaming
FashionPlus.co.kr
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.fashionplus.co.kr/ 2,017 661,694 661,658 --- NO NO Data exposed Cleartext Data exposed --- Market
FlashFlashRevolution.com
More Info In February 2016, the music-based rhythm game known as Flash Flash Revolution was hacked and 1.8M accounts were exposed. Along with email and IP addresses, the vBulletin forum also exposed salted MD5 password hashes.
http://www.flashflashrevolution.com/ 2,019 2,005,436 1,808,996 2,005,154 NO NO Data exposed MD5 --- --- Gaming
Fling.com
More Info In 2011, the self-proclaimed "World's Best Adult Social Network" website known as Fling was hacked and more than 40 million accounts obtained by the attacker. The breached data included highly sensitive personal attributes such as sexual orientation and sexual interests as well as email addresses and passwords stored in plain text.
https://www.fling.com/ 2,011 40,768,982 40,767,268 40,768,919 NO YES Data exposed Cleartext Data exposed Data exposed Dating
Forbes.com
More Info In February 2014, the Forbes website succumbed to an attack that leaked over 1 million user accounts. The attack was attributed to the Syrian Electronic Army, allegedly as retribution for a perceived "Hate of Syria". The attack not only leaked user credentials, but also resulted in the posting of fake news stories to forbes.com.
https://www.forbes.com/ 2,014 1,071,954 272,631 1,071,954 NO NO Data exposed MD5 --- --- News
Forex-Investor.net
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://forex-investor.net/ Unknown 42,743 42,737 --- NO NO Data exposed Cleartext --- --- Software
FotoBoom.com
More Info In early 2018, a large dataset consisting of over 1400 individual databases was found online. This leak contained a file named www.fotoboom.com.txt consisting of email addresses and a combination of hashed and plaintext passwords. While the validity of this breach cannot be confirmed, many of the accounts had not been seen in previous data breaches.
https://www.fotoboom.com/ 2,017 86,369 86,232 --- NO NO Data exposed Cleartext --- --- Market
FrancoBordo.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.francobordo.com/ Unknown 7,145 7,145 --- NO NO Data exposed Cleartext --- --- Market
FutureShop.co.uk
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.futureshop.co.uk/ 2,017 13,897 13,897 --- NO NO Data exposed Cleartext --- --- Market
Gaadi.com
More Info In May 2015, the Indian motoring website known as Gaadi had 4.3 million records exposed in a data breach. The data contained usernames, email and IP addresses, genders, the city of users as well as passwords stored in both plain text and as MD5 hashes.
https://www.gaadi.com/ 2,015 4,379,949 4,379,697 4,379,949 NO NO Data exposed MD5 Data exposed Data exposed Forum
Game-Tuts.com
More Info Likely in early 2015, the video game website GameTuts suffered a data breach and over 2 million user accounts were exposed. The site later shut down in July 2016 but was identified as having been hosted on a vBulletin forum. The exposed data included usernames, email and IP addresses and salted MD5 hashes.
https://game-tuts.com/ 2,016 2,243,788 1,122,415 2,243,788 NO NO Data exposed VBulletin --- Data exposed Gaming
Gamerzplanet.net
More Info In approximately October 2015, the online gaming forum known as Gamerzplanet was hacked and more than 1.2M accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.
http://www.gamerzplanet.net 2,015 1,215,113 1,039,304 1,215,113 NO NO Data exposed MD5 --- Data exposed Gaming
Gamevn.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://forum.gamevn.com/ 2,016 1,372,866 1,169,848 1,372,866 NO NO Data exposed MD5 --- Data exposed Gaming
Gamigo.com
More Info In March 2012, the German online game publisher Gamigo was hacked and more than 8 million accounts publicly leaked. The breach included email addresses and passwords stored as weak MD5 hashes with no salt.
https://en.gamigo.com/ 2,016 8,222,941 8,222,182 --- NO NO Data exposed MD5 --- --- Gaming
Gfan.com
More Info In October 2016, data surfaced that was allegedly obtained from the Chinese website known as GFAN and contained 22.5M accounts.
http://www.gfan.com/ 2,016 22,623,724 10,441,972 22,623,724 NO NO Data exposed MD5 --- Data exposed Gaming
Gigasize.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.gigasize.com/ Unknown 1,900,660 1,896,386 --- NO NO Data exposed Cleartext --- --- File Share
Gomo.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.gomo.com/ 2,018 51,426,767 --- 51,426,210 NO NO Data exposed Bcrypt Data exposed --- Gaming
GPotato.com
More Info In July 2007, the multiplayer game portal known as gPotato (link to archive of the site at that time) suffered a data breach and over 2 million user accounts were exposed. The site later merged into the Webzen portal where the original accounts still exist today. The exposed data included usernames, email and IP addresses, MD5 hashes and personal attributes such as gender, birth date, physical address and security questions and answers stored in plain text.
http://www.gpotato.com/ 2,007 2,146,901 2,001,063 2,146,900 NO NO Data exposed MD5 Data exposed Data exposed Gaming
Groupon.co.id
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.groupon.co.id/ 2,015 766,599 766,477 --- NO NO Data exposed Cleartext --- --- Social
Habbo.st
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://habbo.st/ 2,014 270,963 258,661 --- NO NO Data exposed Cleartext --- --- Gaming
Hacker.co.kr
More Info In early 2010, the popular computer hardware market Hacker.co.kr was breached. Its not known who was the responsible party that leaked the stolen database. Due to its age and the fact that the site no longer exists, its not possible to verify the data.
