ixigo
January 3, 2019
•[ leak, misconfiguration, technology ]
In January 2019, the travel and hotel booking site ixigo suffered a data breach. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers, connections to Facebook profiles and passwords stored as MD5 hashes. The data was provided to HIBP by a source who requested it to be attributed to "BenjaminBlue@exploit.im".
China Railway
January 2, 2019
•[ leak, misconfiguration ]
Data thieves steal the personal information of nearly 5 million people from an unconfirmed number of Chinese online ticket reservation platforms, according to Beijing police, who arrested a suspect in the case.
Victorian government
January 1, 2019
•[ leak, phishing, government ]
The work details of 30,000 Victorian public servants have been stolen in a data breach, after part of the Victorian Government directory was downloaded by an unknown party after an employee's email account is compromised.
Royal Enfield
January 1, 2019
•[ leak, misconfiguration, automotive ]
In January 2020, motorcycle maker Royal Enfield left a database publicly exposed that resulted in the inadvertent publication of over 400k customers. The impacted data included email and physical addresses, names, motorcycle information, social media profiles, passwords, and other personal information. The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
