BreachWatch March 2019

Last updated 13 days ago

BreachWatch monitors the dark web for breached accounts matching passwords stored in your Keeper Vault and protects you against password stuffing attacks.

BreachWatch is constantly updated with the latest available data sources, in many cases prior to public release. Below are the most recent data sources added to the BreachWatch database.

Acquisition Date: 2018-06-04T00:00:00Z

Site: Adult-FanFiction.org

Description: In May 2018, Adult-FanFiction.org's database was allegedly breached. The stolen data contains usernames, plaintext passwords, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 185317

Acquisition Date: 2019-01-15T00:00:00Z

Site: BlankMediaGames

Description: BlankMediaGames confirmed that it suffered a data breach impacting more than 7.6 million players of popular browser-based role playing game Town of Salem. The exposed information includes usernames, email addresses, ip addresses, and passwords. The data is being shared privately on the dark web.

Passwords: 7767695

Acquisition Date: 2019-01-16T00:00:00Z

Site: SEO Chat

Description: In October 2018, SEO Chat's database was allegedly breached. The stolen data contains usernames, passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 105438

Acquisition Date: 2018-11-01T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 0

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 3213

Acquisition Date: 2018-02-02T00:00:00Z

Site: Gnieznienskie Forum Internetowe

Description: In 2012, Gnieźnieńskie Forum Internetowe's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 928

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 0

Acquisition Date: 2018-02-02T00:00:00Z

Site: Wiejska-Chata.pl

Description: In 2012, Wiejska-Chata.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 2675

Acquisition Date: 2018-02-02T00:00:00Z

Site: Polska.lu

Description: In 2012, Polska.lu's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 4231

Acquisition Date: 2018-01-30T00:00:00Z

Site: Ginga.info

Description: At an unconfirmed date, Ginga.info's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 18504

Acquisition Date: 2018-01-15T00:00:00Z

Site: Sincharoen Chai

Description: At an unconfirmed date, Sincharoen Chai's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 93369

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 92807

Acquisition Date: 2018-01-29T00:00:00Z

Site: ZionCastle.com.tw

Description: At an unconfirmed date, ZionCastle.com.tw's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 18377

Acquisition Date: 2018-01-18T00:00:00Z

Site: 3LParenting

Description: At an unconfirmed date, 3LParenting's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 258555

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 26

Acquisition Date: 2018-02-02T00:00:00Z

Site: Rzecznik Prasowy

Description: In 2012, Rzecznik Prasowy's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 505

Acquisition Date: 2018-02-02T00:00:00Z

Site: Opel Vectra Klub Polska

Description: In 2012, Opel Vectra Klub Polska's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 812

Acquisition Date: 2018-01-30T00:00:00Z

Site: Zimoby SMS

Description: At an unconfirmed date, Zimoby SMS's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 1206

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum o Golebiach Pocztowych

Description: In 2012, Forum o Gołębiach Pocztowych's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 3165

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 12957569

Acquisition Date: 2018-02-02T00:00:00Z

Site: High-Heels.pl

Description: In 2012, High-Heels.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 183

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 155

Acquisition Date: 2018-02-02T00:00:00Z

Site: Symplex

Description: In 2012, Symplex's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 493

Acquisition Date: 2018-02-02T00:00:00Z

Site: Fan Club Adrenalina

Description: In 2012, Fan Club Adrenalina's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 163

Acquisition Date: 2018-02-02T00:00:00Z

Site: Przyjaciele Bonsai

Description: In 2012, Przyjaciele Bonsai's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 2601

Acquisition Date: 2018-02-02T00:00:00Z

Site: DADO Creations

Description: At an unconfirmed date, DADO Creations's database was allegedly breached. The stolen data contains usernames, passwords, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 10

Acquisition Date: 2018-01-16T00:00:00Z

Site: Diary of Findingnemo

Description: At an unconfirmed date, Diary of Findingnemo's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 73413

Acquisition Date: 2018-02-02T00:00:00Z

Site: PrepsKC

Description: At an unconfirmed date, PrepsKC's application users database was allegedly breached. The stolen data contains passwords, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 7368

Acquisition Date: 2018-01-15T00:00:00Z

Site: Hitlab Inc.

Description: In 2017, Hitlab Inc.'s database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being publicly shared on the internet.

Passwords: 119865

Acquisition Date: 2017-11-20T00:00:00Z

Site: Blog.bg

Description: In 2017, Blog.bg's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 123333

Acquisition Date: 2018-01-19T00:00:00Z

Site: ChapterBuilder

Description: At an unconfirmed date, ChapterBuilder's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 171747

Acquisition Date: 2018-01-30T00:00:00Z

Site: Zum-Flohmarkt.de and KasServer.com

Description: At an unconfirmed date, Zum-Flohmarkt.de's and KasServer.com's databases were allegedly breached. The stolen data contains passwords and email addresses. This compilation is being privately shared on the internet.

Passwords: 20420

Acquisition Date: 2018-02-02T00:00:00Z

Site: ModelTeam

Description: In 2012, ModelTeam's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 1018

Acquisition Date: 2018-02-02T00:00:00Z

Site: FragZone EU

Description: In 2012, FragZone EU's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 2688

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum Ubezwlasnowolnienie

Description: In 2012, Forum Ubezwlasnowolnienie's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 396

Acquisition Date: 2018-02-02T00:00:00Z

Site: Grynet.com.pl

Description: In 2012, Grynet.com.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 235

Acquisition Date: 2018-01-18T00:00:00Z

Site: StudentTorget

Description: At an unconfirmed date, StudentTorget's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 138847

Acquisition Date: 2018-01-24T00:00:00Z

Site: Wonder Polls

Description: At an unconfirmed date, Wonder Polls's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 498108

Acquisition Date: 2018-01-16T00:00:00Z

Site: Creep Design

Description: At an unconfirmed date, Creep Design's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 167811

Acquisition Date: 2018-01-29T00:00:00Z

Site: Windham Fabrics

Description: At an unconfirmed date, Windham Fabrics's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 3980

Acquisition Date: 2018-01-17T00:00:00Z

Site: Academie de Versailles

Description: At an unconfirmed date, Académie de Versailles's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 106665

Acquisition Date: 2018-02-02T00:00:00Z

Site: Podkarpackie Aquarium Forum

Description: In 2012, Podkarpackie Aquarium Forum's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 1412

Acquisition Date: 2018-02-02T00:00:00Z

Site: Enne & A Store

Description: At an unconfirmed date, Enne & A Store's database was allegedly breached. The stolen data contains IPs, passwords, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 47

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sektor Fana

Description: In 2012, Sektor Fana's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 221

Acquisition Date: 2018-02-02T00:00:00Z

Site: Gielda Tlumaczen

Description: In 2012, Gielda Tlumaczen's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 160

Acquisition Date: 2018-01-18T00:00:00Z

Site: Bulgarian Properties UK

Description: At an unconfirmed date, Bulgarian Properties UK's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 167974

Acquisition Date: 2018-02-02T00:00:00Z

Site: Straw

Description: In 2012, Straw's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 1525

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 170

Acquisition Date: 2018-02-02T00:00:00Z

Site: Ogrody Bema

Description: In 2012, Ogrody Bema's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 407

Acquisition Date: 2018-02-02T00:00:00Z

Site: HerbalBuy

Description: At an unconfirmed date, HerbalBuy's database was allegedly breached. The stolen data contains passwords, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 42408

Acquisition Date: 2018-01-17T00:00:00Z

Site: Developers Heaven

Description: At an unconfirmed date, Developers Heaven's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 94233

Acquisition Date: 2018-02-02T00:00:00Z

Site: Kobiece Forum

Description: In 2012, Kobiece Forum's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 409

Acquisition Date: 2018-01-17T00:00:00Z

Site: Diary of Gartoony

Description: At an unconfirmed date, Diary of Gartoony's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 73652

Acquisition Date: 2018-02-02T00:00:00Z

Site: BlahBlahCafe

Description: In 2012, BlahBlahCafe's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 1155

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1921

Acquisition Date: 2018-02-02T00:00:00Z

Site: Ostrowiec-Swietokrzyski.com

Description: In 2012, Ostrowiec-Swietokrzyski.com's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 280

Acquisition Date: 2018-02-02T00:00:00Z

Site: Top-Radio Internet Radio

Description: In 2012, Top-Radio Internet Radio's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 138

Acquisition Date: 2018-01-23T00:00:00Z

Site: YouWiN! Connect

Description: At an unconfirmed date, YouWiN! Connect's database was allegedly breached. The stolen data contains passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 139477

Acquisition Date: 2018-02-02T00:00:00Z

Site: Statystycy

Description: In 2012, Statystycy's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 4019

Acquisition Date: 2018-01-16T00:00:00Z

Site: CF-Vanguard

Description: At an unconfirmed date, CF-Vanguard's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 92870

Acquisition Date: 2018-02-02T00:00:00Z

Site: WTC.Wejher.pl

Description: In 2012, WTC.Wejher.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 354

Acquisition Date: 2017-11-13T00:00:00Z

Site: Diario Rio Negro

Description: At an unconfirmed date, Diario Rio Negro's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 16581

Acquisition Date: 2018-01-15T00:00:00Z

Site: Orsk.ru

Description: At an unconfirmed date, Orsk.ru's database was allegedly breached. The stolen data contains passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 88078

Acquisition Date: 2018-01-15T00:00:00Z

Site: Hyderbad City Portal

Description: At an unconfirmed date, Hyderbad City Portal's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 470225

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1541494

Acquisition Date: 2017-11-13T00:00:00Z

Site: Youbeenx.com

Description: At an unconfirmed date, Youbeenx.com's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 46117

Acquisition Date: 2018-02-02T00:00:00Z

Site: Vagchelm.eu

Description: In 2012, Vagchelm.eu's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 125

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1486340

Acquisition Date: 2018-02-02T00:00:00Z

Site: Europejski Klub Caravaningowy

Description: In 2012, Europejski Klub Caravaningowy's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 116

Acquisition Date: 2018-01-18T00:00:00Z

Site: Auto Sport Willy

Description: At an unconfirmed date, Auto Sport Willy's database was allegedly breached. The stolen data contains passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 202342

Acquisition Date: 2018-02-02T00:00:00Z

Site: Klub MX-3 Drivers Forum

Description: In 2012, Klub MX-3 Drivers Forum's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 447

Acquisition Date: 2018-02-02T00:00:00Z

Site: Support-GSM

Description: In 2012, Support-GSM's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 1123

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 128

Acquisition Date: 2018-02-02T00:00:00Z

Site: Rotor Guild

Description: In 2012, Rotor Guild's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 193

Acquisition Date: 2018-01-19T00:00:00Z

Site: Educarriere.ci

Description: At an unconfirmed date, Educarriere.ci's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 48267

Acquisition Date: 2018-02-02T00:00:00Z

Site: GlobalAutoIndustry

Description: At an unconfirmed date, GlobalAutoIndustry's customer database was allegedly breached. The stolen data contains passwords, salts, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 240

Acquisition Date: 2018-02-02T00:00:00Z

Site: Women's Wear Daily

Description: At an unconfirmed date, Women's Wear Daily's database was allegedly breached. The stolen data contains IPs, passwords, email addresses and additional personal information. This breach is being privately shared on the internet.

Passwords: 11160

Acquisition Date: 2018-01-18T00:00:00Z

Site: Z/X Vault

Description: At an unconfirmed date, Z/X Vault's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 86966

Acquisition Date: 2018-02-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 153

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum Zabrze

Description: In 2012, Forum Zabrze's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 2174

Acquisition Date: 2018-02-02T00:00:00Z

Site: Fotografia-Czestochowa.pl

Description: In 2012, Fotografia-Czestochowa.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 121

Acquisition Date: 2018-02-02T00:00:00Z

Site: Rafy.Nazwa.pl

Description: In 2012, Rafy.Nazwa.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 290

Acquisition Date: 2018-01-23T00:00:00Z

Site: DataImage

Description: At an unconfirmed date, DataImage's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 148435

Acquisition Date: 2017-05-15T00:00:00Z

Site: Agnieszka.com.pl

Description: In 2012, Agnieszka.com.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared online.

Passwords: 6447

Acquisition Date: 2018-01-22T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 491967

Acquisition Date: 2018-01-26T00:00:00Z

Site: NCW.jp

Description: At an unconfirmed date, NCW.jp's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 96957

Acquisition Date: 2018-01-25T00:00:00Z

Site: GasPriceWatch.com

Description: At an unconfirmed date, GasPriceWatch.com's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 315561

Acquisition Date: 2018-01-25T00:00:00Z

Site: LSGB.net

Description: On an unconfirmed date, the manufacturing company LSGB.net, was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 8689348

Acquisition Date: 2017-11-21T00:00:00Z

Site: LA2World

Description: In March 2013, LA2World's database was allegedly breached. The stolen data contains usernames, passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 87669

Acquisition Date: 2018-01-18T00:00:00Z

Site: 1kk Combolist

Description: This combolist was likely compiled in 2017 from a variety of private and public breaches. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 1088696

Acquisition Date: 2018-01-22T00:00:00Z

Site: HappyWorkplace

Description: At an unconfirmed date, HappyWorkplace's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 111662

Acquisition Date: 2017-11-20T00:00:00Z

Site: ArenaFan

Description: At an unconfirmed date, ArenaFan's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared online.

Passwords: 128577

Acquisition Date: 2017-11-20T00:00:00Z

Site: Visual Art Source

Description: At an unconfirmed date, Visual Art Source's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared online.

Passwords: 41170

Acquisition Date: 2018-02-01T00:00:00Z

Site: Funded.com

Description: At an unconfirmed date, Funded.com's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 136633

Acquisition Date: 2017-11-13T00:00:00Z

Site: My Games Pocket

Description: At an unconfirmed date, My Games Pocket's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared online.

Passwords: 315541

Acquisition Date: 2017-11-20T00:00:00Z

Site: KinderCart

Description: At an unconfirmed date, KinderCart's database was allegedly breached. The stolen data contains passwords, salts, and email addresses. This breach is being privately shared online.

Passwords: 57726

Acquisition Date: 2018-01-23T00:00:00Z

Site: Noor Clinic

Description: At an unconfirmed date, Noor Clinic's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 113326

Acquisition Date: 2018-01-25T00:00:00Z

Site: AccountGear

Description: At an unconfirmed date, AccountGear's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 268725

Acquisition Date: 2017-08-12T00:00:00Z

Site: PingPong.su

Description: In 2016, PingPong.su's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being publicly shared online.

Passwords: 57563

Acquisition Date: 2018-01-26T00:00:00Z

Site: Game.Kaidown.com

Description: At an unconfirmed date, Game.Kaidown.com's database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 852030

Acquisition Date: 2017-08-01T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 128300

Acquisition Date: 2017-08-12T00:00:00Z

Site: The Control4 Community

Description: In November 2015, The Control4 Community's database was allegedly breached. The stolen data contains usernames, IPs, passwords, and email addresses. This breach is being publicly shared online.

Passwords: 4178

Acquisition Date: 2017-11-20T00:00:00Z

Site: Asechka

Description: In September 2016, Asechka's forum database was allegedly breached. The stolen data contains usernames, IPs, passwords, salts, and email addresses. This breach is being privately shared online.