http://www.hacker.co.kr/ 2,010 1,396,793 1,395,956 --- NO NO Data exposed Cleartext --- --- Market
Hautelook.com
More Info In mid-2018, the fashion shopping site HauteLook was among a raft of sites that were breached and their data then sold in early-2019. The data included over 28 million unique email addresses alongside names, genders, dates of birth and passwords stored as bcrypt hashes.
https://www.hautelook.com/ 2,018 6,511,612 6,510,774 --- NO NO Data exposed Cleartext --- --- Shopping
HiAPK.com
More Info In approximately 2014, it's alleged that the Chinese Android store known as HIAPK suffered a data breach that impacted 13.8 million unique subscribers. The data in the breach contains usernames, email addresses and salted MD5 password hashes
http://www.hiapk.com/ 2,014 14,833,436 10,249,204 14,833,436 NO NO Data exposed VBulletin --- --- Technology
Houdao.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://houdao.com/ 2,011 28,604,984 28,526,300 --- NO NO Data exposed Cleartext --- --- Gaming
HSX.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.hsx.com/ 2,017 238,197 238,137 --- NO NO Data exposed Cleartext --- --- Gambling
ht.co.kr
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.ht.co.kr/ 2,010 526,584 526,583 --- NO NO Data exposed Cleartext Data exposed --- unkn
i-Dressup.com
More Info In June 2016, the teen social site known as i-Dressup was hacked and over 2 million user accounts were exposed. At the time the hack was reported, the i-Dressup operators were not contactable and the underlying SQL injection flaw remained open, allegedly exposing a total of 5.5 million accounts. The breach included email addresses and passwords stored in plain text.
http://www.i-dressup.com/ 2,016 2,205,863 2,205,535 --- NO NO Data exposed Cleartext --- --- Social
icross.co.kr
More Info In early 2018, a large dataset consisting of over 1400 individual databases was found online. This leak contained a file named lifetip.icross.co.kr.txt consisting of email addresses and a combination of hashed and plaintext passwords. While the validity of this breach cannot be confirmed, many of the accounts had not been seen in previous data breaches.
http://www.icross.co.kr/ 2,017 1,146,133 1,059,567 1,065,741 NO NO Data exposed MD5 --- --- Forum
iMesh.com
More Info In September 2013, the media and file sharing client known as iMesh was hacked and approximately 50M accounts were exposed. The data was later put up for sale on a dark market website in mid-2016 and included email and IP addresses, usernames and salted MD5 hashes.
http://imesh.com 2,013 51,310,675 44,021,654 51,310,675 NO NO Data exposed MD5 --- Data exposed Music
Imgur.com
More Info In September 2013, the online image sharing community imgur suffered a data breach. A selection of the data containing 1.7 million email addresses and passwords surfaced more than 4 years later in November 2017. Although imgur stored passwords as SHA-256 hashes, the data in the breach contained plain text passwords suggesting that many of the original hashes had been cracked. imgur advises that they rolled over to bcrypt hashes in 2016.
https://imgur.com/ 2,013 1,752,885 1,752,799 --- NO NO Data exposed Cleartext --- --- Hosting
InterPals.net
More Info In late 2015, the online penpal site InterPals had their website hacked and 3.4 million accounts exposed. The compromised data included email addresses, geographical locations, birthdates and salted hashes of passwords.
https://www.interpals.net/ 2,015 3,450,214 2,088,906 3,284,089 NO NO Data exposed MD5 Data exposed --- Social
JapanCombo
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Compilation Data 2,017 14,797,059 14,785,281 --- NO NO Data exposed Cleartext --- --- Comp
JobStreet.com
More Info In October 2017, the Malaysian website lowyat.net ran a story on a massive set of breached data affecting millions of Malaysians after someone posted it for sale on their forums. The data spanned multiple separate breaches including the JobStreet jobs website which contained almost 4 million unique email addresses. The dates in the breach indicate the incident occurred in March 2012. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers includ
https://www.jobstreet.com/ 2,017 3,880,985 --- 3,880,985 NO NO Data exposed Unkn Data exposed Data exposed Employment
kickstarter.com
More Info In February 2014, the crowdfunding platform Kickstarter announced they'd suffered a data breach. The breach contained almost 5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.
https://www.kickstarter.com/ 2,014 5,175,100 1,153,777 4,402,036 NO NO Data exposed SHA1 --- --- Social
Klerk.ru
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.klerk.ru/ 2,014 151,204 151,167 --- NO NO Data exposed Cleartext --- --- Financial
Last.fm
More Info In March 2012, the music website Last.fm was hacked and 43 million user accounts were exposed. fm knew of an incident back in 2012, the scale of the hack was not known until the data was released publicly in September 2016. The breach included 37 million unique email addresses, usernames and passwords stored as unsalted MD5 hashes.
https://www.last.fm/ 2,012 43,568,954 43,157,444 43,567,234 NO NO Data exposed MD5 --- --- Music
LBSG
More Info In January 2016, the Minecraft community known as Lifeboat was hacked and more than 7 million accounts leaked. Lifeboat knew of the incident for three months before the breach was made public but elected not to advise customers. The leaked data included usernames, email addresses and passwords stored as straight MD5 hashes.
