Windows93 / Myspace93
January 1, 2021
•[ data breach, plain text passwords, software exploit ]
In January 2021, the parody site Windows93 suffered a data breach of the Myspace93 sub-site after a beta application was exploited to download server files. The compromised data was later leaked in June and included 46k Myspace93 accounts containing email and IP addresses, usernames and passwords stored in plain text.
James
March 25, 2020
•[ data breach, bcrypt, passwords ]
In June 2020, 14 previously undisclosed data breaches appeared for sale including the Brazilian delivery service, "James". The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations expressed in longitude and latitude and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
COMELEC (comelec.gov.ph)
March 27, 2016
•[ data breach, voter records, personal information exposure ]
The database of the Philippine Commission on Elections (COMELEC) is breached and the personal information of 55 million voters potentially exposed in two consecutive attacks. The second attack was carried out by LulzSec Pilipinas
COMELEC (comelec.gov.ph)
March 27, 2016
•[ data breach, voter data, personal information exposure ]
The database of the Philippine Commission on Elections (COMELEC) is breached and the personal information of 55 million voters potentially exposed in two consecutive attacks. The first attack was carried out by Anonymous.
incipio.com
February 25, 2016
•[ malware, compromised orders, data breach ]
Incipio, LLC notifies an unspecified number of customers that malware compromised orders placed online.
Fashion to Figure (http://www.fashiontofigure.com)
November 15, 2015
•[ malware, data breach, server compromise ]
Fashion to Figure notifies customers of a breach involving malware inserted on their web host's server
Scuf Gaming
June 5, 2015
•[ data breach, data leak, password hashes ]
In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach. The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes.
TheNaturalOnline.com
August 14, 2014
•[ data breach, credit card theft, PII leak ]
TheNaturalOnline.com is compromised by an unknown attacker, who gains access to names, addresses, email addresses, phone numbers, passwords, credit and debit cards, expiration dates and CVV codes.
Well.ca
February 18, 2014
•[ data breach, credit card information, customer data ]
Well.ca, a Canadian online retailer for health and beauty products, declares to have suffered a data breach, compromising the credit card information of a few thousand of its customers.
RuneScape Boards
December 26, 2011
•[ data breach, credential leak, salted MD5 password hashes ]
In around 2011, the now defunct RuneScape Boards forum (also known as RSBoards) suffered a data breach that was later redistributed as part of a larger corpus of data. The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes.