Passwords: 35424

Acquisition Date: 2018-01-26T00:00:00Z

Site: Guest Zone

Description: In January 2017, Guest Zone's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being publicly shared online.

Passwords: 29261

Acquisition Date: 2018-01-23T00:00:00Z

Site: The Official Website for Professor Dr. Gunnar Winkler

Description: At an unconfirmed date, Professor Dr. Gunnar Winkler's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 130819

Acquisition Date: 2017-06-06T00:00:00Z

Site: PearHotel

Description: In April 2014, PearHotel's database was allegedly breached. The stolen data contains usernames, IPs, MD5-hashed passwords, and email addresses. This breach is being publicly shared on the darknet.

Passwords: 26648

Acquisition Date: 2016-10-06T00:00:00Z

Site: DayZ Forum

Description: In April 2016, DayZ Forum's database was allegedly breached. The stolen data contains usernames, IPs, passwords, salts, and email addresses. This breach is being publicly shared on the internet.

Passwords: 31815

Acquisition Date: 2018-01-25T00:00:00Z

Site: EternalHits.com

Description: At an unconfirmed date, EternalHits' user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 98611

Acquisition Date: 2017-06-06T00:00:00Z

Site: Mobilez.pl

Description: In January 2010, Mobilez.pl's database was allegedly breached. The stolen data contains usernames, passwords, salts, and email addresses. This breach is being privately shared online.

Passwords: 38367

Acquisition Date: 2018-01-24T00:00:00Z

Site: Anuntul Magic

Description: At an unconfirmed date, Anuntul Magic's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 72269

Acquisition Date: 2018-01-30T00:00:00Z

Site: Sunrose Consulting Limited

Description: At an unconfirmed date, Sunrose Consulting Limited's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 89354

Acquisition Date: 2018-01-25T00:00:00Z

Site: JobsUp

Description: At an unconfirmed date, JobsUp's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 105132

Acquisition Date: 2018-01-01T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 117015

Acquisition Date: 2017-08-01T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 23634

Acquisition Date: 2018-01-25T00:00:00Z

Site: Career121

Description: At an unconfirmed date, Career121's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 94761

Acquisition Date: 2018-01-26T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 216173

Acquisition Date: 2017-11-20T00:00:00Z

Site: D3Scene

Description: In 2009, D3Scene's database was allegedly breached. The stolen data contains usernames, IPs, passwords, salts, and email addresses. This breach is being publicly shared online.

Passwords: 32815

Acquisition Date: 2018-01-25T00:00:00Z

Site: Jeux Fille Gratuit

Description: At an unconfirmed date, Jeux Fille Gratuit's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 719686

Acquisition Date: 2017-02-04T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 22528

Acquisition Date: 2018-01-25T00:00:00Z

Site: InterFaceLift

Description: At an unconfirmed date, InterFaceLift's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 119562

Acquisition Date: 2018-01-23T00:00:00Z

Site: BuyKaraokeDownloads.com

Description: At an unconfirmed date, BuyKaraokeDownloads.com's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 95319

Acquisition Date: 2018-01-24T00:00:00Z

Site: J-RentACar

Description: At an unconfirmed date, J-RentACar's user database was allegedly breached. The stolen data contains passwords and email addresses. In January 2018, the data was shared publicly online.

Passwords: 240304

Acquisition Date: 2017-11-02T00:00:00Z

Site: Hi Japan

Description: In January 2016, Hi Japan's database was allegedly breached. The stolen data contains usernames, passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 302838

Acquisition Date: 2017-11-21T00:00:00Z

Site: Purzue

Description: At an unconfirmed date, Purzue's database was allegedly breached. The stolen data contains passwords, email addresses, and additional personal information. This breach is being privately shared online.

Passwords: 1339

Acquisition Date: 2018-01-15T00:00:00Z

Site: Fishing Evolution

Description: In November 2017, Fishing Evolution's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 21324

Acquisition Date: 2018-01-17T00:00:00Z

Site: Experimental Magazine

Description: In November 2017, Experimental Magazine's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 21435

Acquisition Date: 2017-12-18T00:00:00Z

Site: Macquarie Commercial and Business Sales Pty. Ltd.

Description: In 2017, Macquarie Commercial and Business Sales Pty. Ltd.'s database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 113850

Acquisition Date: 2018-01-15T00:00:00Z

Site: BabyZimmer.de

Description: In November 2017, BabyZimmer.de's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 24860

Acquisition Date: 2017-12-14T00:00:00Z

Site: Enrich Living Now

Description: In 2017, Enrich Living Now's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 78650

Acquisition Date: 2018-01-18T00:00:00Z

Site: Physio UK

Description: In December 2017, Physio UK's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 20438

Acquisition Date: 2018-01-18T00:00:00Z

Site: Real Estate Combolist

Description: This combolist was compiled in late 2017, from a variety of private and public breaches and contains records from a number of real estate related websites. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 21319

Acquisition Date: 2018-01-17T00:00:00Z

Site: DIP

Description: In 2017, DIP's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 2348

Acquisition Date: 2018-01-16T00:00:00Z

Site: Crazylisting

Description: In November 2017, Crazylisting's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 2355

Acquisition Date: 2017-12-13T00:00:00Z

Site: DJ-Shop.sk_plain_2017.txt

Description: In 2017, DJ-Shop.sk_plain_2017.txt's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 2283

Acquisition Date: 2018-01-17T00:00:00Z

Site: Prints With Wings

Description: In December 2017, Prints With Wings's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 20759

Acquisition Date: 2018-01-15T00:00:00Z

Site: Federation Internationale de Volleyball (FIVB)

Description: In November 2017, Federation Internationale de Volleyball (FIVB)'s database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 19795

Acquisition Date: 2018-01-18T00:00:00Z

Site: FlyInside

Description: In November 2017, FlyInside's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 22493

Acquisition Date: 2018-01-16T00:00:00Z

Site: Banlue Group

Description: In November 2017, Banlue Group's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 20371

Acquisition Date: 2017-12-13T00:00:00Z

Site: HairSearch.eu

Description: In 2017, HairSearch.eu's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 19728

Acquisition Date: 2018-01-15T00:00:00Z

Site: MapExpert

Description: In 2017, MapExpert's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 11267

Acquisition Date: 2017-06-05T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 67121

Acquisition Date: 2017-06-08T00:00:00Z

Site: Retro Hotel

Description: In 2017, Retro Hotel's database was allegedly breached. The stolen data contains usernames, IPs, MD5-hashed passwords, and email addresses. This breach is being privately shared on the darknet.

Passwords: 55770

Acquisition Date: 2017-12-19T00:00:00Z

Site: El Rey Stucco

Description: In 2017, El Rey Stucco's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 11945

Acquisition Date: 2017-02-12T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 141172

Acquisition Date: 2017-12-17T00:00:00Z

Site: DiversityWorking

Description: In 2017, DiversityWorking's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 175053

Acquisition Date: 2018-01-18T00:00:00Z

Site: Camiseta Criativa

Description: In 2017, Camiseta Criativa's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 24248

Acquisition Date: 2018-01-16T00:00:00Z

Site: Active Accounts Combolist

Description: This combolist was likely compiled in 2017 from a variety of private and public breaches, and it contains email and password records. Threat actors are actively using this list to gain access to sites using credential stuffing tools.

Passwords: 199842

Acquisition Date: 2018-01-16T00:00:00Z

Site: HCRA Paddler

Description: In November 2017, HCRA Paddler's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 23330

Acquisition Date: 2017-02-07T00:00:00Z

Site: GratisKlader.se

Description: At an unconfirmed date, GratisKlader.se's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, salts, email addresses and additional personal information. This breach is being publicly shared on the darknet.

Passwords: 201158

Acquisition Date: 2018-01-19T00:00:00Z

Site: Centro Studi La Famiglia

Description: In 2017, Centro Studi La Famiglia's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 15391

Acquisition Date: 2018-01-19T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 2864

Acquisition Date: 2018-01-19T00:00:00Z

Site: S&H Uniforms

Description: In December 2017, S&H Uniforms's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 23844

Acquisition Date: 2018-01-19T00:00:00Z

Site: Caro Group

Description: In November 2017, Caro Group's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 22609

Acquisition Date: 2018-01-15T00:00:00Z

Site: BestJobs4All

Description: In 2017, BestJobs4All's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 66727

Acquisition Date: 2018-01-18T00:00:00Z

Site: BdJobs Today

Description: In November 2017, BdJobs Today's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 12050

Acquisition Date: 2018-01-15T00:00:00Z

Site: Maliweb.net

Description: In 2017, Maliweb.net's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being publicly shared on the darknet.

Passwords: 28292

Acquisition Date: 2017-07-02T00:00:00Z

Site: Minecraft Italia

Description: In June 2017, Minecraft Italia's database was allegedly breached. The stolen data contains usernames, passwords, salts, and email addresses. This breach is being publicly shared on the darknet.

Passwords: 189628

Acquisition Date: 2018-01-17T00:00:00Z

Site: Duen Rally Page

Description: In November 2017, Duen Rally Page's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 22937

Acquisition Date: 2018-01-17T00:00:00Z

Site: 3ForFun

Description: At an unconfirmed date, 3ForFun's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being publicly shared on the darknet.

Passwords: 27182

Acquisition Date: 2017-12-13T00:00:00Z

Site: VacationWired.com

Description: In January 2017, VacationWired.com's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 48396

Acquisition Date: 2017-02-08T00:00:00Z

Site: World of Warcraft Movies

Description: In December 2015, World of Warcraft Movies's database was allegedly breached, potentially due to a vulnerability in vBulletin. The stolen data contains usernames, passwords, and email addresses. This breach is being publicly shared on the darknet.

Passwords: 418315

Acquisition Date: 2018-01-18T00:00:00Z

Site: Ce-Multiavantages

Description: In November 2017, Ce-Multiavantages's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 20680

Acquisition Date: 2018-01-18T00:00:00Z

Site: CamperOnline

Description: In 2017, CamperOnline's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 102602

Acquisition Date: 2017-12-18T00:00:00Z

Site: Horapa

Description: In 2017, Horapa's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 15706

Acquisition Date: 2018-01-19T00:00:00Z

Site: HolyBible.us

Description: In November 2017, HolyBible.us's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 21810

Acquisition Date: 2018-01-15T00:00:00Z

Site: BIG-CE Tahiti

Description: In November 2017, BIG-CE Tahiti's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 23033

Acquisition Date: 2018-01-18T00:00:00Z

Site: Kryminalistyka i Medycyna Sadowa

Description: In 2012, Kryminalistyka i Medycyna Sadowa's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the darknet.

Passwords: 2881

Acquisition Date: 2018-01-17T00:00:00Z

Site: Proper Apartments

Description: In December 2017, Proper Apartments's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 22293

Acquisition Date: 2018-01-19T00:00:00Z

Site: Reid Park Best Ball

Description: In December 2017, Reid Park Best Ball's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 12940

Acquisition Date: 2018-01-17T00:00:00Z

Site: GetYourMusic

Description: In 2017, GetYourMusic's database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 1110

Acquisition Date: 2018-01-16T00:00:00Z

Site: Home Tuition Malaysia

Description: In December 2017, Home Tuition Malaysia's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 24237

Acquisition Date: 2018-01-30T00:00:00Z

Site: U2 Achtung

Description: At an unconfirmed date, U2 Achtung's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 30528

Acquisition Date: 2017-11-08T00:00:00Z

Site: MyOOPS

Description: At an unconfirmed date, MyOOPS's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being publicly shared on the internet.

Passwords: 69069

Acquisition Date: 2018-02-02T00:00:00Z

Site: ATVZone.O12

Description: In 2012, ATVZone.O12's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 439

Acquisition Date: 2018-01-30T00:00:00Z

Site: Zaccheus Onumba Dibiaezue Memorial Libraries

Description: At an unconfirmed date, Zaccheus Onumba Dibiaezue Memorial Libraries' database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 7410

Acquisition Date: 2018-01-30T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 861

Acquisition Date: 2017-08-16T00:00:00Z

Site: The Epilepsy Foundation of Michigan

Description: In July 2011, The Epilepsy Foundation of Michigan's database was allegedly breached. The stolen data contains email addresses and additional personal information. This breach is being publicly shared on the internet.

Passwords: 0

Acquisition Date: 2018-02-02T00:00:00Z

Site: Fanklub Fiata Pandy

Description: In 2012, Fanklub Fiata Pandy's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 175

Acquisition Date: 2018-01-30T00:00:00Z

Site: ZikrayNabi.com

Description: At an unconfirmed date, ZikrayNabi.com's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 9145

Acquisition Date: 2017-11-07T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 53177210

Acquisition Date: 2017-08-14T00:00:00Z

Site: EJHB.info

Description: At an unconfirmed date, EJHB.info's database was allegedly breached. The stolen data contains usernames and email addresses. This breach is being privately shared on the internet.

Passwords: 4405

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum.Czeczenia.com.pl

Description: In 2012, Forum.Czeczenia.com.pl's database was allegedly breached. The stolen data contains usernames, MD5-hahsed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 156

Acquisition Date: 2017-10-20T00:00:00Z

Site: WeHeartIt

Description: In November 2013, social network WeHeartIt's database was allegedly breached. The stolen data contains usernames, passwords, and email addresses. The breach data was shared between members of closed and trusted groups.

Passwords: 8602562

Acquisition Date: 2017-11-16T00:00:00Z

Site: Table des Calories

Description: At an unconfirmed date, Table des Calories' database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 72872

Acquisition Date: 2017-11-13T00:00:00Z

Site: SanTool Werkzeuge GmbH

Description: At an unconfirmed date, SanTool Werkzeuge GmbH's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 13709

Acquisition Date: 2018-02-02T00:00:00Z

Site: E31 Klub Polska

Description: In 2012, E31 Klub Polska's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 251

Acquisition Date: 2018-02-02T00:00:00Z

Site: DangerousWaters.pl

Description: In 2012, DangerousWaters.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 259

Acquisition Date: 2017-10-05T00:00:00Z

Site: Disqus

Description: In 2012, comment hosting service Disqus's database was allegedly breached. The stolen data contains passwords, email addresses and additional personal information. This breach is being publicly shared on the internet.

Passwords: 6146680

Acquisition Date: 2018-01-18T00:00:00Z

Site: Switch My Debt

Description: At an unconfirmed date, Switch My Debt's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 232279

Acquisition Date: 2018-01-30T00:00:00Z

Site: Yellow is the New Pink

Description: At an unconfirmed date, Yellow is the New Pink's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 24459

Acquisition Date: 2018-01-26T00:00:00Z

Site: Osetini.com

Description: At an unconfirmed date, Osetini.com's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 157609

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum Brukarskie

Description: In 2012, Forum Brukarskie's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 715

Acquisition Date: 2018-01-30T00:00:00Z

Site: ZycieiSmierc

Description: At an unconfirmed date, ZycieiSmierc's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 5175

Acquisition Date: 2018-02-02T00:00:00Z

Site: Cyr4x.pl

Description: In 2012, Cyr4x.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 230

Acquisition Date: 2018-02-02T00:00:00Z

Site: DVBT.XT.pl

Description: In 2012, DVBT.XT.pl's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 493

Acquisition Date: 2018-01-10T00:00:00Z

Site: RSS-Verzeichnis

Description: At an unconfirmed date, RSS-Verzeichnis' database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 265568

Acquisition Date: 2017-10-05T00:00:00Z

Site: Kickstarter

Description: In February 2014, crowdfunding site Kickstarter's database was allegedly breached. The stolen data contains usernames, passwords, and email addresses.