https://forums.lbsg.net/ 2,016 11,869,755 11,465,371 11,869,159 NO NO Data exposed MD5 --- --- Gaming
Leet.cc
More Info In August 2016, the service for creating and running Pocket Minecraft edition servers known as Leet was reported as having suffered a data breach that impacted 6 million subscribers. The incident reported by Softpedia had allegedly taken place earlier in the year contained only 2 million subscribers. The data included usernames, email and IP addresses and SHA512 hashes.
https://leet.cc/ 2,016 6,083,442 2,360,134 6,083,441 NO NO Data exposed SHA512 --- Data exposed Gaming - Minecraft
LinkedIn
More Info In May 2016, LinkedIn had 164 million email addresses and passwords exposed. Originally hacked in 2012, the data remained out of sight until being offered for sale on a dark market site 4 years later. The passwords in the breach were stored as SHA1 hashes without salt, the vast majority of which were quickly cracked in the days following the release of the data.
https://www.linkedin.com/ 2,012 160,132,580 110,854,439 112,172,297 NO NO Data exposed SHA1 --- --- Social
Lotro.com
More Info In August 2013, the interactive video game Lord of the Rings Online suffered a data breach that exposed over 1.1M players' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.
https://www.lotro.com/ 2,013 1,353,686 1,025,846 1,253,020 NO NO Data exposed MD5 Data exposed Data exposed Gaming
LuminPDF.com
More Info In April 2019, the PDF management service Lumin PDF suffered a data breach. The breach wasn't publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a MongoDB instance after which Lumin PDF was allegedly been "contacted multiple times, but ignored all the queries". The exposed data included names, email addresses, genders, spoken language and either a bcrypt password hash or Google auth token.
https://www.luminpdf.com/ 2,019 15,458,399 --- 15,458,399 NO NO Data exposed Bcrypt --- --- PDF
MagazineDee.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.magazinedee.com/ 2,017 107,718 107,588 --- NO NO Data exposed Cleartext --- --- Magazine
MangaFox.me
More Info In approximately July 2016, the manga website known as mangafox.me suffered a data breach. The vBulletin based forum exposed 1.3 million accounts including usernames, email and IP addresses, dates of birth and salted MD5 password hashes.
http://www.mangafox.me/ 2,016 1,311,320 437,360 1,311,320 NO NO Data exposed VBulletin Data exposed Data exposed Manga
Mate1.com
More Info In February 2016, the dating site mate1.com suffered a huge data breach resulting in the disclosure of over 27 million subscribers' information. The data included deeply personal information about their private lives including drug and alcohol habits, incomes levels and sexual fetishes as well as passwords stored in plain text.
https://www.mate1.com/ 2,016 27,402,292 27,141,332 --- NO YES Data exposed Cleartext Data exposed --- Dating
MindaCorporation.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.mindacorporation.com/ Unknown 47,843 47,592 --- NO NO Data exposed Cleartext --- --- unkn
MisterTao.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://www.mistertao.com/ 2,016 158,204 158,159 --- NO NO Data exposed Cleartext --- --- Market
MMGP.ru
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://mmgp.ru/ Unknown 108,540 108,536 --- NO NO Data exposed Cleartext --- --- Forum
ModbSolutions.com
More Info In October 2016, a large Mongo DB file containing tens of millions of accounts was shared publicly on Twitter (the file has since been removed). The database contained over 58M unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of birth and phone numbers. The data was subsequently attributed to "Modern Business Solutions", a company that provides data storage and database hosting solutions. They've yet to acknowledge the incident or explain how they came to be
http://modbsolutions.com 2,016 58,840,276 --- --- NO NO --- None Data exposed Data exposed Data Management
MoneyBookers.com
More Info Sometime in 2009, the e-wallet service known as Money Bookers suffered a data breach which exposed almost 4.5M customers. Now called Skrill, the breach was not discovered until October 2015 and included names, email addresses, home addresses and IP addresses.
http://moneybookers.com 2,009 1,799,385 1,791,363 --- NO NO --- Cleartext Data exposed Data exposed Finance
Mop.com
More Info In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as Mop. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and cleartext passwords
http://www.mop.com/ 2,011 2,639,649 2,631,996 --- NO NO Data exposed Cleartext --- --- Social
Morele.net
More Info In October 2018, the Polish e-commerce website Morele.net suffered a data breach. The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes.
https://www.morele.net/ 2,018 2,471,156 624,047 2,470,143 NO NO Data exposed Md5crypt Data exposed --- Video Editing
MPGH
More Info In October 2015, the multiplayer game hacking website MPGH was hacked and 3.1 million user accounts disclosed. The vBulletin forum breach contained usernames, email addresses, IP addresses and salted hashes of passwords.
