ColoCrossing
May 24, 2025
•[ leak, misconfiguration, technology ]
In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were exposed in the incident along with names and MD5-Crypt password hashes.
Doxbin Scrape
January 24, 2025
•[ leak, misconfiguration, technology ]
In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin. Posts to the service are usually intended to disclose the personal information of non-consensually third parties. The data was provided to HIBP by a source who requested it be attributed to "oathnet.ru".
Speedio
December 24, 2024
•[ leak, misconfiguration, technology ]
In December 2024, data alleged to have been taken from the Brazilian lead generation platform Speedio was posted for sale to a popular hacking forum. The data was allegedly obtained from an unsecured Elasticsearch instance and contained over 62M records of largely public business information including company names, phone numbers and physical addresses, along with 27M unique email addresses, predominantly from public services such as Gmail and Outlook. Speedio did not respond to multiple attempts to disclose the incident, and the origin of the data could not be independently verified. The data was provided to HIBP by a source who requested it be attributed to "ayame@xmpp.jp".
BitView
December 14, 2024
•[ insider, misconfiguration, technology ]
In December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records. Attributed to a backup taken by a previous administrator earlier in the year, the breach exposed email and IP addresses, bcrypt password hashes, usernames, bios, private messages, video comments and for some records, gender, date of birth and country of location.
Senior Dating
November 23, 2024
•[ leak, misconfiguration, technology ]
In 2024, the 40+ dating website Senior Dating suffered a data breach. Attributed to an exposed Firebase database, the breach included extensive personal information on 766k users of the service including email addresses, photos, genders, links to Facebook accounts, dates of birth and precise latitude and longitude, among other personal attributes. The website was shut down after the breach was acknowledged by the site operator in December, along with a breach of the "ladies.com" website run by the same organisation.
Undisclosed Law Firm
November 19, 2024
•[ leak, misconfiguration, government ]
A threat actor, who goes online with the name name Altam Beezley, gained access to a computer file shared in a secure link among lawyers whose clients have given damaging testimony related to Matt Gaetz, the former Florida congressman who is President-elect Donald J. Trumps choice to be attorney general.
FlipaClip
November 18, 2024
•[ leak, misconfiguration, technology ]
In November 2024, the animation app FlipaClip suffered a data breach that exposed almost 900k records due to an exposed Firebase server. The impacted data included name, email address, country and date of birth. FlipaClip advised the issue has since been rectified.
Thala
November 15, 2024
•[ financial, misconfiguration, finance ]
Thala reveals it had suffered a security breach due to an isolated vulnerability related to its v1 farming contracts, which allowed the attacker to withdraw liquidity tokens. The company is able to recover $25.5 million of liquidity pool tokens
Call of Duty gamers
November 7, 2024
•[ hack, misconfiguration, technology ]
A threat actor dubbed Vizor reveals that they banned thousands of Call of Duty gamers by abusing anti-cheat flaw.
Schneider Electric
November 4, 2024
•[ leak, misconfiguration, manufacturing ]
Schneider Electric confirms that a developer platform was breached after a threat actor claimed to steal 40GB of data from the company's JIRA server.
MIT’s Technology Review
November 4, 2024
•[ leak, misconfiguration, technology ]
The threat actor known as Intel Broker claims to have stolen the personal data of 290,762 individuals from MITs Technology Review website via a third-party contractor.
Social
October 18, 2024
•[ financial, misconfiguration, finance ]
Tapioca DAO suffers a $4.5 million exploit after an attacker compromised its native token's vesting contract.
Finsure
October 15, 2024
•[ leak, misconfiguration, finance ]
In October 2024, almost 300k unique email addresses from Australian mortgage broking group Finsure were obtained from the ActivePipe real estate marketing platform. The impacted data also included names, phone numbers and physical addresses. The incident did not directly affect any of Finsure's systems or expose any passwords or financial data.
Flat Earth Sun, Moon and Zodiac App
October 15, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.
The Wayback Machine
October 9, 2024
•[ leak, misconfiguration, technology ]
Internet Archive's "The Wayback Machine" suffers a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
LEGO
October 5, 2024
•[ hack, misconfiguration, manufacturing ]
Cryptocurrency scammers briefly hack the LEGO website to promote a fake Lego token that could be purchased with Ethereum.
Switch
October 1, 2024
•[ leak, misconfiguration, technology ]
In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository. The exposed data contained job applications with names, email addresses and in some cases, commentary on the applicant.
Mutua Madrileña
September 27, 2024
•[ hack, misconfiguration, finance ]
Mutua Madrilea suffers a cyber attack on its home customer base, through an external provider, which affects thousands of customers.
19 stations, including London Cannon Street, London Bridge, Charing Cross, Clapham Junction, Euston, King’s Cross, Liverpool Street, Paddington, Victoria, Waterloo, Reading, Guildford, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Leeds, Bristol Temple Meads, Edinburgh Waverley, Glasgow Central
September 26, 2024
•[ hack, misconfiguration, government ]
U.K. transport officials and police say they are investigating a cyber-security incident that hit the public Wi-Fi networks at the countrys biggest railway stations and displayed an anti-Islam message in the login page.
French Citizens
September 25, 2024
•[ leak, misconfiguration, finance ]
In September 2024, over 90M rows of data on French Citizens was found left exposed in a publicly facing database. Compiled from various data breaches, the corpus contained 28M unique email addresses with the various source breaches each exposing different fields including name, physical and IP address, phone number and partial credit card data including payment type and last 4 digits.