Passwords: 4396216

Acquisition Date: 2018-02-02T00:00:00Z

Site: Bonfire

Description: In 2012, Bonfire's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 269

Acquisition Date: 2018-01-30T00:00:00Z

Site: YFCA of Oyster Bay

Description: At an unconfirmed date, YFCA of Oyster Bay's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 3735

Acquisition Date: 2017-10-08T00:00:00Z

Site: Bitly, Inc.

Description: In May 2014, link shortening service Bitly's database was allegedly breached. The stolen data contains usernames, passwords, and email addresses. This breach is being shared privately among private groups on the underground.

Passwords: 7538970

Acquisition Date: 2017-11-16T00:00:00Z

Site: Time Warner Cable - Business Class

Description: In February 2016, Time Warner Cable's Business Class Customer Support Portal was breached due to a SQLi vulnerability. The actors behind the attack, TeaMp0isoN, defaced the website as well as stole a user database that they eventually shared publicly online the next day.

Passwords: 4166

Acquisition Date: 2017-10-15T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1573381

Acquisition Date: 2017-11-13T00:00:00Z

Site: YMEMJ Rewards

Description: At an unconfirmed date, YMEMJ Rewards' database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being publicly shared on the internet.

Passwords: 12405

Acquisition Date: 2017-09-19T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 5258570

Acquisition Date: 2017-11-16T00:00:00Z

Site: Telecom Training

Description: At an unconfirmed date, Telecom Training's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 26107

Acquisition Date: 2018-01-30T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 5175

Acquisition Date: 2018-01-30T00:00:00Z

Site: ZenzorControl

Description: At an unconfirmed date, ZenzorControl's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 2202

Acquisition Date: 2018-02-02T00:00:00Z

Site: eRopczyce

Description: In 2012, eRopczyce's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 587

Acquisition Date: 2018-01-30T00:00:00Z

Site: Yellow Pages: Russian-Michigan

Description: At an unconfirmed date, Yellow Pages: Russian-Michigan's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 229

Acquisition Date: 2017-10-12T00:00:00Z

Site: Onebip

Description: At an unknown date, Openbip's user database was allegedly breached. The data is being shared among private circles online.

Passwords: 2325086

Acquisition Date: 2018-01-30T00:00:00Z

Site: Winnipeg Youth Soccer Association

Description: At an unconfirmed date, Winnipeg Youth Soccer Association's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 7009

Acquisition Date: 2017-09-06T00:00:00Z

Site: ReverbNation

Description: In January 2014, ReverbNation's database was allegedly breached. The stolen data contained passwords, salts, and email addresses.The compromised data is being shared privately within communities on the dark web.

Passwords: 7710810

Acquisition Date: 2018-01-30T00:00:00Z

Site: Zimmermann Norm

Description: At an unconfirmed date, Zimmermann Norm's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 11647

Acquisition Date: 2017-11-08T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 101707

Acquisition Date: 2018-02-02T00:00:00Z

Site: Klub BMW-Mania

Description: In 2012, Klub BMW-Mania's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 149

Acquisition Date: 2018-01-30T00:00:00Z

Site: Truong Trung Cap Y Viet Da Nang

Description: At an unconfirmed date, Truong Trung Cap Y Viet Da Nang's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 1073

Acquisition Date: 2018-01-30T00:00:00Z

Site: The Hangzhou Leisure Development and Promotion Association

Description: At an unconfirmed date, The Hangzhou Leisure Development and Promotion Association's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 22370

Acquisition Date: 2018-02-02T00:00:00Z

Site: Bunkerites of Poland

Description: In 2012, Bunkerites of Poland's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 1078

Acquisition Date: 2018-01-25T00:00:00Z

Site: Revit Community

Description: At an unconfirmed date, Revit Community's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being publicly shared on the internet.

Passwords: 339029

Acquisition Date: 2018-01-30T00:00:00Z

Site: ZoomOx!

Description: At an unconfirmed date, ZoomOx!'s database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 22923

Acquisition Date: 2017-11-16T00:00:00Z

Site: PayPal Sucks

Description: In May 2016, PayPal Sucks' database was allegedly breached. The stolen data contains usernames, passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 79612

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum.Dlapolski

Description: In 2012, Forum.Dlapolski's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 548

Acquisition Date: 2018-02-02T00:00:00Z

Site: AgroAero

Description: In 2012, AgroAero's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 330

Acquisition Date: 2018-02-02T00:00:00Z

Site: Forum Prawne

Description: In 2012, Forum Prawne's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 652

Acquisition Date: 2018-01-30T00:00:00Z

Site: Zhitomir.UkrMisto.net

Description: At an unconfirmed date, Zhitomir.UkrMisto.net's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 4710

Acquisition Date: 2018-02-02T00:00:00Z

Site: Exchange of Sound Festival

Description: In 2012, Exchange of Sound Festival's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 271

Acquisition Date: 2018-01-30T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 2843

Acquisition Date: 2017-11-12T00:00:00Z

Site: RallySimFans.hu

Description: At an unconfirmed date, RallySimFans.hu's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 11344

Acquisition Date: 2018-02-02T00:00:00Z

Site: Best of Iron Maiden

Description: In 2012, Best of Iron Maiden's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 127

Acquisition Date: 2018-01-26T00:00:00Z

Site: SelectSmart.com

Description: At an unconfirmed date, SelectSmart.com's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 21893

Acquisition Date: 2018-01-01T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 54082

Acquisition Date: 2018-01-03T00:00:00Z

Site: Biocom International SRL, Romania

Description: At an unconfirmed date, Biocom International SRL, Romania's user database was allegedly breached. The stolen data contains MD5-hahsed passwords and email addresses. This database is being privately shared online.

Passwords: 17966

Acquisition Date: 2018-01-02T00:00:00Z

Site: Fraccaroli e Balzan Spa

Description: At an unconfirmed date, Fraccaroli e Balzan Spa's user database was allegedly breached. The stolen data contains MD5-hashed passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 6107

Acquisition Date: 2018-01-01T00:00:00Z

Site: MerDB

Description: At an unconfirmed date, MerDB's user database was allegedly breached. The stolen data contains user records including email addresses and passwords. In August 2017, the database was shared publicly on a few hacker forums.

Passwords: 20576

Acquisition Date: 2018-01-02T00:00:00Z

Site: CablesUK

Description: In 2017, CablesUK's user database was allegedly breached. The stolen data contains passwords and email addresses. In December 2017, the database was shared publicly on a few hacker forums.

Passwords: 149385

Acquisition Date: 2018-01-04T00:00:00Z

Site: Lighting a Billion Lives

Description: At an unconfirmed date, Lighting a Billion Lives' user database was allegedly breached. The stolen data contains passwords and MD5-hashed email addresses. The database is being shared privately online.

Passwords: 21748

Acquisition Date: 2018-01-05T00:00:00Z

Site: Combolist of Polish and German Email Addresses

Description: This combolist was compiled from a variety of private and public breaches. It is strongly believed that this list was put together with Polish and German email addresses as a target. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 195841

Acquisition Date: 2018-01-01T00:00:00Z

Site: The Post-Bulletin

Description: At an unconfirmed date, Post-Bulletin's user database was allegedly breached. The stolen data contains MD5-hashed passwords and email addresses. The database is being shared privately online.

Passwords: 14690

Acquisition Date: 2018-01-04T00:00:00Z

Site: Uni24.de

Description: At an unconfirmed date, Uni24.de's user database was allegedly breached. The stolen data contains user records including email addresses and MD5-hashed passwords. The data is being shared privately online.

Passwords: 15838

Acquisition Date: 2018-01-03T00:00:00Z

Site: Multimedia.de

Description: At an unconfirmed date, Multimedia.de's user database was allegedly breached. The stolen data contains user records including email addresses and plaintext passwords. The data is being shared privately online.

Passwords: 29381

Acquisition Date: 2018-01-04T00:00:00Z

Site: Indian Combolist

Description: This combolist was compiled from a variety of private and public breaches. It is strongly believed that this list was put together with Indian citizens as a target. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 5547

Acquisition Date: 2018-01-02T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 292412

Acquisition Date: 2018-01-03T00:00:00Z

Site: The Ultimate Safe List Exchange

Description: At an unconfirmed date the Ultimate Safe List Exchange's user database was allegedly breached. The stolen data contains user records including email addresses and passwords. The data is being shared privately online.

Passwords: 27798

Acquisition Date: 2018-01-01T00:00:00Z

Site: Hong Kong Indians

Description: At an unconfirmed date, Hong Kong Indian's user database was allegedly breached. The stolen data contains MD5-hahsed passwords and email addresses. This database is being privately shared online.

Passwords: 15573

Acquisition Date: 2018-01-03T00:00:00Z

Site: Power Your Trade

Description: At an unconfirmed date, Power Your Trade's user database was allegedly breached. The stolen data contains passwords and email addresses. The database is being shared privately online.

Passwords: 29861

Acquisition Date: 2018-01-01T00:00:00Z

Site: DaTre

Description: At an unconfirmed date, DaTre's user database was allegedly breached. The stolen data contains user records including email addresses and MD5-hashed passwords. The data is being shared privately online.

Passwords: 20616

Acquisition Date: 2018-01-04T00:00:00Z

Site: Access im Unternehmen

Description: At an unconfirmed date, Access im Unternehmen's user database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 10613

Acquisition Date: 2018-01-02T00:00:00Z

Site: Sercovam

Description: At an unconfirmed date, Sercovam's user database was allegedly breached. The stolen data contains user records including email addresses and passwords. The data is being shared privately online.

Passwords: 6670

Acquisition Date: 2018-01-01T00:00:00Z

Site: 360k USA ComboList

Description: This combolist was likely compiled in 2017 from a variety of private and public breaches. It is strongly believed that this list was put together with the United States as a target. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist was uploaded online publicly in December 2017.

Passwords: 367209

Acquisition Date: 2018-01-05T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 430225

Acquisition Date: 2018-01-04T00:00:00Z

Site: The Tapirulan Cultural Association

Description: At an unconfirmed date, The Tapirulan Cultural Association's user database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the darknet.

Passwords: 17206

Acquisition Date: 2018-01-04T00:00:00Z

Site: Kansas Teaching Jobs

Description: At an unconfirmed date, Kansas Teaching Jobs' user database was allegedly breached. The stolen data contains plaintext passwords and email addresses. This database is being privately shared online.

Passwords: 25468

Acquisition Date: 2017-10-22T00:00:00Z

Site: AcademyWomen

Description: In 2017, AcademyWomen's user database was allegedly breached. The stolen data contains user records, including email addresses, full names, and passwords. In October 2017, the database was shared publicly on a popular forum.

Passwords: 3899

Acquisition Date: 2018-01-03T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 96839

Acquisition Date: 2018-01-02T00:00:00Z

Site: Autobramy.org

Description: In 2012, Autobramy.org's user database was allegedly breached. The stolen data contains user records including email addresses and MD5-hashed passwords. The database is being shared privately online.

Passwords: 1841

Acquisition Date: 2018-01-04T00:00:00Z

Site: MoneyControl

Description: At an unconfirmed date, MoneyControl's user database was allegedly breached. The stolen data contains plaintext passwords and email addresses. The database is being shared privately online.

Passwords: 29868

Acquisition Date: 2018-01-05T00:00:00Z

Site: DLC Quickplay

Description: At an unconfirmed date, DLC Quickplay's user database was allegedly breached. The stolen data contains MD5-hashed passwords and email addresses. The database is being shared privately online.

Passwords: 16820

Acquisition Date: 2018-01-02T00:00:00Z

Site: ABC Stitch Therapy

Description: At an unconfirmed date, ABC Stitch Therapy's user database was allegedly breached. The stolen data contains MD5-hahsed passwords and email addresses. This database is being privately shared online.

Passwords: 15173

Acquisition Date: 2018-01-01T00:00:00Z

Site: Balletto.net

Description: At an unconfirmed date, Balleto's user database was allegedly breached. The stolen data contains user records including email addresses and plaintext passwords. The data is being shared privately online.

Passwords: 29454

Acquisition Date: 2018-01-03T00:00:00Z

Site: 150K HQ Combolist

Description: This combolist was likely compiled in 2017 from a variety of private and public breaches. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist was uploaded online publicly in early November 2017.

Passwords: 15751

Acquisition Date: 2018-01-01T00:00:00Z

Site: Zabugor

Description: At an unconfirmed date, Zabugor's user database was allegedly breached. The stolen data contains user records including email addresses and passwords. In February 2015, the data was shared publicly on a few hacker forums and file sharing sites.

Passwords: 125145

Acquisition Date: 2018-01-01T00:00:00Z

Site: The Official Website of the County of Essex, New Jersey

Description: At an unconfirmed date the Official Website of the County of Essex's user database was allegedly breached. The data contains user records including email addresses and plaintext passwords. The data is being shared privately online

Passwords: 11267

Acquisition Date: 2018-01-01T00:00:00Z

Site: Forum Modelarskie

Description: In 2012, Forum Modelarskie's user database was allegedly breached. The stolen data is made up of user records including usernames, email addresses, and MD5-hashed passwords. The data is being shared privately online.

Passwords: 3291

Acquisition Date: 2018-01-01T00:00:00Z

Site: Nival

Description: In February 2016, Nival's user database was allegedly breached. The stolen data contains user records including usernames, email addresses, and additional personal information. In April 2017, the database was shared publicly on a few forums and websites.

Passwords: 0

Acquisition Date: 2018-01-02T00:00:00Z

Site: C-Team

Description: In December 2015, C-Team's user database was allegedly breached by actor redsm0ke. The stolen data contains user records including usernames, email addresses, and passwords. The database was leaked publicly by redsm0ke on Siph0n.net.

Passwords: 237

Acquisition Date: 2018-01-01T00:00:00Z

Site: 4Lapy

Description: In 2012, 4Lapy's user database was allegedly breached. The stolen data contains user records including usernames, email addresses, and passwords. The database is being shared privately online.

Passwords: 4103

Acquisition Date: 2018-01-03T00:00:00Z

Site: MRCVSonline

Description: At an unconfirmed date, MRCVSonline's user database was allegedly breached. The stolen data contains MD5-hashed passwords and email addresses. The database is being shared privately on the internet.

Passwords: 17912

Acquisition Date: 2018-01-01T00:00:00Z

Site: Valid Mix Combolist

Description: This combolist was compiled from a variety of private and public breaches and contains a mix of email addresses from a number of countries. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 28766

Acquisition Date: 2018-01-04T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 30

Acquisition Date: 2018-01-02T00:00:00Z

Site: DashboardWidgets

Description: At an unconfirmed date, DashboardWidgets' user database was allegedly breached. The stolen data contains MD5-hahsed passwords and email addresses. This database is being privately shared online.