https://www.mpgh.net/ 2,015 3,119,276 499,424 3,119,276 NO NO Data exposed VBulletin --- Data exposed Gaming
MtGox.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.mtgox.com/ 2,011 12,022 12,020 --- NO NO Data exposed Cleartext --- --- Finance
Muzhiwan.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.muzhiwan.com/ 2,016 4,494,560 2,721,173 4,494,560 NO NO Data exposed MD5 --- --- Gaming
MyFitnessPal.com
More Info In February 2018, the diet and exercise service MyFitnessPal suffered a data breach. The incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords stored as SHA-1 and bcrypt hashes (the former for earlier accounts, the latter for newer accounts). In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
https://www.myfitnesspal.com/ 2,018 143,440,534 46,367,208 --- NO NO Data exposed Cleartext --- Data exposed Fitness
Myheritage.com
More Info In October 2017, the genealogy website MyHeritage suffered a data breach. The incident was reported 7 months later after a security researcher discovered the data and contacted MyHeritage. In total, more than 92M customer records were exposed and included email addresses and salted SHA-1 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
https://www.myheritage.com/ 2,017 78,716,040 76,148,635 21,719,055 NO NO Data exposed Cleartext --- --- Genealogy
MySpace
More Info In approximately 2008, MySpace suffered a data breach that exposed almost 360 million accounts. In May 2016 the data was offered up for sale on the "Real Deal" dark market website and included email addresses, usernames and SHA1 hashes of the first 10 characters of the password converted to lowercase and stored without a salt. The exact breach date is unknown, but analysis of the data suggests it was 8 years before being made public.
https://myspace.com/ 2,008 359,158,679 299,925,530 358,722,618 NO NO Data exposed SHA1 --- --- Social
Neopets.com
More Info In May 2016, a set of breached data originating from the virtual pet website "Neopets" was found being traded online. Allegedly hacked "several years earlier", the data contains sensitive personal information including birthdates, genders and names as well as almost 27 million unique email addresses. Passwords were stored in plain text and IP addresses were also present in the breach.
http://www.neopets.com/ 2,013 68,520,846 68,319,599 --- NO NO Data exposed Cleartext Data exposed Data exposed Gaming
NetEase
More Info In October 2015, the Chinese site known as NetEase (located at 163.com) was reported as having suffered a data breach that impacted hundreds of millions of subscribers. The data in the breach contains email addresses and plain text passwords.
https://www.163.com/ 2,015 275,148,302 266,733,185 11,389,138 NO NO Data exposed Cleartext --- --- Social
Neteller.com
More Info In May 2010, the e-wallet service known as Neteller suffered a data breach which exposed over 3.6M customers. The breach was not discovered until October 2015 and included names, email addresses, home addresses and account balances.
https://www.neteller.com/ 2,010 2,000,085 1,997,015 --- NO NO --- Cleartext Data exposed Data exposed Finance
Nexusmods.com
More Info In December 2015, the game modding site Nexus Mods released a statement notifying users that they had been hacked. They subsequently dated the hack as having occurred in July 2013 although there is evidence to suggest the data was being traded months in advance of that. The breach contained usernames, email addresses and passwords stored as a salted hashes.
https://www.nexusmods.com/ 2,013 5,920,068 4,990,675 5,918,559 NO NO Data exposed MD5 --- Data exposed Forum
Nihonomaru.net
More Info In late 2015, the anime community known as Nihonomaru had their vBulletin forum hacked and 1.7 million accounts exposed. The compromised data included email and IP addresses, usernames and salted hashes of passwords.
http://www.nihonomaru.net/ 2,015 1,698,077 1,497,470 1,698,077 NO NO Data exposed VBulletin --- Data exposed Anime
Nulled.Io
More Info In May 2016, the cracking community forum known as Nulled was hacked and 599k user accounts were leaked publicly. The compromised data included email and IP addresses, weak salted MD5 password hashes and hundreds of thousands of private messages between members.
https://www.nulled.to/ 2,016 599,067 465,452 599,067 NO NO Data exposed VBulletin Data exposed Data exposed Forum
Pconline.com.cn
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.pconline.com.cn/ 2,011 5,385,949 5,380,312 --- NO NO Data exposed Cleartext --- --- PC News
Poshmark.com
More Info In mid-2018, social commerce marketplace Poshmark suffered a data breach that exposed 36M user accounts. The compromised data included email addresses, names, usernames, genders, locations and passwords stored as bcrypt hashes.
https://poshmark.com/ 2,018 13,904,069 --- 13,515,926 NO NO Data exposed Bcrypt Data exposed --- Market
Promo.com
More Info In July 2020, the self-proclaimed "World's #1 Marketing Video Maker" Promo suffered a data breach which was then shared extensively on a hacking forum. The incident exposed 22 million records containing almost 15 million unique email addresses alongside IP addresses, genders, names and salted SHA-256 password hashes.
https://promo.com/ 2,020 2,643,854 --- 2,643,853 NO NO Data exposed SHA256 Data exposed Data exposed Marketing
PubPit.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
http://pubpit.com/ Unknown 51,457 51,361 --- NO NO Data exposed Cleartext --- --- unkn
QuantShare.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.quantshare.com/ 2,017 23,032 23,010 --- NO NO Data exposed Cleartext --- --- Software
R2games.com
More Info In late 2015, the gaming website R2Games was hacked and more than 2.1M personal records disclosed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked. A further 11M accounts were added to "Have I been pwned" in March 2016 and another 9M in July 2016 bringing the total to over 22M.
https://www.r2games.com/ 2,015 22,662,608 6,717,230 11,756,781 NO NO Data exposed VBulletin --- Data exposed Gaming
Readnovel.com
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.readnovel.com/ Unknown 17,915,746 17,543,129 17,915,746 NO NO Data exposed MD5 --- --- Novels
Renren.com
More Info In December 2011 a database breach affecting renren.com leaked 4.7 million user records including email addresses and plaintext passwords.
