Entries by govanguard

StockX – 6,840,339 breached accounts

In July 2019, the fashion and sneaker trading platform StockX suffered a data breach which was subsequently sold via a dark webmarketplace. The exposed data included 6.8 million unique email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes. The data was provided to HIBP by a source who requested it be […]

Source

Canva – 137,272,116 breached accounts

In May 2019, the graphic design tool website Canva suffered a data breach that impacted 137 million subscribers. The exposed data included email addresses, usernames, names, cities of residence and passwords stored as bcrypt hashes for users not using social logins. The data was provided to HIBP by a source who requested it be attributed […]

Source

CafePress – 23,205,290 breached accounts

In February 2019, the custom mechandise retailer CafePress suffered a data breach. The exposed data included 23 million unique email addresses with some records also containing passwords hashes, names, physical addresses and phone numbers. The data was provided to HIBP by a source who requested it be attributed to “JimScott.Sec@protonmail.com”. Source

Source

Club Penguin Rewritten (July 2019) – 4,007,909 breached accounts

In July 2019, the children's gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney's Club Penguin game). In addition to an earlier data breach that impacted 1.7 million accounts, the subsequent breach exposed 4 million unique email addresses alongside IP addresses, usernames and passwords stored as […]

Source

Anime-Planet – 368,507 breached accounts

In approximately 2016, the anime website Anime-Planet suffered a data breach that impacted 369k subscribers. The exposed data included usernames, IP and email addresses, dates of birth and passwords stored as unsalted MD5 hashes and for newer accounts, bcrypt hashes. The data was provided to HIBP by dehashed.com. Source

Source

Xiaomi (unverified) – 7,088,010 breached accounts

In August 2012, the Xiaomi user forum website suffered a data breach. In all, 7 million email addresses appeared in the breach although a significant portion of them were numeric aliases on the bbs_ml_as_uid.xiaomi.com domain. Usernames, IP addresses and passwords stored as salted MD5 hashes were also exposed. The data was provided with support from […]

Source