Passwords: 15595

Acquisition Date: 2018-01-04T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 451554

Acquisition Date: 2018-01-03T00:00:00Z

Site: Rishta Bliss

Description: At an uncomfirmed date, Rishta Bliss's user database was allegedly breached. The stolen data contains MD5-hashed passwords and emails addresses. This breach is being privately shared on the darknet.

Passwords: 14811

Acquisition Date: 2018-01-05T00:00:00Z

Site: Mixed Combolist

Description: This combolist was compiled from a variety of private and public breaches and contains a mix of email addresses from a number of countries. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 430734

Acquisition Date: 2018-01-02T00:00:00Z

Site: The National Center for Biotechnology Information

Description: At an unconfirmed date, the National Center for Biotechnology Information's user database was allegedly breached. The stolen data contains user records including email addresses and passwords. The database is being shared privately online.

Passwords: 440

Acquisition Date: 2017-11-09T00:00:00Z

Site: Warmane.com

Description: At an unconfirmed date, the Warmane.com user database was allegedly breached. The stolen data contains emails and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 841306

Acquisition Date: 2018-01-02T00:00:00Z

Site: Licaidashiye

Description: At an unconfirmed date, Licaidashiye's user database was allegedly breached. The stolen data contains MD5-hashed passwords and email addresses. The database is being shared privately online.

Passwords: 16343

Acquisition Date: 2018-01-04T00:00:00Z

Site: GoToAllDisk

Description: At an unconfirmed date, GoToAllDisk's user database was allegedly breached. The stolen data contains plaintext passwords and email addresses. In November 2017, the database was shared publicly on a hacker forum.

Passwords: 52901

Acquisition Date: 2018-01-04T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 72

Acquisition Date: 2018-01-05T00:00:00Z

Site: OwnedCore

Description: In 2015, OwnedCore's user database was allegedly breached. The stolen data contains user records including email addresses and passwords. In January 2017, the database was shared publicly on a few hacker forums and websites.

Passwords: 0

Acquisition Date: 2018-01-03T00:00:00Z

Site: Mylelo Jobs

Description: At an unconfirmed date, Mylelo Jobs's user database was allegedly breached. The stolen data contains passwords, emails This breach is being privately shared on the darknet.

Passwords: 29468

Acquisition Date: 2018-01-05T00:00:00Z

Site: KKE Wash Systems Pvt. Ltd.

Description: At an unconfirmed date KKE Wash Systems Pvt. Ltd.'s user database was allegedly breached. The stolen data contains user records including email addresses and plaintext passwords. The data is being shared privately online.

Passwords: 30237

Acquisition Date: 2018-01-03T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 62635

Acquisition Date: 2018-11-18T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1920

Acquisition Date: 2018-01-02T00:00:00Z

Site: Reeqwest

Description: At an unconfirmed date, Reeqwest's user database was allegedly breached. The stolen data contains user records including email addresses and MD5-hashed passwords. The data is being shared privately online.

Passwords: 27645

Acquisition Date: 2017-12-22T00:00:00Z

Site: Deals at Mr. Tech Stuff

Description: In March 2017, Deals at Mr. Tech Stuff's user database was allegedly breached due to a Wordpress vulnerability. The stolen data contains 110,000 records including email addresses and MD5-hashed passwords. In April 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 110933

Acquisition Date: 2017-12-20T00:00:00Z

Site: Music.it

Description: At an unconfirmed date, Music.it's user database was allegedly breached. The stolen data contains 33,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 33281

Acquisition Date: 2017-12-18T00:00:00Z

Site: Flash Games Nexus

Description: In 2017, Flash Games Nexus' user database was allegedly breached. The stolen data contains 101,000 records including email addresses and MD5-hashed passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 101376

Acquisition Date: 2017-12-28T00:00:00Z

Site: Baseball Prospectus

Description: At an unconfirmed date, Baseball Prospectus' user database was allegedly breached. The stolen data contains 179,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 179581

Acquisition Date: 2017-12-27T00:00:00Z

Site: Bubblebox

Description: In 2017, Bubblebox's user database was allegedly breached. The stolen data contains 72,000 records including email addresses and passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 72435

Acquisition Date: 2017-12-25T00:00:00Z

Site: PESGaming Forums

Description: In 2016, PESGaming Forums' user database was allegedly breached. The stolen data contains 221,000 records including email addresses, usernames, passwords, and salts. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 221063

Acquisition Date: 2017-12-25T00:00:00Z

Site: N:Flame

Description: At an unconfirmed date, N:Flame's user database was allegedly breached. The stolen data contains 139,000 records including email addresses, MD5-hashed passwords, and salts. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 139929

Acquisition Date: 2017-12-26T00:00:00Z

Site: BrickPicker

Description: At an unconfirmed date, BrickPicker's user database was allegedly breached. The stolen data contains 39,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 39871

Acquisition Date: 2017-12-20T00:00:00Z

Site: Tibia.net.pl

Description: In 2016, Tibia.net.pl's user database was allegedly breached. The stolen data contains 439,000 records including email addresses, usernames, passwords, and salts. In June 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 439048

Acquisition Date: 2017-12-26T00:00:00Z

Site: Fabric UK

Description: In January 2017, Fabric UK's user database was allegedly breached. The stolen data contains 101,000 records including email addresses and plaintext passwords. In December 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 101286

Acquisition Date: 2017-11-28T00:00:00Z

Site: Regency Theatres

Description: In October 2017, Regency Theatres' user database was allegedly breached. The stolen data contains 40,000 records including email addresses, hashed passwords, and full names. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 40424

Acquisition Date: 2017-12-19T00:00:00Z

Site: German Consumer Leads Database

Description: At an unconfirmed date, this German Consumer Leads database was allegedly sotlen. The database contains 255,000 records including email addresses and full names. The compromised data is being shared privately on the darknet.

Passwords: 0

Acquisition Date: 2017-12-26T00:00:00Z

Site: NewbVille

Description: In 2017, NewbVille's user database was allegedly breached. The stolen data contains 203,000 records including email addresses and plaintext passwords. In November 2017, the data was shared publicly on a hacker forum.

Passwords: 203217

Acquisition Date: 2017-12-27T00:00:00Z

Site: TechnicPack

Description: In January 2015, TechnicPack's user database was allegedly breached. The stolen data contains 238,000 records including email addresses and usernames. In July 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 66862

Acquisition Date: 2017-12-22T00:00:00Z

Site: Trade Leads International

Description: At an unconfirmed date, Trade Leads International's user database was allegedly breached. The stolen data contains 73,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 73475

Acquisition Date: 2017-12-19T00:00:00Z

Site: Transylvania.ru

Description: At an unconfirmed date, Transylvania.ru's user database was allegedly breached. The stolen data contains 18,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 18125

Acquisition Date: 2017-12-25T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 129118

Acquisition Date: 2017-12-19T00:00:00Z

Site: CoinsTown

Description: In January 2016, CoinsTown's user database was allegedly breached. The stolen data contains 2,900 records including email addresses, usernames, MD5-hashed passwords, and full names. In April 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 2993

Acquisition Date: 2017-12-25T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 272729

Acquisition Date: 2018-01-06T00:00:00Z

Site: Evony.com Forum

Description: In July 2016, Evony's forum database was breached. This stolen data contains usernames, emails, IPs, and hashed passwords. This breach is being publicly shared on the darknet.

Passwords: 938436

Acquisition Date: 2018-01-07T00:00:00Z

Site: vBulletin.com

Description: In March 2016 vBulletin.com's database was breached. This stolen data contains usernames, emails, passwords and salts. This data is now publicly being shared on the darknet.

Passwords: 522727

Acquisition Date: 2017-12-15T00:00:00Z

Site: YoloTown

Description: In August 2016, YoloTown's user database was allegedly breached. The stolen data contains 3,100 records including usernames and SHA-1 hashed passwords. In January 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 3174

Acquisition Date: 2017-12-11T00:00:00Z

Site: The Dream Centre

Description: At an unconfirmed date, The Dream Centre's user database was allegedly breached. The stolen data contains 13,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 13589

Acquisition Date: 2017-12-21T00:00:00Z

Site: TVPro-Online

Description: At an unconfirmed date, TVPro-Online's user database was allegedly breached. The stolen data contains 2,400 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 2459

Acquisition Date: 2017-12-13T00:00:00Z

Site: Fact Way

Description: At an unconfirmed date, Fact Way's user database was allegedly breached. The stolen data contains 65,000 records including email addresses and hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 65960

Acquisition Date: 2017-12-20T00:00:00Z

Site: Vegas Tripping

Description: In June 2017, Vegas Tripping's user database was allegedly breached. The stolen data contains 56,000 records including email addresses and passwords. In June 2017, the data was shared publicly on a few hacker forums.

Passwords: 56217

Acquisition Date: 2017-12-18T00:00:00Z

Site: Aria Forums

Description: In May 2016, Aria Forums' user database was allegedly breached due to a vBulletin vulnerability. The stolen data includes email addresses, usernames, passwords, and salts. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 18452

Acquisition Date: 2017-12-11T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 429697

Acquisition Date: 2017-12-26T00:00:00Z

Site: VBCoderz

Description: In 2012, VBCoderz's user database was allegedly breached. The stolen data contains 1,400 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 1493

Acquisition Date: 2017-12-18T00:00:00Z

Site: eHealth Links

Description: In April 2017, E-HealthLinks.com's user database was allegedly breached. The stolen data contains 142,000 records including email addresses and MD5-hashed passwords. In June 2017, the data was shared publicly on a few hacker forums.

Passwords: 142125

Acquisition Date: 2017-12-25T00:00:00Z

Site: Solar Culture Gallery, Inc.

Description: At an unconfirmed date, Solar Culture Gallery, Inc.'s user database was allegedly breached. The stolen data contains 680 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 686

Acquisition Date: 2017-12-20T00:00:00Z

Site: Know Your College

Description: In 2017, Know Your College's user database was allegedly breached. The stolen data contains 58,000 records including email addresses and MD5-hashed passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 58816

Acquisition Date: 2017-12-25T00:00:00Z

Site: Altis Life RPG

Description: In August 2016, Altis Life RPG's user database was allegedly breached. The stolen data contains 31,000 records including email addresses, usernames, and full names. In January 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 0

Acquisition Date: 2017-12-27T00:00:00Z

Site: Ticket Doug

Description: At an unconfirmed date, Ticket Doug's user database was allegedly breached. The stolen data contains 57,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 57056

Acquisition Date: 2017-12-18T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 114882

Acquisition Date: 2017-12-27T00:00:00Z

Site: KvizPart

Description: In 2017, KvizPart's user database was allegedly breached by actor Bobr. The stolen data contains 406,000 records including email addresses and plaintext passwords. In October 2017, the data was shared publicly by Bobr on a notorious hacker forum.

Passwords: 406290

Acquisition Date: 2017-12-19T00:00:00Z

Site: A Cosplay Paradise

Description: In July 2016, A Cosplay Paradise's user database was allegedly breached. The stolen data contains 55,000 records including email addresses and passwords. In July 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 55123

Acquisition Date: 2017-12-21T00:00:00Z

Site: ProjectX.top

Description: In August 2016, ProjectX.top's user database was allegedly breached. The stolen data contains 3,900 records including email addresses, usernames, bcrypt-hashed passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 3758

Acquisition Date: 2017-12-29T00:00:00Z

Site: Hong Kong Book City

Description: In 2017, Hong Kong Book City's user database was allegedly breached. The stolen data contains 125,000 records including email addresses and passwords. In December 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 125569

Acquisition Date: 2017-12-12T00:00:00Z

Site: Australian Consumer Leads Database

Description: At an unconfirmed date, this Australian Consumer Leads database was allegedly stolen. The database contains 303,000 records including email addresses and full names. The compromised data is being shared privately on the darknet.

Passwords: 0

Acquisition Date: 2017-12-28T00:00:00Z

Site: ChoYongPil

Description: In 2017, ChoYongPil.net's user database was allegedly breached. The stolen data contains 21,000 records including email addresses and passwords. In December 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 21123

Acquisition Date: 2017-12-20T00:00:00Z

Site: TWFoam

Description: At an unconfirmed date, TWFoam's user database was allegedly breached. The stolen data contains 14,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 14519

Acquisition Date: 2017-12-25T00:00:00Z

Site: FunPlanet

Description: In May 2017, FunPlanet's user database was allegedly breached due to a SQL injection vulnerability. The stolen data contains 399,000 records including email addresses and plaintext passwords. In June 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 398572

Acquisition Date: 2017-12-27T00:00:00Z

Site: AutoCentrum

Description: In January 2017, AutoCentrum's user database was allegedly breached. The stolen data contains 164,000 records including email addresses and passwords. In August 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 164500

Acquisition Date: 2017-12-28T00:00:00Z

Site: Learn French by Podcast

Description: In 2013, Learn French by Podcast's user database was allegedly breached. The stolen data contains 113,000 records including email addresses and passwords. In June 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 113094

Acquisition Date: 2017-12-21T00:00:00Z

Site: Gardens4You

Description: At an unconfirmed date, Gardens4Your's user database was allegedly breached. The stolen data contains 180,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 180535

Acquisition Date: 2017-12-12T00:00:00Z

Site: Studyzone.tv

Description: In 2017, Studyzone.tv's user database was allegedly breached. The stolen data contains 4,100 records including email addresses and passwords. In January 2018, the data was shared publicly on a few hacker sites and forums.

Passwords: 4156

Acquisition Date: 2017-12-29T00:00:00Z

Site: Maringa.com

Description: At an unconfirmed date, Maringa.com's user database was allegedly breached. The stolen data contains 176,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 176968

Acquisition Date: 2018-01-07T00:00:00Z

Site: Newsea SIMS

Description: At an unknown date, NewseaSIMS.com had its user database hacked for the second time. The breach contains emails and passwords and is being shared publicly on hacker forums and websites.

Passwords: 155092

Acquisition Date: 2017-12-20T00:00:00Z

Site: ChessHere.com

Description: In August 2016, ChessHere.com's user database was allegedly breached. The stolen data contains 537,000 records including usernames and MD5-hashed passwords. In February 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 537020

Acquisition Date: 2017-12-27T00:00:00Z

Site: LeoTVHD

Description: In 2017, LeoTVHD's user database was allegedly breached. The stolen data contains 26,000 records including email addresses and MD5-hashed passwords. In September 2017, the data was shared publicly on a hacker forum.

Passwords: 26469

Acquisition Date: 2017-12-29T00:00:00Z

Site: Classi4U

Description: In November 2017, Classi4U's user database was allegedly breached. The stolen data contains 207,000 records including email addresses and passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 207621

Acquisition Date: 2017-12-18T00:00:00Z

Site: Internet Intersection (KR)

Description: In April 2017, Internet Intersection (KR)'s user database was allegedly breached. The stolen data contains 1,130,000 records including email addresses and MD5-hashed passwords. In July 2017, the data was shared publicly on a few hacker forums by actor tysonbite1313.

