Aha! Data Breach Exposes Over 26,000 Customers: Here’s What We Know
Breach Date: October 1, 2024 Publish Date: March 1, 2025 Industry: eCommerce, IT Services...
Verticalscope.com and all of their domains were hacked in February of 2016
Preface Verticalscope.com and all of their domains were hacked in February of 2016....
Socialblade.com was hacked in August of 2016
Table of Contents Summary Passwords Leafyishere sub botting controversy Summary Socialblade.com...
WebHostingTalk.com, Mac-Forums.com, DbForums.com and ABestWeb.com all owned by Penton were hacked on July 4th, 2016
Preface WebHostingTalk.com, Mac-Forums.com, DbForums.com and ABestWeb.com all owned by Penton...
Shadi.com another dating site was hacked around July 10th, 2016
Preface Shortly after the hack of MuslimMatch.com, Shadi.com another dating site was hacked...
Dota2 official forums was hacked on July 10th, 2016
Table of Contents Summary Passwords Emails Summary Dota2 official forums was hacked on July...
Twitter credentials are being traded in the tens of millions on the dark web
Preface Twitter credentials are being traded in the tens of millions on the dark web....
Subdomains belonging to mail.ru were hacked in August of 2016
Table of Contents About Us Summary Passwords About us LeakedSource is already the best data...
LinkedIn.com was hacked in June 2012 and a copy of data for 167,370,910 accounts has been obtained by LeakedSource
Preface LinkedIn.com was hacked in June 2012 and a copy of data for 167,370,910 accounts has...
Two Bitcoin related websites were hacked, namely Btc-E.com and Bitcointalk.org
Summary Two Bitcoin related websites were hacked, namely Btc-E.com (a Bitcoin exchange acting...
Zen-Pictures
In March 2018, Zen-Pictures, a Japanese niche studio that produces and distributes superheroine-action drama movies—typically featuring anime-style costumes, tokusatsu effects, and adult collectible videos—suffered a data breach that affected 135,355 users. The compromised data included email addresses and MD5 password hashes. Users should update their passwords on any accounts using similar credentials and be cautious with platforms still using outdated encryption methods like MD5.
VIPCHECKER
In 2020, VIPCHECKER, a Russian-based specialized account-checking service for Minecraft, suffered a data breach that impacted 986,455 users. The compromised data included usernames and passwords stored in both plaintext and SHA-1 hashed formats, significantly increasing the risk of account takeover and credential stuffing attacks.
Allp2ptv
In August 2018, Allp2ptv, a now-defunct Chinese all-sided live P2P sports TV schedule site offering comprehensive programming information for P2P online TV, suffered a data breach that affected 100,328 users. The compromised data included email addresses and MD5 password hashes. Users should update any reused credentials and avoid using services that rely on insecure hashing methods like MD5.
USTVNow
In August 2018, USTVNow, a U.S.-based live TV streaming service designed primarily for American expatriates, military personnel abroad, and patriotic viewers to access U.S. broadcast and cable channels legally, suffered a data breach that affected 474,077 users. The compromised data included email addresses and plaintext passwords. Users should update their passwords immediately and avoid using the same credentials across multiple platforms to reduce the risk of further compromise.
Akpr.ru
In August 2018, Akpr.ru, a Russian B2B agency based in Moscow, suffered a data breach that affected 108,624 users. The compromised data included email addresses and MD5 password hashes. Users should change any reused passwords and seek out services that implement modern, secure password hashing algorithms to better protect their credentials.
Pleqq
In June 2025, a Single Sign-On (SSO) login portal for Pleqq, a Netherlands-based service, suffered a data breach that impacted 218,423 users. The compromised data included email addresses, usernames, pHpass password hashes, and dates, potentially allowing attackers to correlate credentials or attempt brute-force cracking of hashed passwords.
