Aha! Data Breach Exposes Over 26,000 Customers: Here’s What We Know
Breach Date: October 1, 2024 Publish Date: March 1, 2025 Industry: eCommerce, IT Services...
Verticalscope.com and all of their domains were hacked in February of 2016
Preface Verticalscope.com and all of their domains were hacked in February of 2016....
Socialblade.com was hacked in August of 2016
Table of Contents Summary Passwords Leafyishere sub botting controversy Summary Socialblade.com...
WebHostingTalk.com, Mac-Forums.com, DbForums.com and ABestWeb.com all owned by Penton were hacked on July 4th, 2016
Preface WebHostingTalk.com, Mac-Forums.com, DbForums.com and ABestWeb.com all owned by Penton...
Shadi.com another dating site was hacked around July 10th, 2016
Preface Shortly after the hack of MuslimMatch.com, Shadi.com another dating site was hacked...
Dota2 official forums was hacked on July 10th, 2016
Table of Contents Summary Passwords Emails Summary Dota2 official forums was hacked on July...
Twitter credentials are being traded in the tens of millions on the dark web
Preface Twitter credentials are being traded in the tens of millions on the dark web....
Subdomains belonging to mail.ru were hacked in August of 2016
Table of Contents About Us Summary Passwords About us LeakedSource is already the best data...
LinkedIn.com was hacked in June 2012 and a copy of data for 167,370,910 accounts has been obtained by LeakedSource
Preface LinkedIn.com was hacked in June 2012 and a copy of data for 167,370,910 accounts has...
Two Bitcoin related websites were hacked, namely Btc-E.com and Bitcointalk.org
Summary Two Bitcoin related websites were hacked, namely Btc-E.com (a Bitcoin exchange acting...
Btc60
In August 2023, Btc60, a U.S.-based Bitcoin faucet platform where users could earn small amounts of Bitcoin by completing tasks or visiting specific links, experienced a data breach affecting 52,000 users. The compromised data included email addresses and plaintext passwords. This incident highlights the critical importance of strong cybersecurity measures, including password encryption and multi-factor authentication, to protect user accounts and prevent unauthorized access, especially on financial platforms.
MCBans
In September 2017, MCBans, a U.S.-based Minecraft ban management system that assists server owners in enforcing rules and managing player behavior, experienced a data breach affecting 136,000 users. The exposed data included email addresses, IP addresses, usernames, password hashes, and account creation dates. This incident underscores the importance of robust cybersecurity measures to safeguard sensitive user information and prevent unauthorized access.
PvP Live
In January 2021, PvP Live, a U.S.-based esports news website focused on competitive gaming news, statistics, and insights, experienced a data breach affecting 46,100 users. The compromised data included email addresses, password hashes, usernames, and full names. This incident highlights the necessity of strong cybersecurity practices, including secure password hashing and multi-factor authentication, to safeguard user accounts and prevent unauthorized access to online platforms.
CraftApple
In August 2020, CraftApple, a Polish website related to Minecraft—possibly a community, server, or resource hub for players—experienced a data breach affecting nearly 10,000 users. The compromised data included email addresses, MD5 password hashes, usernames, and IP addresses. This incident highlights the importance of strong cybersecurity measures, including the use of secure password hashing methods, to protect user information and prevent unauthorized access.
Craftboard
In January 2021, Craftboard, a Polish Minecraft community and server list likely associated with Minecraft servers, plugins, or player forums, experienced a data breach affecting 26,500 users. The compromised data included email addresses, usernames, MD5 password hashes, birthdates, IP addresses, and dates. This incident highlights the importance of implementing strong cybersecurity measures, including secure password hashing algorithms, to protect user information and prevent unauthorized access.
Killbillet
In July 2020, Killbillet, a U.S.-based online forum dedicated to rat rods—custom cars designed with a deliberately worn-down, unfinished appearance—experienced a data breach affecting nearly 121,000 users. The exposed data included email addresses, usernames, birthdates, IP addresses, MD5 and bcrypt password hashes, and dates. This incident underscores the importance of robust cybersecurity measures to protect user data and prevent unauthorized access.
OnlineTvRecorder
In January 2025, OnlineTvRecorder, a German website that enables users to record and watch television programs online like a cloud-based DVR for various TV channels, suffered a data breach exposing 495,000 rows of data. The compromised information included email addresses, usernames, bcrypt password hashes, and dates. This breach highlights the critical need for strong cybersecurity measures, including secure password storage practices, to protect user data and prevent unauthorized access.
OwnData Network
In August 2022, Owndata Network, a decentralized data network allowing users to sell their data for cryptocurrency, experienced a breach compromising approximately 226,000 user records, including email addresses, usernames, IP addresses, Bitcoin wallet addresses, and bcrypt-hashed passwords. The incident highlights vulnerabilities in platforms managing sensitive user and transactional data. Robust cybersecurity measures remain critical to safeguarding sensitive information and maintaining trust in decentralized systems.