Passwords: 1127798

Acquisition Date: 2017-12-25T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 100078

Acquisition Date: 2017-12-22T00:00:00Z

Site: FACEIT

Description: In May 2017, FACEIT's user database was allegedly breached. The stolen data contains 230,000 records including email addresses and plaintext passwords. In May 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 230703

Acquisition Date: 2017-12-29T00:00:00Z

Site: Seven Dollar Click

Description: In 2016, Seven Dollar Click's user database was allegedly breached. The stolen data contains 109,000 records including email addresses and passwords. In February 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 109407

Acquisition Date: 2017-12-11T00:00:00Z

Site: Saudi Electronic University (SEU)

Description: At an unconfirmed date, Saudi Electronic University (SEU)'s user database was allegedly breached. The stolen data contains 13,000 records including email addresses, usernames, and MD5-hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 13183

Acquisition Date: 2017-12-25T00:00:00Z

Site: DegreeForum

Description: In January 2017, DegreeForum's user database was allegedly breached due to a vulnerability in vBulletin. The stolen data contains 15,000 records including email addresses, usernames, passwords, and salts. In February 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 15981

Acquisition Date: 2017-12-14T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 0

Acquisition Date: 2017-12-04T00:00:00Z

Site: Fotoboom

Description: In July 2017, Fotoboom's user database was allegedly breached. The stolen data contains 90,000 records including email addresses and passwords. In July 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 90834

Acquisition Date: 2017-12-13T00:00:00Z

Site: Global-Tec

Description: At an unconfirmed date, Global-Tec.de's user database was allegedly breached. The stolen data contains 1,600 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 1674

Acquisition Date: 2017-12-29T00:00:00Z

Site: Boite A Chansons

Description: In 2017, Boite A Chansons' user database was allegedly breached. The stolen data contains 85,000 records including email addresses and passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 85099

Acquisition Date: 2017-12-28T00:00:00Z

Site: SABiosciences Corporation

Description: In January 2017, SABiosciences Corporation's user database was allegedly breached. The stolen data contains 157,000 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 157862

Acquisition Date: 2017-12-26T00:00:00Z

Site: MaxOyun

Description: At an unconfirmed date, MaxOyun's user database was allegedly breached. The stolen data contains 255,000 records including email addresses and plaintext passwords. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 255875

Acquisition Date: 2017-12-26T00:00:00Z

Site: The Pharmaceuticals Export Promotion Council (PHARMEXCIL)

Description: At an unconfirmed date, PHARMEXCIL's user database was allegedly breached. The stolen data contains 24,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 24862

Acquisition Date: 2017-12-26T00:00:00Z

Site: TestBag Academy

Description: In 2017, TestBag Academy's user database was allegedly breached. The stolen data contains 163,000 records including email addresses and plaintext passwords. In December 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 163291

Acquisition Date: 2017-12-28T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 54724

Acquisition Date: 2017-12-25T00:00:00Z

Site: DVDRBase

Description: In August 2017, DVDRBase's user database was allegedly breached. The stolen data contains 74,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 74821

Acquisition Date: 2017-12-19T00:00:00Z

Site: IAS100

Description: At an unconfirmed date, IAS100.in's user database was allegedly breached. The stolen data contains 147,000 records including email addresses and passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 147444

Acquisition Date: 2017-12-28T00:00:00Z

Site: The Official Website of Stephen R. Donaldson

Description: At an unconfirmed date, The Official Website of Stephen R. Donaldson's user database was allegedly breached. The stolen data contains 18,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 18029

Acquisition Date: 2017-12-14T00:00:00Z

Site: Groupon.co.id

Description: In 2015, Groupon.co.id's user database was allegedly breached. The stolen data contains 766,000 records including email addresses and plaintext passwords. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 763124

Acquisition Date: 2018-10-10T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 0

Acquisition Date: 2016-11-27T00:00:00Z

Site: K-Vrachu

Description: In January 2016, K-Vrachu's database was allegedly breached. The stolen data contains usernames, passwords, and emails. This breach is being privately shared on the darknet.

Passwords: 463421

Acquisition Date: 2018-01-04T00:00:00Z

Site: A Bounce for All Ages

Description: At an unconfirmed date, a Bounce for All Ages's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 20

Acquisition Date: 2018-01-01T00:00:00Z

Site: GiaTri.com

Description: At an unconfirmed date, GiaTri.com's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 154804

Acquisition Date: 2018-01-11T00:00:00Z

Site: Community News Contest

Description: In 2017, Community News Contest's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 126942

Acquisition Date: 2018-01-10T00:00:00Z

Site: MeeMira

Description: At an unconfirmed date, MeeMira's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 24929

Acquisition Date: 2018-01-10T00:00:00Z

Site: Huahan Culture

Description: At an unconfirmed date, Huahan Culture's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 10946

Acquisition Date: 2018-01-08T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 190175

Acquisition Date: 2018-01-09T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 45295

Acquisition Date: 2018-01-09T00:00:00Z

Site: Librairie Archimede

Description: In November 2017, Librairie Archimede's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 22610

Acquisition Date: 2018-01-10T00:00:00Z

Site: Free Au Pairs

Description: In January 2017, Free Au Pairs's database was allegedly breached. The stolen data contains IPs, plaintext passwords, emails and additional personal information. This breach is being publicly shared on the darknet.

Passwords: 173034

Acquisition Date: 2018-01-09T00:00:00Z

Site: SimpleMinecraft.ru

Description: At an unconfirmed date, SimpleMinecraft.ru's database was allegedly breached. The stolen data contains passwords, emails and additional personal information. This breach is being publicly shared on the darknet.

Passwords: 501549

Acquisition Date: 2018-01-09T00:00:00Z

Site: List of Records from Coupon Mom and Armor Games

Description: In 2014, this list of records surfaced online as an alleged breach of Coupon Mom's user database. However, further investigation into the data found that some of the records had also been sourced from Armor Games. Additionally, Coupon Mom and Armor Games both reported that the stolen data did not represent the entirety of either one of the organizations' user databases. The data began circulating publicly in early 2015.

Passwords: 11030676

Acquisition Date: 2018-01-12T00:00:00Z

Site: TheTVDB

Description: In October 2017, TheTVDB's database was allegedly breached. The stolen data contains usernames, passwords, and emails. This breach is being publicly shared on the darknet.

Passwords: 188698

Acquisition Date: 2018-01-08T00:00:00Z

Site: Click Voyager

Description: In 2017, Click Voyager's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 124356

Acquisition Date: 2018-01-11T00:00:00Z

Site: PaperPk

Description: In 2017, PaperPk's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 197328

Acquisition Date: 2018-01-09T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 53353

Acquisition Date: 2018-01-12T00:00:00Z

Site: Abandonia Forums

Description: At an unconfirmed date, Abandonia Forums's database was allegedly breached. The stolen data contains usernames, passwords, emails and additional personal information. This breach is being privately shared on the darknet.

Passwords: 279921

Acquisition Date: 2018-01-12T00:00:00Z

Site: CrackedSoftwares

Description: In January 2010, CrackedSoftwares's database was allegedly breached, potentially due to a vulnerability in vbulletin. The stolen data contains usernames, IPs, passwords, salts, and emails. This breach is being privately shared on the darknet.

Passwords: 63455

Acquisition Date: 2018-01-10T00:00:00Z

Site: Cafe Mom

Description: In 2014, Cafe Mom's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 2628141

Acquisition Date: 2018-01-09T00:00:00Z

Site: VenDepot

Description: At an unconfirmed date, VenDepot's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 522350

Acquisition Date: 2018-01-10T00:00:00Z

Site: Christmas Time UK

Description: In 2017, Christmas Time UK's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 91249

Acquisition Date: 2018-01-10T00:00:00Z

Site: The University of Mississippi - Go!

Description: In 2017, The University of Mississippi - Go!'s database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 3260

Acquisition Date: 2018-01-10T00:00:00Z

Site: Turk-Internet

Description: In 2017, Turk-Internet's database was allegedly breached. The stolen data contains usernames, IPs, passwords, emails and additional personal information. This breach is being privately shared on the darknet.

Passwords: 34033

Acquisition Date: 2017-08-05T00:00:00Z

Site: RootsWeb

Description: In August 2017, RootsWeb's database was allegedly breached due to a SQLi vulnerability. The stolen data contains usernames and plaintext passwords. This breach is being privately shared on the darknet.

Passwords: 301370

Acquisition Date: 2018-01-10T00:00:00Z

Site: PlanetFeedback

Description: In 2017, PlanetFeedback's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 122643

Acquisition Date: 2018-01-12T00:00:00Z

Site: Prdo.ru

Description: In 2017, Prdo.ru's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 100595

Acquisition Date: 2018-01-03T00:00:00Z

Site: SC Daily Phone Spam List

Description: In 2015, a spam list popularly known as the "SC Daily Phone Spam List" was leaked publicly online. The list included the names, IP addresses, genders, birth dates, and phone numbers of over 33 million individuals.

Passwords: 0

Acquisition Date: 2018-01-08T00:00:00Z

Site: 36FM

Description: In January 2012, 36FM's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and emails. This breach is being privately shared on the darknet.

Passwords: 89

Acquisition Date: 2018-01-11T00:00:00Z

Site: Find a Carer

Description: At an unconfirmed date, Find a Carer's database was allegedly breached. The stolen data contains passwords and emails. This breach is being privately shared on the darknet.

Passwords: 15336

Acquisition Date: 2018-01-12T00:00:00Z

Site: Ntroy

Description: In November 2015, Ntroy's database was allegedly breached. The stolen data contains usernames, passwords, salts, emails and additional personal information. This breach is being privately shared on the darknet.

Passwords: 14884

Acquisition Date: 2018-01-08T00:00:00Z

Site: Army Force Warland

Description: In 2017, Army Force Warland's database was allegedly breached. The stolen data contains passwords and emails. This breach is being publicly shared on the darknet.

Passwords: 456132

Acquisition Date: 2018-01-11T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 528686

Acquisition Date: 2018-01-09T00:00:00Z

Site: Kompa! Magazine

Description: In October 2016, Kompa! Magazine's database was allegedly breached. The stolen data contains MD5-hashed passwords and emails. This breach is being publicly shared on the darknet.

Passwords: 882732

Acquisition Date: 2018-01-01T00:00:00Z

Site: 4Teens Forum

Description: In January 2010, 4Teens Forum's database was allegedly breached. The stolen data contains usernames, passwords, and emails. This breach is being privately shared on the darknet.

Passwords: 47242

Acquisition Date: 2018-01-12T00:00:00Z

Site: Widespread Forums

Description: In February 2016, Widespread Forums' database was allegedly breached. The stolen data contains usernames, passwords, IPs, salts, emails and additional personal information. This breach is being privately shared on the darknet.

Passwords: 44

Acquisition Date: 2018-01-08T00:00:00Z

Site: WinPrizesOnline.com

Description: In 2017, WinPrizesOnline.com's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 132364

Acquisition Date: 2018-01-08T00:00:00Z

Site: Online Casino Schule

Description: In January 2017, Online Casino Schule's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being publicly shared on the darknet.

Passwords: 24718

Acquisition Date: 2018-01-09T00:00:00Z

Site: ItaliansOnline

Description: In 2017, ItaliansOnline's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 146853

Acquisition Date: 2018-01-12T00:00:00Z

Site: Awesome Forums

Description: At an unconfirmed date, Awesome Forums's database was allegedly breached. The stolen data contains usernames, passwords, salts, emails and additional personal information. This breach is being publicly shared on the darknet.

Passwords: 280

Acquisition Date: 2018-01-10T00:00:00Z

Site: InMatri

Description: In 2017, InMatri's database was allegedly breached. The stolen data contains plaintext passwords and emails. This breach is being privately shared on the darknet.

Passwords: 215314

Acquisition Date: 2018-01-09T00:00:00Z

Site: ".org" Email Addresses Combolist

Description: This combolist was likely compiled from a variety of private and public breaches, and this particular list is made up solely of ".org" email addresses and passwords. Threat actors are actively using this list to gain access to sites using credential stuffing tools.

Passwords: 1279947

Acquisition Date: 2018-01-05T00:00:00Z

Site: GameTutor

Description: At an unconfirmed date, GameTutor's database was allegedly breached. The stolen data contains usernames and plaintext passwords. This breach is being privately shared on the darknet.

Passwords: 772523

Acquisition Date: 2018-01-09T00:00:00Z

Site: LA2.Forum.Raid.ru

Description: In April 2008, LA2.Forum.Raid.ru's database was allegedly breached. The stolen data contains usernames, passwords, salts, and emails. This breach is being privately shared on the darknet.

Passwords: 24628

Acquisition Date: 2018-01-08T00:00:00Z

Site: La Republica Dominicana Forum

Description: In January 2012, La Republica Dominicana Forum's database was allegedly breached. The stolen data contains usernames, MD5-hashed passwords, and emails. This breach is being publicly shared on the darknet.

Passwords: 3277

Acquisition Date: 2018-01-08T00:00:00Z

Site: RealModScene

Description: In January 2014, RealModScene's database was allegedly breached. The stolen data contains usernames, IPs, passwords, salts, emails and additional personal information. This breach is being privately shared on the darknet.

Passwords: 14758

Acquisition Date: 2018-01-09T00:00:00Z

Site: MarketDownload

Description: In January 2017, MarketDownload's database was allegedly breached. The stolen data contains passwords and emails. This breach is being publicly shared on the darknet.

Passwords: 167533

Acquisition Date: 2018-01-08T00:00:00Z

Site: Private Combolist of Russian Email Addresses

Description: This combolist was compiled from a variety of private and public breaches and contains a mix of Russian hosted email addresses. Threat actors are actively using this list to gain access to sites using credential stuffing tools. This combolist is being shared privately online.

Passwords: 131108

Acquisition Date: 2017-11-29T00:00:00Z

Site: Maedla

Description: At an unconfirmed date, Maedla's user database was allegedly breached. The stolen data contains 9,300 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 9373

Acquisition Date: 2017-11-30T00:00:00Z

Site: JobsBank

Description: At an unconfirmed date, Jobs-Bank's user database was allegedly breached. The stolen data contains 150,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 150110

Acquisition Date: 2017-11-16T00:00:00Z

Site: Local Dedicated

Description: In January 2016, Local Dedicated's user database was allegedly breached. The stolen data contains user records including email addresses, usernames, passwords, and full names. The compromised data is being shared privately on the darknet.

Passwords: 11

Acquisition Date: 2017-11-28T00:00:00Z

Site: WoW Mania

Description: In July 2017, WoW-Mania's user database was allegedly breached. The stolen data contains 73,000 records including email addresses, usernames, and SHA-1 hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 73763

Acquisition Date: 2017-11-22T00:00:00Z

Site: R2 Games Spain

Description: In March 2017, the user database of R2 Games? Spanish forum was allegedly breached. Along with this site, R2 Games? English, Russian, German, French, Brazillian, Arabic, and Turkish forums were allegedly attacked as well. The stolen data contains 14,000 records including email addresses, passwords, and salts. In October 2017, the data was shared publicly on a popular hacker site by the actor Hydra666.