http://renren.com/ 2,012 4,555,094 4,517,390 --- NO NO Data exposed Cleartext --- --- Social
Shadi.com
More Info In 2016 Shadi.com's Database was breached containing 2 million of their users information containing private information about their sexual lives or fantasies along with their addresses, names and email/passwords.
https://www.shadi.com/ 2,016 2,024,280 2,021,567 1,667,001 NO YES Data exposed Cleartext Data exposed --- Dating
Sharethis.com
More Info In July 2018, the social bookmarking and sharing service ShareThis suffered a data breach. The incident exposed 41 million unique email addresses alongside names and in some cases, dates of birth and password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
https://sharethis.com/ 2,018 40,991,747 1,895,598 31,281,712 NO NO Data exposed DES Data exposed --- Social
Shein.com
More Info In June 2018, online fashion retailer SHEIN suffered a data breach. The company discovered the breach 2 months later in August then disclosed the incident another month after that. A total of 39 million unique email addresses were found in the breach alongside MD5 password hashes.
https://www.shein.com 2,018 28,063,039 27,772,165 --- NO NO Data exposed Cleartext --- --- Shopping
SmartHem.se
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://smarthem.se/ Unknown 53,985 53,966 --- NO NO Data exposed Cleartext --- --- Market
StockX.com
More Info In July 2019, the fashion and sneaker trading platform StockX suffered a data breach which was subsequently sold via a dark webmarketplace. The exposed data included 6.8 million unique email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes.
https://stockx.com/ 2,019 6,846,482 2,512,194 6,846,341 NO NO Data exposed MD5 Data exposed --- Trading
Stratfor.com
More Info In December 2011, "Anonymous" attacked the global intelligence company known as "Stratfor" and consequently disclosed a veritable treasure trove of data including hundreds of gigabytes of email and tens of thousands of credit card details which were promptly used by the attackers to make charitable donations (among other uses). The breach also included 860,000 user accounts complete with email address, time zone, some internal system data and MD5 hashed passwords with no salt.
https://www.stratfor.com/ 2,011 858,345 807,477 858,345 NO NO Data exposed VBulletin Data exposed --- Forum
SubaGames.com
More Info In September 2016, SubaGames.com was hacked and 3,494,889 Users' account data was breached. The passwords in this database are in salted(hex) vB hashes.
https://subagames.com/ 2,016 3,478,212 3,458,536 3,478,212 NO NO Data exposed VBulletin --- --- Gaming
TabakPfeife24.de
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.tabakpfeife24.de/ Unknown 43,582 23,811 --- NO NO Data exposed Cleartext --- --- Market
Taobao.com
More Info In approximately 2012, it's alleged that the Chinese shopping site known as Taobao suffered a data breach that impacted over 21 million subscribers. The data in the breach contains email addresses and plain text passwords.
https://www.taobao.com/ 2,012 14,785,530 14,785,145 --- NO NO Data exposed Cleartext --- --- Shopping
taringa.net
More Info In September 2017, news broke that Taringa had suffered a data breach exposing 28 million records. Known as "The Latin American Reddit", Taringa's breach disclosure notice indicated the incident dated back to August that year. The exposed data included usernames, email addresses and weak MD5 hashes of passwords.
https://www.taringa.net 2,017 28,224,558 26,892,568 27,730,234 NO NO Data exposed MD5 --- --- Social
TGBUS.com
More Info In approximately 2017, it's alleged that the Chinese gaming site known as TGBUS suffered a data breach that impacted over 10 million unique subscribers.
https://www.tgbus.com/ 2,014 12,052,683 8,570,133 12,052,683 NO NO Data exposed VBulletin --- --- Gaming
Tianya.cn
More Info In December 2011, China's largest online forum known as Tianya was hacked and tens of millions of accounts were obtained by the attacker. The leaked data included names, usernames and email addresses.
http://www.tianya.cn/ 2,011 29,550,626 29,508,273 --- NO NO --- Cleartext Data exposed --- Forum
TintenProfi.ch
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://www.tintenprofi.ch/ Unknown 90,148 90,133 --- NO NO Data exposed Cleartext --- --- Market
Tumblr
More Info In early 2013, tumblr suffered a data breach which resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.
https://www.tumblr.com/ 2,013 73,358,059 --- 73,358,059 NO NO Data exposed SHA1 --- --- Social
Twitter
More Info This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
https://twitter.com/ Unknown 40,389,892 40,119,980 --- NO NO Data exposed Cleartext --- --- Social
Uuu9.com
More Info In September 2016, data was allegedly obtained from the Chinese website known as uuu9.com and contained 7.5M accounts. The data in the breach contains email addresses and user names.
http://www.uuu9.com/ 2,011 9,691,178 9,690,868 9,691,178 NO NO Data exposed Cleartext --- --- Gaming
VK
More Info In approximately 2012, the Russian social media site known as VK was hacked and almost 100 million accounts were exposed. The data emerged in June 2016 where it was being sold via a dark market website and included names, phone numbers email addresses and plain text passwords.
https://vk.com/ 2,013 100,253,796 94,484,661 2 NO NO Data exposed Cleartext Data exposed --- Social
Wanelo
More Info In approximately December 2018, the digital mall Wanelo suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in April 2019. A total of 23 million unique email addresses were included in the breach alongside passwords stored as either MD5 or bcrypt hashes.
