JD
January 1, 2013
•[ leak, retail ]
In 2013 (exact date unknown), the Chinese e-commerce service JD suffered a data breach that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as SHA-1 hashes. The data was provided to HIBP by a source who requested it be attributed to "white_peacock@riseup.net".
Target Corporation
January 1, 2013
•[ hack, retail ]
hacked
Lookbook
August 24, 2012
•[ hack, misconfiguration, retail ]
In August 2012, the fashion site Lookbook suffered a data breach. The data later appeared listed for sale in June 2016 and included 1.1 million usernames, email and IP addresses, birth dates and plain text passwords.
Taobao
January 1, 2012
•[ leak, retail ]
In approximately 2012, it's alleged that the Chinese shopping site known as Taobao suffered a data breach that impacted over 21 million subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and plain text passwords. Read more about Chinese data breaches in Have I Been Pwned.
hemmelig.com
December 21, 2011
•[ hack, retail ]
In December 2011, Norway's largest online sex shop hemmelig.com was hacked by a collective calling themselves "Team Appunity". The attack exposed over 28,000 usernames and email addresses along with nicknames, gender, year of birth and unsalted MD5 password hashes.
Dangdang
June 1, 2011
•[ leak, retail ]
In 2011, the Chinese e-commerce site Dangdang suffered a data breach. The incident exposed over 4.8 million unique email addresses which were subsequently traded online over the ensuing years.
Restaurant Depot
January 1, 2011
•[ hack, retail ]
hacked by Russian hackers