Passwords: 14750

Acquisition Date: 2017-11-27T00:00:00Z

Site: Creo Community

Description: At an unconfirmed date, Creo Community's user database was allegedly breached. The stolen data contains 479,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 319366

Acquisition Date: 2017-11-29T00:00:00Z

Site: Box.sk

Description: At an unconfirmed date, Titles.Box.sk's user database was allegedly breached. The stolen data contains 262,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 262318

Acquisition Date: 2017-11-23T00:00:00Z

Site: The Ladder of Wesnoth

Description: In September 2015, The Ladder of Wesnoth's user database was allegedly breached. The stolen data contains 6,500 records including email addresses, usernames, and MD5 hashed passwords. In January 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 6114

Acquisition Date: 2017-11-22T00:00:00Z

Site: R2 Games Brazil

Description: In March 2017, the user database of R2 Games? Brazilian forum was allegedly breached. Along with this site, R2 Games? English, Russian, German, French, Spanish, Arabic, and Turkish forums were allegedly attacked as well. The stolen data contains 30,000 records including email addresses, passwords, and salts. In October 2017, the data was shared publicly on a popular hacker site by the actor Hydra666.

Passwords: 30848

Acquisition Date: 2017-11-23T00:00:00Z

Site: Pop Report

Description: At an unconfirmed date, Pop Report's user database was allegedly breached. The stolen data contains 22,000 records including email addresses and MD5-hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 22935

Acquisition Date: 2017-11-30T00:00:00Z

Site: La Revue du Praticien

Description: At an unconfirmed date, La Revue du Praticien's user database was allegedly breached. The stolen data contains 206,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 206358

Acquisition Date: 2017-11-28T00:00:00Z

Site: BootlegZone

Description: At an unconfirmed date, BootlegZone's user database was allegedly breached. The stolen data contains 146,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 146179

Acquisition Date: 2017-11-24T00:00:00Z

Site: Topkoo

Description: In October 2017, Topkoo.fr's user database was allegedly breached. The stolen data contains 97,000 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 97851

Acquisition Date: 2017-11-24T00:00:00Z

Site: Calligaris

Description: At an unconfirmed date, Calligaris' user database was allegedly breached. The stolen data contains 162,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 162117

Acquisition Date: 2017-11-18T00:00:00Z

Site: Microsoft Email Services Combolist

Description: This combolist was likely compiled in 2017 from a variety of private and public breaches, and it contains over 500,000 email and password records. It is believed that this list was put together with Netflix as a target. Threat actors are actively using this list to gain access to sites using credential stuffing tools.

Passwords: 500140

Acquisition Date: 2017-11-24T00:00:00Z

Site: Search for Sites

Description: At an unconfirmed date, SearchForSites' user database was allegedly breached. The stolen data contains 4,900 records including email addresses, usernames, SHA-1 hashed passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 4975

Acquisition Date: 2017-11-24T00:00:00Z

Site: Industrial Reviews

Description: In 2017, Industrial Reviews' user database was allegedly breached. The stolen data contains 58,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 58209

Acquisition Date: 2017-11-27T00:00:00Z

Site: Sciax2

Description: At an unconfirmed date, Sciax2's user database was allegedly breached. The stolen data contains 185,000 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 184996

Acquisition Date: 2017-11-22T00:00:00Z

Site: R2 Games Turkey

Description: In March 2017, the user database of R2 Games? Turkish forum was allegedly breached. Along with this site, R2 Games? English, Russian, German, French, Spanish, Arabic, and Brazillian forums were allegedly attacked as well. The stolen data contains 22,000 records including email addresses, passwords, and salts. In October 2017, the data was shared publicly on a popular hacker site by the actor Hydra666.

Passwords: 12498

Acquisition Date: 2017-11-24T00:00:00Z

Site: IndianMoney

Description: At an unconfirmed date, IndianMoney's user database was allegedly breached. The stolen data contains 266,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 262418

Acquisition Date: 2017-11-17T00:00:00Z

Site: XR Shell Booter

Description: In April 2012, XR Shell Booter's user database was allegedly breached. The stolen data contains 370 records including email addresses, usernames, and passwords. In November 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 374

Acquisition Date: 2017-11-14T00:00:00Z

Site: The University of California at San Diego Telephone and Email Directory

Description: At an unconfirmed date, the University of California at San Diego Telephone and Email Directory database was allegedly breached. The stolen data contains 23,000 records including email addresses and full names. The compromised data is being shared privately on the darknet.

Passwords: 0

Acquisition Date: 2017-11-28T00:00:00Z

Site: SonicStream

Description: At an unconfirmed date, SonicStream.tv's user database was allegedly breached. The stolen data contains 61,000 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 61411

Acquisition Date: 2017-11-23T00:00:00Z

Site: VuiLen

Description: At an unconfirmed date, VuiLen's user database was allegedly breached. The stolen data contains over 290,000 records including email addresses and hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 291015

Acquisition Date: 2017-11-16T00:00:00Z

Site: Whitelisted

Description: At an unconfirmed date, Whitelisted.org's user database was allegedly breached. The stolen data contains 920 records including email addresses. In July 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 0

Acquisition Date: 2017-11-16T00:00:00Z

Site: Pony Trojan Botnet

Description: The Pony Trojan botnet is a credential stealing malware that is delivered primarily through email and messaging spamming campaigns. Once infected, a compromised computer sends the user's stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 44457

Acquisition Date: 2017-11-13T00:00:00Z

Site: Planet Minecraft

Description: At an unconfirmed date, Planet Minecraft's user database was allegedly breached. The stolen data contains 403,000 records including usernames and MD5 hashed passwords. In November 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 403381

Acquisition Date: 2017-11-15T00:00:00Z

Site: Rail Nation

Description: In January 2015, Rail Nation's user database was allegedly breached. The stolen data contains 9,300 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 9386

Acquisition Date: 2017-11-17T00:00:00Z

Site: Gratis Bio

Description: In January 2012, GratisBio's user database was allegedly breached. The stolen data contains 191,000 records including email addresses and plaintext passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 191458

Acquisition Date: 2017-11-14T00:00:00Z

Site: JavaPoint

Description: In July 2017, JavaPoint's user database was allegedly breached. The stolen data contains 30,000 records including email addresses and passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 30059

Acquisition Date: 2017-11-14T00:00:00Z

Site: Integrated for Training

Description: At an unconfirmed date, Integrated for Training's user database was allegedly breached. The stolen data contains 2,400 records including email addresses, usernames, and passwords. In January 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 2437

Acquisition Date: 2017-11-17T00:00:00Z

Site: ELEX Game

Description: In April 2016, ELEX Game's user database was allegedly breached. The stolen data contains 850 records including email addresses, usernames, passwords, and salts. In July 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 855

Acquisition Date: 2017-11-16T00:00:00Z

Site: BTC4Free

Description: In January 2014, BTC4Free.com's user database was allegedly breached. The stolen data contains 20,000 records including email addresses and plaintext passwords. In June 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 20006

Acquisition Date: 2017-11-15T00:00:00Z

Site: Howzit

Description: In September 2017, Howzit's user database was allegedly breached by actor kidpk, and on the same day the actor leaked the data publicly on Raid Forums. Kidpk claims to have cracked all of the passwords from this database himself. The stolen data contains 252,000 records including email addresses, usernames, and passwords.

Passwords: 149459

Acquisition Date: 2017-11-13T00:00:00Z

Site: OS-Scape

Description: In June 2017, OS-Scape's user database was allegedly breached by an actor named XenonCoder. The stolen data contains 3,600 records including email addresses, usernames, passwords, salts, and full names. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 3606

Acquisition Date: 2017-11-14T00:00:00Z

Site: ShareCash

Description: In January 2016, ShareCash's user database was allegedly breached. The stolen data contains 45,000 records including email addresses, usernames, and MD5-hashed passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 45058

Acquisition Date: 2017-11-15T00:00:00Z

Site: Party Click

Description: In January 2015, Party Click's user database was allegedly breached. The stolen data contains 680 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 683

Acquisition Date: 2017-11-15T00:00:00Z

Site: Opticraft

Description: In May 2015, Opticraft's user database was allegedly breached. The stolen data contains 42,000 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 42093

Acquisition Date: 2017-11-17T00:00:00Z

Site: FileIce

Description: In January 2015, FileIce's user database was allegedly breached. The stolen data contains 5,000 records including email addresses, usernames, and passwords. In December 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 5013

Acquisition Date: 2017-11-14T00:00:00Z

Site: RS Boards

Description: In August 2013, RSBoards' user database was allegedly breached. The stolen data contains 224,000 records including email addresses, usernames, passwords, and salts. In January 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 224474

Acquisition Date: 2017-11-15T00:00:00Z

Site: Nodus Minecraft Client

Description: In December 2012, Nodus Minecraft Client's user database was allegedly breached. The stolen data contains 50,000 records including email addresses, usernames, passwords, and salts. In December 2014, the data was shared publicly on a few hacker sites and forums.

Passwords: 50422

Acquisition Date: 2017-11-16T00:00:00Z

Site: Epic Bot

Description: In January 2016, EpicBot's user database was allegedly breached. The stolen data contains 40,000 records including email addresses, usernames, passwords, and salts. In January 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 40445

Acquisition Date: 2017-11-13T00:00:00Z

Site: StreamScene

Description: In January 2012, De.SteamScene.cc's user database was allegedly breached. The stolen data contains 720 records including email addresses, usernames, passwords, and salts. In February 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 722

Acquisition Date: 2017-11-13T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 9422

Acquisition Date: 2017-11-13T00:00:00Z

Site: QPang Reborn

Description: In January 2015, QPang Reborn's user database was allegedly breached. The stolen data contains 1,400 records including usernames and passwords. The compromised data is being shared privately on the darknet.

Passwords: 1460

Acquisition Date: 2017-11-16T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 199

Acquisition Date: 2017-11-21T00:00:00Z

Site: Campus Services at Mississippi State University

Description: At an unconfirmed date, Campus Services at Mississippi State University's user database was allegedly breached. The stolen data contains 31,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 31147

Acquisition Date: 2017-11-23T00:00:00Z

Site: 99Fame

Description: In February 2016, 99Fame's user database was allegedly breached due to a SQLi vulnerability by actor SonnySpooks. The stolen data contains 1,100 records including email addresses, usernames, and passwords. In February 2016, the data was shared publicly on hacker leak-sharing site Siph0n.

Passwords: 1083

Acquisition Date: 2017-11-22T00:00:00Z

Site: R2 Games Arabic

Description: In March 2017, the user database of R2 Games? Arabic forum was allegedly breached. Along with this site, R2 Games? English, Russian, German, French, Spanish, Brazillian, and Turkish forums were allegedly attacked as well. The stolen data contains 286,000 records including email addresses, passwords, and salts. In October 2017, the data was shared publicly on a popular hacker site by the actor Hydra666.

Passwords: 286819

Acquisition Date: 2017-11-13T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 0

Acquisition Date: 2017-11-15T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1

Acquisition Date: 2017-11-13T00:00:00Z

Site: Moghaan

Description: At an unconfirmed date, Moghaan's user database was allegedly breached. The stolen data contains 200 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 199

Acquisition Date: 2017-11-23T00:00:00Z

Site: 2017 Netflix Combolist

Description: This combolist was likely compiled in 2017 from a variety of private and public breaches, and it contains over 474,000 email and password records. It is assumed that this list was put together with Netflix as a target. Threat actors are actively using this list to gain access to sites using credential stuffing tools.

Passwords: 473373

Acquisition Date: 2017-11-20T00:00:00Z

Site: Rose India

Description: At an unconfirmed date, Rose India's user database was allegedly breached. The stolen data contains 1,280,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 1284467

Acquisition Date: 2017-11-13T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 2318344

Acquisition Date: 2017-11-21T00:00:00Z

Site: New Job Solution

Description: At an unconfirmed date, New Job Solution's user database was allegedly breached. The stolen data contains 147,000 records including email addresses and full names. In September 2017, the data was shared publicly on a popular hacker forum by actor darknightanonib.

Passwords: 0

Acquisition Date: 2017-11-17T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 51

Acquisition Date: 2017-11-20T00:00:00Z

Site: Imgur

Description: In October 2013, Imgur's user database was allegedly breached. The stolen data contains 1,750,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 1751140

Acquisition Date: 2017-11-25T00:00:00Z

Site: VisualShows

Description: At an unconfirmed date, VisualShows' user database was allegedly breached. The stolen data contains 169,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 169151

Acquisition Date: 2017-11-23T00:00:00Z

Site: Innolife

Description: At an unconfirmed date, Innolife's user database was allegedly breached. The stolen data contains 211,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 207635

Acquisition Date: 2017-11-24T00:00:00Z

Site: Nidink Games

Description: At an unconfirmed date, Nidink Games' user database was allegedly breached. The stolen data contains 48,000 records including email addresses, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 48760

Acquisition Date: 2017-11-18T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 329

Acquisition Date: 2017-11-15T00:00:00Z

Site: The Impression Archive

Description: At an unconfirmed date, The Impression Archive's user database was allegedly breached. The stolen data contains 740 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 737

Acquisition Date: 2017-11-24T00:00:00Z

Site: 360 Icons

Description: At an unconfirmed date, 360 Icons' user database was allegedly breached. The stolen data contains 13,000 records including email addresses, usernames, passwords, and salts. In May 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 13969

Acquisition Date: 2017-11-21T00:00:00Z

Site: Yona Ke Yona (YFM)

Description: At an unconfirmed date, Yona Ke Yona's user database was allegedly breached. The stolen data contains 133,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet

Passwords: 133276

Acquisition Date: 2017-11-22T00:00:00Z

Site: Shotbow

Description: In April 2016, Shotbow's user database was allegedly breached. The stolen data contains 1,050,000 records including email addresses, usernames, and SHA-256 hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 1052837

Acquisition Date: 2017-11-14T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 29390

Acquisition Date: 2017-11-20T00:00:00Z

Site: Premium Outlets Japan

Description: At an unconfirmed date, Premium Outlets Japan's user database was allegedly breached. The stolen data contains 348,000 records including email addresses and plaintext passwords. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 347198

Acquisition Date: 2017-11-22T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 65600

Acquisition Date: 2017-11-25T00:00:00Z

Site: THC Talk

Description: In January 2017, THCTalk's user database was allegedly breached. The stolen data contains 79,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 79737

Acquisition Date: 2017-11-16T00:00:00Z

Site: YOU Broadband

Description: At an unconfirmed date, YOU Broadband's user database was allegedly breached. The stolen data contains user records including email addresses, usernames, passwords, and full names. The compromised data is being shared privately on the darknet.

Passwords: 13

Acquisition Date: 2017-11-22T00:00:00Z

Site: ScreenBlaze

Description: At an unconfirmed date, ScreenBlaze's user database was allegedly breached. The stolen data contains 133,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 252713

Acquisition Date: 2017-11-21T00:00:00Z

Site: Gameguru Mania

Description: At an unconfirmed date, Gameguru Mania's user database was allegedly breached. The stolen data contains 328,000 records including email addresses and passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 328266

Acquisition Date: 2017-11-25T00:00:00Z

Site: Call of Gods

Description: In February 2017, Call of Gods' user database was allegedly breached due to a vBulletin vulnerability. The stolen data contains 635,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 635392

Acquisition Date: 2017-11-24T00:00:00Z

Site: 4OEM

Description: In July 2017, 4OEM's user database was allegedly breached. The stolen data contains 392,000 records including email addresses and passwords. In July 2017, the data was shared publicly on a popular hacker forum by the actor tysonbite1313.