https://wanelo.com/ 2,018 23,180,862 --- 23,180,566 NO NO Data exposed MD5/Bcrypt Data exposed Data exposed Shopping
Wattpad
More Info In June 2020, the user-generated stories website Wattpad suffered a huge data breach that exposed almost 270 million records. The data was initially sold then published on a public hacking forum where it was broadly shared. The incident exposed extensive personal information including names and usernames, email and IP addresses, genders, birth dates and passwords stored as bcrypt hashes.
https://www.wattpad.com/ 2,020 256,574,339 --- 183,722,337 NO NO Data exposed Bcrypt Data exposed Data exposed Social
WeHeartIt.com
More Info In November 2013, the image-based social network We Heart It suffered a data breach. The data contained user names, email addresses and password hashes, 80% of which were salted SHA-256 with the remainder being MD5 with no salt.
https://weheartit.com/ 2,013 8,604,711 2,694,536 8,604,711 NO NO Data exposed MD5/SHA1 --- --- Social
Weibo.com
More Info In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as Weibo. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and cleartext passwords
https://www.weibo.com/ 2,011 4,505,911 4,501,475 --- NO NO Data exposed Cleartext --- --- Social
Wishbone
More Info In August 2016, the mobile app to "compare anything" known as Wishbone suffered a data breach. The data contained 9.4 million records with 2.2 million unique email addresses and was allegedly a subset of the complete data set. The exposed data included genders, birthdates, email addresses and phone numbers for an audience predominantly composed of teenagers and young adults.
https://wishbone.io/ 2,016 40,295,195 --- 10,667,577 NO NO Data exposed None Data exposed Data exposed Social
Xat.com
More Info In November 2015, the online chatroom known as "xat" was hacked and 6 million user accounts were exposed. Used as a chat engine on websites, the leaked data included usernames, email and IP addresses along with hashed passwords.
https://www.xat.com/ 2,015 5,937,341 --- 5,937,341 NO NO Data exposed Crc32 --- Data exposed Chatting
Youku
More Info In late 2016, the online Chinese video service Youku suffered a data breach. The incident exposed 92 million unique user accounts and corresponding MD5 password hashes. The data was contributed to Have I been pwned courtesy of rip@creep.im.
https://www.youku.com/ 2,016 97,466,235 94,042,273 97,435,061 NO NO Data exposed MD5 --- --- Streaming
Zing.vn
More Info In April 2018, news broke of a massive data breach impacting the Vietnamese company known as VNG after data was discovered being traded on a popular hacking forum where it was extensively redistributed. The breach dated back to an incident in May of 2015 and included of over 163 million customers. The data in the breach contained a wide range of personal attributes including usernames, birth dates, genders and home addresses along with unsalted MD5 hashes and 25 million unique email addresses.
https://news.zing.vn/ 2,018 163,323,012 160,557,570 163,323,005 NO NO Data exposed MD5 Data exposed Data exposed Social
Zomato.com
More Info In May 2017, the restaurant guide website Zomato was hacked resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts).
https://www.zomato.com/ 2,017 16,474,465 --- 6,623,955 NO NO Data exposed MD5 --- --- Guide
Zoosk
More Info In approximately 2011, an alleged breach of the dating website Zoosk began circulating. Comprised of almost 53 million records, the data contained email addresses and plain text passwords. However, during extensive verification in May 2016 no evidence could be found that the data was indeed sourced from the dating service. This breach has consequently been flagged as fabricated; it's highly unlikely the data was sourced from Zoosk.
https://www.zoosk.com/ 2,011 55,471,885 9,569,370 55,471,743 NO YES Data exposed MD5 --- --- Dating
Jefit.com
More Info Jefit is a workout and fitness tracking software that had its vBulletin based forum compromised in January 2017; as per result accounts of 2,892,644 users were stolen and now being sold on the Dark Web. Multiple versions of this leak were available. This version contained only emails and cleartext passwords. Other data leaked in other versions include user id, username, emails, hashed passwords, and IP address for over 4.6 million users.
https://www.jefit.com/ 2,017 2,892,644 2,892,644 --- NO NO Data exposed Cleartext --- --- Fitness
NitroPDF
More Info In September 2020, the Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses. The breach also exposed names, bcrypt password hashes and the titles of converted documents.
https://www.gonitro.com/ 2,020 77,102,259 --- 18,070,947 NO NO Data exposed Bcrypt Data exposed --- Service
CompDB2
More Info This is a compilation of numerous untitled email:password leaks. This leak, originally labeled "CompilationOfManyBreaches" or COMB, was cleaned up, parsed, and imported into Leaked.Domains. Only email:password combinations that did not already exists in the original CompDB are included here. COMB line count is in excess of 3.2 billion lines. A little over 82 million were not already in CompDB and are included here.
