-
-
-
Target Corporation
January 1, 2013
•
[ hack, retail ]
hacked
-
-
-
-
Ubisoft
January 1, 2013
•
[ hack ]
hacked
-
-
-
Yahoo
January 1, 2013
hacked
-
-
Heroes of Newerth
December 17, 2012
•
[ hack, technology ]
In December 2012, the multiplayer online battle arena game known as Heroes of Newerth was hacked and over 8 million accounts extracted from the system. The compromised data included usernames, email addresses and passwords.
-
BookCrossing
November 5, 2012
•
[ leak, misconfiguration, technology ]
In August 2022, the book social networking site BookCrossing disclosed a data breach that dated back to a database backup from November 2012. The incident exposed almost 1.6M records including names, usernames, email and IP addresses, dates of birth and plain text passwords.
-
Netlog
November 1, 2012
•
[ leak, misconfiguration, technology ]
In July 2018, the Belgian social networking site Netlog identified a data breach of their systems dating back to November 2012 (PDF). Although the service was discontinued in 2015, the data breach still impacted 49 million subscribers for whom email addresses and plain text passwords were exposed. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
-
Lookbook
August 24, 2012
•
[ hack, misconfiguration, retail ]
In August 2012, the fashion site Lookbook suffered a data breach. The data later appeared listed for sale in June 2016 and included 1.1 million usernames, email and IP addresses, birth dates and plain text passwords.
-
Xiaomi
August 1, 2012
In August 2012, the Xiaomi user forum website suffered a data breach. In all, 7 million email addresses appeared in the breach although a significant portion of them were numeric aliases on the bbs_ml_as_uid.xiaomi.com domain. Usernames, IP addresses and passwords stored as salted MD5 hashes were also exposed. The data was provided with support from dehashed.com. Read more about Chinese data breaches in Have I Been Pwned.
-
Yahoo
July 11, 2012
•
[ hack, sqlinjection, technology ]
In July 2012, Yahoo! had their online publishing service "Voices" compromised via a SQL injection attack. The breach resulted in the disclosure of nearly half a million usernames and passwords stored in plain text. The breach showed that of the compromised accounts, a staggering 59% of people who also had accounts in the Sony breach reused their passwords across both services.
-
War Inc.
July 4, 2012
•
[ hack, technology ]
In mid-2012, the real-time strategy game War Inc. suffered a data breach. The attack resulted in the exposure of over 1 million accounts including usernames, email addresses and salted MD5 hashes of passwords.
-
Dropbox
July 1, 2012
In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
-
Disqus
July 1, 2012
In October 2017, the blog commenting service Disqus announced they'd suffered a data breach. The breach dated back to July 2012 but wasn't identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.