Passwords: 392442

Acquisition Date: 2017-11-14T00:00:00Z

Site: TheBot.net

Description: At an unconfirmed date, TheBot.net's user database was allegedly breached. The stolen data contains 19,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 19408

Acquisition Date: 2017-11-22T00:00:00Z

Site: 1337 Crew

Description: At an unconfirmed date, 1337 Crew's member database was allegedly breached. The stolen data contains 18,000 records including email addresses and usernames. In December 2016, the data was shared publicly on hacker leak site Siph0n.

Passwords: 3758

Acquisition Date: 2017-11-20T00:00:00Z

Site: Rediff Mail

Description: At an unconfirmed date, Rediff Mail's user database was allegedly breached. The stolen data contains 561,000 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 561540

Acquisition Date: 2017-12-01T00:00:00Z

Site: ".it" Email Addresses Combolist

Description: This combolist was likely compiled sometime in 2017 from a variety of private and public breaches, and it contains a over 2.2 million ".it" email addresses and password records. Threat actors are actively using this list to gain access to sites using credential stuffing tools.

Passwords: 2249626

Acquisition Date: 2017-11-27T00:00:00Z

Site: Pooying Naka

Description: At an unconfirmed date, Pooying Naka's user database was allegedly breached. The stolen data contains 39,000 records including email addresses and MD5-hashed passwords. In November 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 39109

Acquisition Date: 2017-12-04T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. The particular botnet had stolen over 83,000 records. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 52472

Acquisition Date: 2017-11-27T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 16050859

Acquisition Date: 2017-12-01T00:00:00Z

Site: Chaotic Impulse

Description: In August 2017, Chaotic Impulse's user database was allegedly breached. The stolen data contains 10,000 records including email addresses, usernames, and passwords. In August 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 10228

Acquisition Date: 2015-08-01T00:00:00Z

Site: GL Webmailer

Description: This list is made up of email addresses, passwords, and some other personal information compiled from a number of public and private breaches as well as other open-source resources. These kinds of spam lists are often used by criminals for targeted phishing and social engineering attacks. While a majority of this list is only being traded among private circles, parts of the dataset have been made public on a few forums. Yet, more often than not the public data is mistaken as originating from a different spambot.

Passwords: 181960

Acquisition Date: 2017-11-30T00:00:00Z

Site: Zybez RuneScape Community Forums

Description: In September 2014, Zybez RuneScape Community Forums' user database was allegedly breached. The stolen data contains 149,000 records including email addresses, usernames, passwords, and salts. In May 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 149606

Acquisition Date: 2017-12-01T00:00:00Z

Site: Pronostics Gratuits Turf

Description: At an unconfirmed date, Pronostics Gratuits Turf's user database was allegedly breached. The stolen data contains 58,000 records including email addresses and plaintext passwords. The compromised data is being shared privately on the darknet.

Passwords: 58480

Acquisition Date: 2017-11-28T00:00:00Z

Site: Dox Hotel

Description: In 2015, DoxHotel's user database was allegedly breached. The stolen data contains nearly 2 million records including email addresses and hashed passwords. In August 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 735710

Acquisition Date: 2017-11-27T00:00:00Z

Site: Caratulas.com

Description: In January 2017, Caratulas.com's user database was allegedly breached. The stolen data contains 127,000 records including email addresses and passwords. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 127364

Acquisition Date: 2017-11-28T00:00:00Z

Site: Th Jardins

Description: In January 2017, Th Jardins' user database was allegedly breached. The stolen data contains 22,000 records including email addresses and MD5-hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 22112

Acquisition Date: 2017-11-07T00:00:00Z

Site: Retail Grocery Inventory Specialist

Description: In 2015, RGIS' user database was allegedly breached. The stolen data contains 9,300 records including email addresses, passwords, and IP addresses. The compromised data is being shared privately on the darknet.

Passwords: 1986

Acquisition Date: 2017-11-06T00:00:00Z

Site: CorruptionX

Description: In October 2014, CorruptionX's user database was allegedly breached. The stolen data contains 113,000 records including email addresses, usernames, passwords, and salts. In April 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 113481

Acquisition Date: 2017-11-07T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 49132

Acquisition Date: 2017-11-09T00:00:00Z

Site: Warmane Forums

Description: At an unconfirmed date, the Warmane.com forum database was allegedly breached. The stolen data contains 1,110,000 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 1118753

Acquisition Date: 2017-11-06T00:00:00Z

Site: Symbolic Service Mind Co., Ltd.

Description: At an unconfirmed date, Symbolic Service Mind Co., Ltd.'s user database was allegedly breached. The stolen data contains 5,900 records including email addresses and passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 5938

Acquisition Date: 2017-11-11T00:00:00Z

Site: British Gas

Description: In October 2015, British Gas' user database was allegedly breached. Research has shown that this data may not have indeed been acquired through a breach of British Gas' infrastructure, but it may rather have been compiled from previous other databases. The stolen data contains 2,300 records including email addresses and passwords. In October 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 2399

Acquisition Date: 2017-11-07T00:00:00Z

Site: SG-Forum

Description: At an unconfirmed date, SG-Forum's user database was allegedly breached due to an vBulletin vulnerability. The stolen data contains 105,000 records including email addresses, usernames, passwords, and salts. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 105344

Acquisition Date: 2017-11-06T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 101964

Acquisition Date: 2017-11-08T00:00:00Z

Site: AllAboutTheGames

Description: In May 2016, AllAboutTheGames' user database was allegedly breached. The stolen data contains 1,100 records including email addresses and passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 1145

Acquisition Date: 2017-11-07T00:00:00Z

Site: Eazy Subs

Description: In October 2011, EazySubs' user database was allegedly breached. The stolen data contains 80,000 records including email addresses, usernames, passwords, and salts. In January 2012, the data was shared publicly on a few hacker sites and forums.

Passwords: 40393

Acquisition Date: 2017-11-12T00:00:00Z

Site: Codemasters Software Company Limited

Description: In June 2011, Codemasters Software Company Limited's user database was allegedly breached. The stolen data contains 56,000 records including email addresses, usernames, and passwords. In July 2011, the data was shared publicly on a few hacker sites and forums.

Passwords: 56763

Acquisition Date: 2017-11-06T00:00:00Z

Site: EnhanceViews

Description: In September 2013, EnhanceViews' user database was allegedly breached due to a SQLi vulnerability. The stolen data contains 21,000 records including email addresses, usernames, passwords, and salts. In August 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 21496

Acquisition Date: 2017-11-08T00:00:00Z

Site: Frontalot

Description: In February 2015, Frontalot.com's user database was allegedly breached. The stolen data was made public on a few hacker sites and paste sites in December 2016.

Passwords: 66620

Acquisition Date: 2017-11-08T00:00:00Z

Site: The Higher Education Commission of Pakistan

Description: In July 2013, The Higher Education Commission of Pakistan's user database was allegedly breached by the pro-Israeli hacking group Hackerstz. The stolen data contains 21,000 records including email addresses, passwords, and full names. In July 2013, the data was shared publicly on Pastebin.

Passwords: 21371

Acquisition Date: 2017-11-09T00:00:00Z

Site: RealityBB

Description: In January 2016, RealityBB's user database was allegedly breached. The stolen data contains 6,500 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 6534

Acquisition Date: 2017-11-09T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 172982

Acquisition Date: 2017-11-07T00:00:00Z

Site: Net-Chess

Description: At an unconfirmed date, Net-Chess' user database was allegedly breached. The stolen data contains 39,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 39813

Acquisition Date: 2017-11-08T00:00:00Z

Site: 2FlashGames

Description: At an unconfirmed date, 2FlashGames.com's user database was allegedly breached. The stolen data contains 2,900 records including email addresses and passwords. In January 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 2914

Acquisition Date: 2017-11-07T00:00:00Z

Site: MeraCRM

Description: At an unconfirmed date, MeraCRM's user database was allegedly breached. The stolen data contains 170 records including email addresses, passwords, and full names. The compromised data is being shared privately on the darknet.

Passwords: 96

Acquisition Date: 2017-11-10T00:00:00Z

Site: BotWith.me

Description: In October 2015, BotWith.me's user database was allegedly breached. The stolen data contains 1,000 records including email addresses, usernames, passwords, and salts. In January 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 1041

Acquisition Date: 2017-11-11T00:00:00Z

Site: XP Game Saves

Description: In January 2016, XPGameSaves' user database was allegedly breached. The stolen data contains 3,000 records including email addresses, usernames, passwords, and salts. In May 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 3042

Acquisition Date: 2017-11-09T00:00:00Z

Site: Cartesia

Description: In October 2015, Cartesia's user database was allegedly breached. The stolen data contains 1,400 records including email addresses and passwords. In January 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 1401

Acquisition Date: 2017-11-12T00:00:00Z

Site: VB Team

Description: In September 2011, Vbteam.info's user database was allegedly breached by the actor "Why So Serious". The stolen data contains 67,000 records including email addresses, usernames, passwords, and salts. In September 2011, the data was shared publicly on Pastebin.

Passwords: 67811

Acquisition Date: 2017-11-12T00:00:00Z

Site: J Games

Description: In September 2017, J Games' user database was allegedly breached. The stolen data contains 2,900 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 2605

Acquisition Date: 2017-11-10T00:00:00Z

Site: ABCDomain

Description: In February 2013, this ABCDomain's user database was allegedly breached. The stolen data contains 1,800 records including email addresses and passwords. In November 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 1844

Acquisition Date: 2017-11-10T00:00:00Z

Site: News of Legends

Description: In December 2015, NewsOfLegends' user database was allegedly breached. The stolen data contains 71,000 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 71803

Acquisition Date: 2017-11-11T00:00:00Z

Site: AimJunkies

Description: At an unconfirmed date, AimJunkies' user database was allegedly breached. The stolen data contains 164,000 records including email addresses and passwords. In October 2014, the data was shared publicly on a few hacker sites and forums.

Passwords: 164260

Acquisition Date: 2017-11-12T00:00:00Z

Site: SpyProof VPN

Description: In November 2015, SpyProof VPN's user database was allegedly breached. The stolen data contains 3,500 records including email addresses, usernames, and passwords. In January 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 3568

Acquisition Date: 2017-11-06T00:00:00Z

Site: Instant Checkmate

Description: In January 2016, Instant Checkmate's user database was allegedly breached. The stolen data contains 270,000 records including email addresses and full names. In November 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 0

Acquisition Date: 2017-11-07T00:00:00Z

Site: BlazingVPS

Description: In May 2015, BlazingVPS' user database was allegedly breached. The stolen data contains 470 records including email addresses, passwords, salts, and full names. In April 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 471

Acquisition Date: 2017-11-11T00:00:00Z

Site: The Web Design Forum

Description: In March 2016, The Web Design Forum's user database was allegedly breached. The stolen data contains 2,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 2057

Acquisition Date: 2017-11-07T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 7445

Acquisition Date: 2017-11-09T00:00:00Z

Site: Fireworks Forum

Description: In January 2016, Fireworks Forum's user database was allegedly breached. The stolen data contains 3,200 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 3292

Acquisition Date: 2017-11-10T00:00:00Z

Site: GamePhics

Description: In January 2013, GamePhics' user database was allegedly breached. The stolen data contains 1,500 records including email addresses, usernames, and passwords. In April 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 1595

Acquisition Date: 2017-11-12T00:00:00Z

Site: NeverEndless

Description: In August 2017, NeverEndless' user database was allegedly breached. The stolen data contains 76,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 76038

Acquisition Date: 2017-11-10T00:00:00Z

Site: The Chatter Tzu

Description: In November 2014, The Chatter Tzu's user database was allegedly breached. The stolen data contains 56,000 records including email addresses, usernames, passwords, and salts. In May 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 56676

Acquisition Date: 2017-11-08T00:00:00Z

Site: The European Society for the History of Economic Thought

Description: In January 2016, The European Society for the History of Economic Thought's user database was allegedly breached. The stolen data contains 1,400 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 1448

Acquisition Date: 2017-11-11T00:00:00Z

Site: Unique Crew

Description: In October 2011, Unique-Crew's user database was allegedly breached. The stolen data contains 4,300 records including email addresses, usernames, passwords, and salts. In April 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 4381

Acquisition Date: 2017-10-16T00:00:00Z

Site: JobStreet

Description: Online recruitment site JobStreet was allegedly breached on an unconfirmed date. The stolen data contained over 15 million records including email addresses, passwords, and full names. In October 2017, the data was shared publicly a few publicly available underground forums.

Passwords: 15773353

Acquisition Date: 2017-10-16T00:00:00Z

Site: JobThaiWeb

Description: In January 2017, JobThaiWeb.com's user database was allegedly breached. The stolen data contains 421,000 records including email addresses and passwords. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 420466

Acquisition Date: 2017-10-22T00:00:00Z

Site: Independent Workers' Portal of the Civil Service Corps

Description: In January 2012, Independent Workers' Portal of the Civil Service Corps' user database was allegedly breached. The stolen data contains 2,400 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 2480

Acquisition Date: 2017-10-19T00:00:00Z

Site: DeluXe Host

Description: In January 2012, DeluXe Host's user database was allegedly breached. The stolen data contains 110 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 119

Acquisition Date: 2017-10-20T00:00:00Z

Site: Rune Live

Description: In March 2017, RuneLive's user database was allegedly breached by an actor named "Umran". The stolen data contains 9,600 records including email addresses, usernames, hashed passwords, and salts. In September 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 9066

Acquisition Date: 2017-10-24T00:00:00Z

Site: 007

Description: At an unconfirmed date, 007's user database was allegedly breached. The stolen data contains 5,300 records including email addresses, usernames, and hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 5328

Acquisition Date: 2017-10-19T00:00:00Z

Site: Trakt

Description: In December 2014, Trakt's user database was allegedly breached. The stolen data contains 787,000 records including email addresses, usernames, passwords, and full names. The compromised data is being shared privately on the darknet.

Passwords: 787013

Acquisition Date: 2017-10-20T00:00:00Z

Site: PuntoChat (September 2017)

Description: In September 2017, PuntoChat.it's user database was allegedly breached. The stolen data contains 413,000 records including email addresses, usernames, and hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 413078

Acquisition Date: 2017-10-23T00:00:00Z

Site: Cristalix

Description: At an unconfirmed date, this site's user database was allegedly breached. The stolen data contains 72,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 72850

Acquisition Date: 2017-10-25T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 575668

Acquisition Date: 2017-10-17T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 276576

Acquisition Date: 2017-10-18T00:00:00Z

Site: The Association of ERpeg and Fantasy Fans

Description: In January 2012, The Association of ERpeg and Fantasy Fans' user database was allegedly breached. The stolen data contains 560 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 568

Acquisition Date: 2017-10-15T00:00:00Z

Site: TB Dev

Description: In July 2016, TB Dev's user database was allegedly breached. The stolen data contains 21,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 21160

Acquisition Date: 2017-10-15T00:00:00Z

Site: ForumPobiedziska

Description: In January 2012, ForumPobiedziska.pl's user database was allegedly breached. The stolen data contains 4,000 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 4007

Acquisition Date: 2018-11-15T00:00:00Z

Site: Heart Unit

Description: In November 2018, Heart Unit's database was allegedly breached. The stolen data contains passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 14211

Acquisition Date: 2018-12-18T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 15743

Acquisition Date: 2018-11-15T00:00:00Z

Site: Silent Whisper

Description: In September 2006, Silent Whisper's database was allegedly breached. The stolen data contains usernames, IPs, passwords, and email addresses. This breach is being publicly shared on the internet.