Compilation Data 2,021 82,432,587 82,432,587 --- NO NO Data exposed Cleartext --- --- Comp
StoryBird
More Info In August 2015, the storytelling service StoryBird suffered a data breach exposing 4 million records with 1 million unique email addresses. Impacted data also included names, usernames and passwords stored as SHA1 and PBKDF2 hashes.
https://storybird.com/ 2,021 1,200,872 --- 1,200,872 NO NO Data exposed SHA1/PBKDF2 Data exposed --- Social
Sitepoint.com
More Info In late December 2020, a database claiming to be from learnable.com (which currently redirects to sitepoint.com) was discovered being sold on hacker forums. Sitepoint confirmed the hack in early February 2021 claiming the breach happened by a third-party and non-sensitive customer data was accessed.
https://www.sitepoint.com/ 2,020 877,629 --- 877,628 NO NO Data exposed BCrypt Data exposed Data exposed Social
pixlr.com
More Info In October 2020, the online photo editing application Pixlr suffered a data breach exposing 1.9 million subscribers. Impacted data included names, email addresses, social media profiles, the country signed up from and passwords stored as SHA-512 hashes
https://pixlr.com/ 2,020 1,911,087 --- 451,703 NO NO Data exposed SHA512 Data exposed --- Photography
bookmate.com
More Info In mid-2018, the social ebook subscription service Bookmate was among a raft of sites that were breached and their data then sold in early-2019. The data included almost 4 million unique email addresses alongside names, genders, dates of birth and passwords stored as salted SHA-512 hashes.
https://bookmate.com/ 2,018 8,026,860 --- 5,639,208 NO NO Data exposed SHA512 Data exposed --- Shopping
집꾸미기
More Info In March 2020, the Korean interior decoration website 집꾸미기 (Decorating the House) suffered a data breach which impacted almost 1.3 million members. Served via the URL ggumim.co.kr, the exposed data included email addresses, names, usernames and phone numbers, all of which was subsequently shared extensively throughout online hacking communities.
https://www.ggumim.co.kr/ 2,020 2,325,540 14,193 298,750 NO NO Data exposed MySQL Data exposed --- Interior
Evite.com
More Info In April 2019, the social planning website for managing online invitations Evite identified a data breach of their systems. Upon investigation, they found unauthorized access to a database archive dating back to 2013. The exposed data included a total of 101 million unique email addresses, most belonging to recipients of invitations. Members of the service also had names, phone numbers, physical addresses, dates of birth, genders and passwords stored in plain text exposed.
https://www.evite.com/ 2,013 98,289,932 11,369,085 --- NO NO Data exposed Cleartext Data exposed --- Social
Livejournal.com
More Info In mid-2019, news broke of an alleged LiveJournal data breach. This followed multiple reports of credential abuse against Dreamwidth beginning in 2018, a fork of LiveJournal with a significant crossover in user base. The breach allegedly dates back to 2017 and contains 26M unique usernames and email addresses (both of which have been confirmed to exist on LiveJournal) alongside plain text passwords. An archive of the data was subsequently shared on a popular hacking forum in May 2020 and redistributed broadly.
https://www.livejournal.com/ 2,017 33,712,483 32,923,400 --- NO NO Data exposed Cleartext --- --- Journal
AnimalJam.com
More Info In October 2020, the online game for kids Animal Jam suffered a data breach which was subsequently shared through online hacking communities the following month. The data contained 46 million user accounts with over 7 million unique email addresses. Impacted data also included usernames, IP addresses and for some records, dates of birth (sometimes in partial form), physical addresses, parent names and passwords stored as PBKDF2 hashes.
https://www.animaljam.com/ 2,020 7,088,713 --- 3,214,433 NO NO Data exposed PBKDF2 Data exposed Data exposed Gaming
DuelingNetwork
More Info In March 2017, the Flash game based on the Yu-Gi-Oh trading card game Dueling Network suffered a data breach. The site itself was taken offline in 2016 due to a cease-and-desist order but the forum remained online for another year. The data breach exposed usernames, IP and email addresses and passwords stored as MD5 hashes.
http://duelingnetwork.com/ 2,017 6,487,198 6,368,873 6,487,198 NO NO Data exposed MD5 --- Data exposed Gaming
Rooter.io
More Info Data from gaming and e-sports community Rooter was found online. The data contained compromised email addresses, passwords, mobile phone numbers, names and usernames. The exact date of the breach remains unknown and the validity of the data has not been verified.
https://web.rootersports.com/ 2,021 1,062,335 --- 1,062,335 NO NO Data exposed BCrypt Data exposed --- Gaming
Wongnai.com
More Info In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service, Wongnai. The breach exposed almost 4M unique customer records from some time during 2020 along with names, phone numbers, links to social media profiles and passwords stored as MD5 hashes.
https://www.wongnai.com/ 2,020 4,298,301 --- 4,298,301 NO NO Data exposed MD5 Data exposed Data exposed Services
123rf.com
More Info In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes.
https://www.123rf.com/ 2,020 8,606,949 371 8,526,403 NO NO Data exposed MD5 Data exposed Data exposed Photography
Eatigo.com
More Info
https://eatigo.com/ 2,020 2,765,689 --- 1,461,715 NO NO Data exposed MD5 Data exposed --- Services
Reddoorz.com
More Info
https://www.reddoorz.com/ 2,020 5,892,843 --- 4,959,810 NO NO Data exposed BCrypt Data exposed --- Hotel
Tokopedia.com
More Info In April 2020, Indonesia's largest online store Tokopedia suffered a data breach. The incident resulted in over 76M rows of data being posted to a popular hacking forum. In total, the data included over 71M unique email addresses alongside names, genders, birth dates and passwords stored as SHA2-384 hashes.
https://www.tokopedia.com/ 2,020 91,174,112 --- 53,397,539 NO NO Data exposed SHA2-384 Data exposed --- Shopping
Chatbooks.com
More Info In March 2020, the photo print service Chatbooks suffered a data breach which was subsequently put up for sale on a dark web marketplace. The breach contained 15 million user records with 2.5 million unique email addresses alongside names, phone numbers, social media profiles and salted SHA-512 password hashes.