Kupi Kotel
In October 2023, Kupi Kotel, a Russian online store specializing in heating equipment and offering installation and maintenance services, experienced a data breach that exposed 4,500 rows of data. The compromised information included email addresses and password hashes. This incident underscores the importance of strong cybersecurity measures, including secure password hashing methods, to protect user data and prevent unauthorized access.
Overclockzone
In October 2020, Overclockzone, a Thai IT community and resource platform, experienced a breach compromising approximately 676,000 records, including email addresses, usernames, birthdays, IP addresses, and MD5 or bcrypt hashed and salted passwords. The incident highlights vulnerabilities in platforms managing user credentials and community interactions. Proper cybersecurity measures are essential to safeguard sensitive information and maintain trust in online forums.
Buffy Forums
In August 2020, Buffy Forums, an online community dedicated to discussions about "Buffy the Vampire Slayer," "Angel," and the Whedonverse, experienced a breach compromising approximately 27,000 user records, including email addresses, usernames, birthdays, IP addresses, and passwords stored as MD5 hashes with salting. The incident highlights risks for platforms managing user credentials and community interactions. Robust cybersecurity measures, including modern encryption standards, are critical to safeguarding sensitive information and maintaining trust in online communities.
Urban Point
In July 2020, Urban Point, a Qatari mobile application offering discounts and promotions, experienced a breach compromising approximately 282,000 records, including email addresses, full names, phone numbers, genders, birthdays, and passwords stored in plaintext. The incident highlights critical risks for platforms managing sensitive user credentials, particularly with inadequate encryption practices. Robust cybersecurity measures, including secure password storage, are essential to protect user data and maintain trust in digital services.
Downpit
In March 2023, Downpit, a U.S.-based platform dedicated to movie reviews and news, particularly focused on Hollywood films, experienced a data breach affecting 347,000 users. The compromised data included email addresses and plaintext passwords. This incident underscores the critical importance of strong cybersecurity measures, such as encrypting stored passwords and implementing multi-factor authentication, to protect user accounts and prevent unauthorized access.
Assinatura-Xbox-Live
In January 2021, Assinatura Xbox-Live, a platform selling digital redemption codes for Xbox games and Xbox Live subscriptions, experienced a breach compromising approximately 41,000 records, including email addresses, usernames, IP addresses, phone numbers, and passwords stored as MD5 hashes with salting. The incident highlights risks for platforms managing user credentials and transactional data. Robust cybersecurity measures, including modern encryption standards, are critical to safeguarding sensitive information and maintaining trust in digital marketplaces.
Advogados Online
In August 2022, Advogados Online, a forum connecting users with legal professionals for questions and answers, experienced a breach compromising approximately 193,000 user records, including email addresses, usernames, and PHPass-hashed passwords. The incident highlights risks for platforms managing sensitive user credentials and professional interactions. Robust cybersecurity measures, including modern encryption standards, are critical to safeguarding sensitive information and maintaining trust in digital services.
Combook
In March 2021, Combook, a Russian online bookstore specializing in educational and technical literature, experienced a breach compromising approximately 117,000 user records, including email addresses, phone numbers, usernames, full names, physical addresses, and passwords stored in plaintext. The incident highlights critical risks for platforms managing sensitive user credentials, particularly with inadequate encryption practices. Robust cybersecurity measures, including secure password storage, are essential to protect user data and maintain trust in digital services.
eRekrutment
In March 2025, eRekrutment, an Indonesian job recruitment platform connecting job seekers with employers across various industries, suffered a data breach that exposed 54,000 rows of data. The compromised information included email addresses, phone numbers, full names, usernames, bcrypt password hashes, physical addresses, and dates. This breach underscores the importance of implementing strong cybersecurity measures, such as encryption, multi-factor authentication, and regular security assessments, to safeguard sensitive user data and prevent unauthorized access.
GetCarrier
In July 2021, GetCarrier, a US-based logistics provider specializing in auto transport and freight services, experienced a breach compromising approximately 137,000 records, including email addresses, usernames, phone numbers, and bcrypt hashed passwords. The incident highlights vulnerabilities in platforms managing sensitive customer and operational data. Proper cybersecurity measures are essential to safeguard personal information and maintain trust in logistics services.
Robocash
In February 2025, Robocash, a Vietnamese online lending platform specializing in quick, automated loans, experienced a data breach affecting 30,000 users. The compromised data included email addresses, phone numbers, full names, gender, and birthdates. This incident underscores the importance of strong cybersecurity measures to protect sensitive financial and personal information from unauthorized access and potential misuse.
Youthmovements Global Goals
In January 2022, Youthmovements Global Goals, a Canadian online platform hosted at globalgoals.youthmovements.org and dedicated to mapping youth-led initiatives aligned with the United Nations' Sustainable Development Goals (SDGs), suffered a data breach affecting 230,000 users. The compromised data included email addresses and plaintext passwords. This incident emphasizes the critical importance of implementing robust cybersecurity measures, especially for platforms supporting global causes, to protect sensitive user data and uphold the integrity of their mission.
/qr-code.png)