Passwords: 7339

Acquisition Date: 2019-02-19T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 321453

Acquisition Date: 2019-01-18T00:00:00Z

Site: DevShed

Description: In October 2018, DevShed's database was allegedly breached. The stolen data contains usernames, passwords, and email addresses. This breach is being privately shared on the internet.

Passwords: 860578

Acquisition Date: 2019-02-26T00:00:00Z

Site: AzorUlt Botnet

Description: AzorUlt is a lesser known credential stealing botnet, also known as crimeware. This malware steals data from infected computers via web browsers and protected storage. Once infected, the computer sends the stolen data to a bot command and control (C&C) server, where the data is stored. Any credentials from this source can be assumed to already be in the hands of threat actors, and should be changed immediately.

Passwords: 15348

Acquisition Date: 2019-01-17T00:00:00Z

Site: D3Scene

Description: In January 2019, D3Scene's database was allegedly breached. The stolen data contains usernames, IPs, passwords, salts, and email addresses. This breach is being privately shared on the internet.

Passwords: 568072

Acquisition Date: 2019-02-11T00:00:00Z

Site: Gataweb

Description: In February 2016, Gataweb's database was allegedly breached. The stolen data contains passwords and email addresses. This breach is being privately shared on the internet.

Passwords: 28633

Acquisition Date: 2018-07-18T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 12423789

Acquisition Date: 2017-09-23T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 131

Acquisition Date: 2017-09-25T00:00:00Z

Site: Elala

Description: At an unconfirmed date, Elala's user database was allegedly breached. The stolen data contains 4,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 4042

Acquisition Date: 2017-09-25T00:00:00Z

Site: Preetlar

Description: At an unconfirmed date, Preetlari's user database was allegedly breached. The stolen data contains 8,700 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 8779

Acquisition Date: 2017-09-26T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 29

Acquisition Date: 2017-09-24T00:00:00Z

Site: JDE Tables

Description: At an unconfirmed date, JDE Tables' user database was allegedly breached. The stolen data contains 480 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 483

Acquisition Date: 2017-09-24T00:00:00Z

Site: Woodwind ad Bazaar

Description: At an unconfirmed date, Woodwind ad Bazaar's user database was allegedly breached. The stolen data contains 5,600 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 5632

Acquisition Date: 2017-09-23T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 295

Acquisition Date: 2017-09-24T00:00:00Z

Site: Comeon-Book

Description: At an unconfirmed date, Comeon-Book's database was allegedly breached. The stolen data contains 35,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 21201

Acquisition Date: 2017-09-26T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 3038

Acquisition Date: 2017-09-14T00:00:00Z

Site: CraftApple

Description: In June 2016, CraftApple's user database was allegedly breached. The stolen data contains 9,200 records including email addresses, usernames, passwords, and salts. In December 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 9253

Acquisition Date: 2017-09-23T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 408

Acquisition Date: 2017-09-24T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 495

Acquisition Date: 2017-09-20T00:00:00Z

Site: Onliner Spambot (August 2017)

Description: At an unconfirmed date, a misconfigured spambot leaked around 1,730,000 records. The data was available because the actors who set up the spambot incorrectly secured their servers which allowed any viewer to download to download the database. All records include email addresses while some also include associated usernames and passwords. In August 2017, the data was announced publicly.

Passwords: 1566862

Acquisition Date: 2017-09-24T00:00:00Z

Site: Roskrup

Description: At an unconfirmed date, Roskrup.ru's user database was allegedly breached. The stolen data contains 3,200 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 3268

Acquisition Date: 2017-09-24T00:00:00Z

Site: Reading Badminton Association

Description: At an unconfirmed date, Reading Badminton Association's user database was allegedly breached. The stolen data contains 2,900 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 2911

Acquisition Date: 2017-09-25T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 245

Acquisition Date: 2017-09-26T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 404062

Acquisition Date: 2017-09-23T00:00:00Z

Site: The CPA Firm Management Association (CPAFMA)

Description: At an unconfirmed date, The CPA Firm Management Association (CPAFMA)'s user database was allegedly breached. The stolen data contains 2,400 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 2495

Acquisition Date: 2017-09-26T00:00:00Z

Site: IDSon

Description: At an unconfirmed date, IDSon's user database was allegedly breached. The stolen data contains 870 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 875

Acquisition Date: 2017-09-24T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 625

Acquisition Date: 2017-09-24T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1019

Acquisition Date: 2017-09-24T00:00:00Z

Site: Finest

Description: In August 2017, Finest's user database was allegedly breached. The stolen data contains 14,000 records including email addresses, usernames, and MD5 hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 14768

Acquisition Date: 2017-09-24T00:00:00Z

Site: Stribro

Description: At an unconfirmed date, Stribro.cz's user database was allegedly breached. The stolen data contains 2,600 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 2673

Acquisition Date: 2017-09-26T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1

Acquisition Date: 2017-09-23T00:00:00Z

Site: Moustache May

Description: At an unconfirmed date, Moustache May's user database was allegedly breached. The stolen data contains 9,400 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 9404

Acquisition Date: 2017-09-24T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 3105

Acquisition Date: 2017-09-24T00:00:00Z

Site: BolsaPHP

Description: At an unconfirmed date, BolsaPHP's user database was allegedly breached. The stolen data contains 28,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 28261

Acquisition Date: 2017-09-24T00:00:00Z

Site: Oneland

Description: In December 2016, Oneland's user database was allegedly breached. The stolen data contains 125,000 records including email addresses, usernames, passwords, and salts. The compromised data is being shared privately on the darknet.

Passwords: 124417

Acquisition Date: 2017-09-24T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 5615

Acquisition Date: 2017-09-20T00:00:00Z

Site: Individual Game

Description: In April 2015, Individual-Game.ru's user database was allegedly breached. The stolen data contains 22,000 records including email addresses, usernames, and passwords. In January 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 20874

Acquisition Date: 2017-09-17T00:00:00Z

Site: Ukrainian Journal

Description: In June 2013, Ukrainian Journal's user database was allegedly breached. The stolen data contains 6,700 records including email addresses and passwords. In July 2013, the data was shared publicly on a few hacker sites and forums.

Passwords: 6785

Acquisition Date: 2017-09-25T00:00:00Z

Site: Portal Internetowy ForumBiznesu

Description: In January 2012, Portal Internetowy ForumBiznesu's user database was allegedly breached. The stolen data contains 1,700 records including email addresses, usernames, and MD5 hashed passwords. The compromised data is being shared privately on the darknet.

Passwords: 1764

Acquisition Date: 2017-09-23T00:00:00Z

Site: Jumbo UK Ltd.

Description: At an unconfirmed date, Jumbo UK Ltd.'s user database was allegedly breached. The stolen data contains 8,100 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 8007

Acquisition Date: 2017-09-23T00:00:00Z

Site: Bumwoosa

Description: At an unconfirmed date, Bumwoosa's user database was allegedly breached. The stolen data contains 8,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 8029

Acquisition Date: 2017-09-24T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 1395

Acquisition Date: 2017-10-26T00:00:00Z Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 23437

Acquisition Date: 2017-10-26T00:00:00Z

Site: SumoTorrent

Description: In April 2014, SumoTorrent's user database was allegedly breached. The stolen data contains 292,000 records including email addresses, usernames, and passwords. In April 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 254912

Acquisition Date: 2017-10-31T00:00:00Z

Site: Minecraft World Map

Description: In December 2015, Minecraft World Map's user database was allegedly breached. The stolen data contains 61,000 records including email addresses, usernames, passwords, and salts. In August 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 61855

Acquisition Date: 2017-10-26T00:00:00Z

Site: Insanelyi

Description: In July 2014, Insanelyi's user database was allegedly breached by actor Kim Jong Cracks. The stolen data contains 104,000 records including email addresses, usernames, passwords, and salts. In July 2014, the data was shared publicly on a few hacker sites and forums.

Passwords: 103410

Acquisition Date: 2017-10-31T00:00:00Z

Site: SkTorrent

Description: In February 2016, SkTorrent's user database was allegedly breached. The stolen data contains 36,000 records including email addresses, usernames, and passwords. In April 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 36495

Acquisition Date: 2017-10-30T00:00:00Z

Site: PetFlow

Description: In October 2017, PetFlow's user database was allegedly breached. The stolen data contains 990,000 records including email addresses and passwords. The compromised data is being shared privately on the darknet.

Passwords: 987665

Acquisition Date: 2017-10-26T00:00:00Z

Site: Minefield

Description: In June 2015, Minefield's user database was allegedly breached. The stolen data contains 188,000 records including email addresses, usernames, and passwords. In August 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 186379

Acquisition Date: 2017-10-27T00:00:00Z

Site: Sensitive Source

Description: This source has been marked as sensitive due to one of the following reasons:Revealing the source may compromise an on-going investigationThe affected site is of a controversial nature but does not validate email addresses and could therefore be used to tarnish an employee's reputation

Passwords: 110051401

Acquisition Date: 2017-10-30T00:00:00Z

Site: Quantum Stresser

Description: In March 2014, Quantum Stresser's user database was allegedly breached. The stolen data contains 3,700 records including email addresses, usernames, and passwords. In October 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 3795

Acquisition Date: 2017-10-29T00:00:00Z

Site: Foxy Bingo

Description: In April 2007, Foxy Bingo's user database was allegedly breached. The stolen data contains 251,000 records including email addresses, plaintext passwords, and full names. In November 2011, the data was shared publicly on a few hacker sites and forums.

Passwords: 246103

Acquisition Date: 2017-10-26T00:00:00Z

Site: BitTorrent

Description: In January 2016, BitTorrent's forum user database was allegedly breached. The stolen data contains 34,000 records including email addresses, usernames, hashed passwords, and salts. In June 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 34231

Acquisition Date: 2017-10-28T00:00:00Z

Site: FragNet

Description: In May 2015, FragNet's user database was allegedly breached. The stolen data contains 73,000 records including email addresses, usernames, passwords, salts, and full names. The compromised data is being shared privately on the darknet.

Passwords: 73251

Acquisition Date: 2017-10-30T00:00:00Z

Site: LizzardStresser

Description: At an unconfirmed date, LizzardStresser's user database was allegedly breached. The stolen data contains 1,000 records including email addresses, usernames, and passwords. In January 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 986

Acquisition Date: 2017-10-27T00:00:00Z

Site: Moneybookers

Description: In January 2009, payment site Moneybookers' user database was allegedly breached. The compromised data contains over 4 million records including email addresses and full names. Since November 2015, the compromised data is being shared privately among several criminal groups.

Passwords: 0

Acquisition Date: 2017-10-28T00:00:00Z

Site: MyVidster

Description: In August 2015, MyVidster's user database was allegedly breached. The stolen data contains 19,000 records including email addresses and passwords. In August 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 19852

Acquisition Date: 2017-10-29T00:00:00Z

Site: Business Acumen

Description: In February 2014, Business Acumen's user database was allegedly breached by actor 1337MiR. The stolen data contains 26,000 records including email addresses, usernames, and passwords. In April 2014, the data was shared publicly on a few hacker sites and forums.

Passwords: 22910

Acquisition Date: 2017-10-29T00:00:00Z

Site: GTA Gaming

Description: In August 2016, GTA Gaming's forum user database was allegedly breached. The stolen data contains 196,000 records including email addresses, passwords, and salts. In August 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 196614

Acquisition Date: 2017-11-01T00:00:00Z

Site: Tesco

Description: In February 2014, Tesco's user database was allegedly breached. Some believe that this database was not genuinely breached, but that the credentials were rather compiled from combolists and other databases. The stolen data contains 2,200 records including email addresses and passwords. In February 2014, the data was shared publicly on a few hacker sites and forums.

Passwords: 2239

Acquisition Date: 2017-10-31T00:00:00Z

Site: Hemmakvall

Description: In July 2015, Hemmakvall's user database was allegedly breached by actors PH1K3 and z0x. The stolen data contains 47,000 records including email addresses, passwords, and salts. In July 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 47346

Acquisition Date: 2017-11-01T00:00:00Z

Site: AstroPID

Description: In December 2013, AstroPID's user database was allegedly breached. The stolen data contains 5,700 records including email addresses, usernames, passwords, and salts. In June 2017, the data was shared publicly on a few hacker sites and forums.

Passwords: 5788

Acquisition Date: 2017-10-27T00:00:00Z

Site: This Habbo

Description: In October 2014, ThisHabbo's user database was allegedly breached. The stolen data contains 27,000 records including email addresses, usernames, passwords, and salts. In October 2014, the data was shared publicly on a few hacker sites and forums.

Passwords: 27713

Acquisition Date: 2017-10-28T00:00:00Z

Site: Pay As U Gym

Description: In December 2016, PayAsUGym's user database was allegedly breached. The stolen data contains 299,000 records including email addresses and MD5-hashed passwords. In December 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 299812

Acquisition Date: 2017-11-01T00:00:00Z

Site: Bot of Legends

Description: In November 2014, BotOfLegends' user database was allegedly breached. The stolen data contains 193,000 records including email addresses, usernames, passwords, and salts. In January 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 193416

Acquisition Date: 2017-11-01T00:00:00Z

Site: Staminus Communications Inc.

Description: In March 2016, Staminus Communications Inc.'s user database was allegedly breached. The stolen data contains 4,100 records including email addresses and full names. In March 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 26

Acquisition Date: 2017-10-29T00:00:00Z

Site: Pokemon Creed

Description: In August 2014, Pokemon Creed's user database was allegedly breached after an argument with rival RPG Pokemon Dusk. The stolen data contains 139,000 records including email addresses, usernames, and passwords. In August 2014, the data was shared online publicly by actor Cruz Dusk.

Passwords: 126634

Acquisition Date: 2017-10-30T00:00:00Z

Site: iPmart Forum

Description: In July 2015, iPmart's forum user database was allegedly breached. The stolen data contains 2,080,000 records including email addresses, usernames, passwords, and salts. In March 2016, the data was shared publicly on a few hacker sites and forums.

Passwords: 2080414

Acquisition Date: 2017-10-29T00:00:00Z

Site: Seedpeer

Description: In July 2016, Seedpeer's user database was allegedly breached. The stolen data contains 277,000 records including email addresses, usernames, and passwords. The compromised data is being shared privately on the darknet.

Passwords: 277641

Acquisition Date: 2017-10-27T00:00:00Z

Site: Army Force Online

Description: In June 2016, Army Force Online's user database was allegedly breached. The stolen records were shared online in mid-November 2017.

Passwords: 2373771

Acquisition Date: 2017-10-27T00:00:00Z

Site: Minecraft PE Forum

Description: In May 2015, MinecraftPEForum's user database was allegedly breached. The stolen data contains 16,000 records including email addresses, usernames, passwords, and salts. In May 2015, the data was shared publicly on a few hacker sites and forums.

Passwords: 15696