https://chatbooks.com/ 2,020 2,521,441 --- 2,485,503 NO NO Data exposed SHA512 Data exposed --- Photography
Minted.com
More Info In May 2020, the online marketplace for independent artists Minted suffered a data breach that exposed 4.4M unique customer records subsequently sold on a dark web marketplace. Exposed data also included names, physical addresses, phone numbers and passwords stored as bcrypt hashes.
https://www.minted.com/ 2,020 4,343,511 --- 4,343,511 NO NO Data exposed BCrypt Data exposed --- Market
MyRepoSpace.com
More Info In July 2015, the Cydia repository known as myRepoSpace was hacked and user data leaked publicly. Cydia is designed to facilitate the installation of apps on jailbroken iOS devices. The repository service was allegedly hacked by @its_not_herpes and 0x8badfl00d in retaliation for the service refusing to remove pirated tweaks.
https://myrepospace.com/ 2,015 252,907 --- 226,328 NO NO Data exposed MD5 --- Data exposed Software
Goninja.de
More Info In December 2019, the German online multiplayer game Go Ninja was allegedly breached. The stolen data contains usernames, IPs, passwords, salts, email addresses and additional personal information. This breach is being privately shared on the internet.
http://ninja.goninja.de/ 2,019 4,999,905 --- 4,999,905 NO NO Data exposed MD5 --- Data exposed Gaming
Zynga.com
More Info In September 2019, game developer Zynga suffered a data breach. The incident exposed 173M unique email addresses alongside usernames and passwords stored as salted SHA-1 hashes.
https://www.zynga.com/ 2,019 159,227,531 35,242,085 61,432,846 NO NO Data exposed MD5 Data exposed --- Gaming
JD.com
More Info In 2013 (exact date unknown), the Chinese e-commerce service JD suffered a data breach that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as SHA-1 hashes.
https://global.jd.com/ 2,013 87,706,265 6,975,285 87,706,265 NO NO Data exposed SHA1 Data exposed --- Shopping
BigBasket.com
More Info In October 2020, the Indian grocery platform bigbasket suffered a data breach that exposed over 20 million customer records. The data was originally sold before being leaked publicly in April the following year and included email, IP and physical addresses, names, phones numbers, dates of birth passwords stored as Django(SHA-1) hashes.
https://www.bigbasket.com/ 2,020 21,450,278 --- 21,449,000 NO NO Data exposed SHA1 Data exposed Data exposed Shopping
Clearvoicesurveys.com
More Info In April 2021, the market research surveys company ClearVoice Surveys had a publicly facing database backup from 2015 taken and redistributed on a popular hacking forum. The data included 16M unique email addresses, names, physical and IP addresses, genders, dates of birth and plain text passwords. ClearVoice Surveys advised they were aware of the breach and confirmed its authenticity.
https://www.clearvoicesurveys.com/ 2,021 16,056,140 12,578,692 --- NO NO Data exposed Cleartext Data exposed Data exposed Surveys
Exodus.com
More Info More information coming soon.
https://www.exodus.com/ 2,021 2,992,451 --- 2,992,451 NO NO Data exposed MD5 Data exposed --- Crypto
Gamess.co.kr
More Info More information coming soon!
https://gamess.co.kr/ 2,011 1,922,210 1,922,210 --- NO NO Data exposed Cleartext Data exposed --- Games
Geniusu.com
More Info In November 2020, a collection of data breaches were made public including the "Entrepreneur Success Platform", GeniusU. Dating back to the previous month, the data included 1.3M names, email and IP addresses, genders, links to social media profiles and passwords stored as bcrypt hashes.
https://www.geniusu.com/ 2,020 1,300,946 --- 1,159,741 NO NO Data exposed BCrypt Data exposed Data exposed Education
Glofox.com
More Info In March 2020, the Irish gym management software company Glofox suffered a data breach which exposed 2.3M membership records. The data included email addresses, names, phone numbers, genders, dates of birth and passwords stored as unsalted MD5 hashes.
https://www.glofox.com/ 2,020 2,562,065 --- 1,609,744 NO NO Data exposed MD5 Data exposed --- Fitness
Homechef.com
More Info n early 2020, the food delivery service Home Chef suffered a data breach which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including names, IP addresses, post codes, the last 4 digits of credit card numbers and passwords stored as bcrypt hashes.
https://www.homechef.com/ 2,020 8,717,638 --- 8,717,638 NO NO Data exposed BCrypt Data exposed Data exposed Social
Parkmobile.io
More Info In March 2021, the mobile parking app service ParkMobile suffered a data breach which exposed 21 million customers' personal data. The impacted data included email addresses, names, phone numbers, vehicle licence plates and passwords stored as bcrypt hashes. The following month, the data appeared on a public hacking forum where it was extensively redistributed.
https://parkmobile.io/ 2,021 21,429,752 --- 21,409,105 NO NO Data exposed BCrypt Data exposed --- Mobile Parking
Pizap.com
More Info In approximately December 2017, the online photo editing site piZap suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in February 2019. A total of 42 million unique email addresses were included in the breach alongside names, genders and links to Facebook profiles when the social media platform was used to authenticate to piZap. When accounts were created directly on piZap without using Facebook for authentication, passwords stored as SHA-1 hashes were also exposed.
https://www.pizap.com/ 2,017 42,738,464 --- 23,942,582 NO NO Data exposed SHA1 Data exposed --- Photo