Work.shop
In August 2018, Work.shop, a subdomain under the main Shop.com domain owned by Market America, Inc.—a U.S.-based e-commerce and cashback platform—suffered a data breach that affected 62,690 users. The compromised data included email addresses and plaintext passwords. Users should immediately change any reused credentials and be cautious of phishing attempts following such exposures.
infoBiker
In November 2022, infoBiker, an Argentinan news and community hub for cycling enthusiasts, suffered a data breach impacting approximately 32,000 records. The exposed data included over 19,000 unique email addresses, phone numbers, full names, and MD5 hashed passwords. Proper cybersecurity measures are essential to protect sensitive user information and prevent future breaches from occurring.
Seer
In 2018, Seer suffered a data breach affecting approximately 69 thousand unique records. The exposed data includes email addresses and plaintext passwords. Implementing strong encryption and secure storage practices is crucial to prevent unauthorized access and protect sensitive data.
MZ Online Market
In August 2024, MZ Online Market, a general e-commerce platform based in Myanmar, suffered a data breach that impacted 8,320 users. The compromised data included email addresses, full names, and physical addresses, potentially exposing users to identity theft and targeted scams. This incident highlights the critical need for robust cybersecurity measures to protect organizational and user information in national industry platforms.
Applebee Books
In August 2018, Applebee Books, a South Korean e-commerce portal and publisher specializing in children’s educational books and toys, suffered a data breach that affected 63,728 users. The compromised data included email addresses and MySQL password hashes. Users should update any passwords reused on other services and be aware that weak or outdated hashing algorithms can still expose accounts to cracking attempts.
Abcguionistas
In August 2018, Abcguionistas, a Spain-based international screenwriting community and training platform headquartered in Madrid, suffered a data breach that affected 100,124 users. The compromised data included email addresses and plaintext passwords. Users should immediately update any reused passwords and adopt stronger credentials for future use.
Infiniton
In March 2023, Infiniton, a Spanish e-commerce platform specializing in home furniture and appliances, suffered a data breach affecting approximately 29,000 records. The exposed data includedne nearly 28,000 unique email addresses, full names, and genders. Proper cybersecurity measures are crucial to protect sensitive user information and safeguard online platforms from potential breaches like this one.
Anhui Zhongyi Enterprise Management
In August 2018, Anhui Zhongyi Enterprise Management, a corporate site for a Chinese life-services management company in Anhui, suffered a data breach that affected 207,500 users. The compromised data included email addresses and MD5 password hashes. To stay secure, users should replace any reused credentials and prioritize platforms that follow modern encryption practices.
Norwegian Cruise Line
In August 2018, Norwegian Cruise Line, specifically the regional European (primarily German) travel-agent portal, suffered a data breach that affected 31,872 users. The compromised data included email addresses and MD5 password hashes. Users should update passwords and avoid using platforms that store data with outdated hashing algorithms like MD5.
Academy Fence Company
In August 2018, Academy Fence Company, a family-owned fencing supply retailer and installation business based in Orange, New Jersey, USA, suffered a data breach that affected 33,264 users. The compromised data included email addresses and MD5 password hashes. Since MD5 is outdated and insecure, affected users should update their passwords and ensure stronger protection across other platforms.
Poloniex
In April 2020, Poloniex, a US based cryptocurrency exchange and fintech platform, suffered a data breach affecting nearly 1 million records. The exposed data includes over 950,000 unique email addresses and plaintext passwords. Breaches involving financial platforms pose significant risks of fraud and unauthorized account access. Strong encryption and strict cybersecurity protocols are vital to protect user assets and maintain trust.
I Need a Job
In August 2022, I Need a Job, a US-based job-seeking platform, suffered a data breach affecting approximately 35,000 records. The exposed data included roughly 1500 unique email addresses, phone numbers, full names, and MD5 hashed passwords. Proper cybersecurity measures are crucial to protect sensitive user information and safeguard online platforms from potential breaches like this one.
IndianAthletics
In February 2023, the website for the Athletics Federation of India suffered a data breach impacting approximately 18 million records. The exposed data included nearly 192,000 unique email addresses, usernames, full names, phone numbers, IP addresses, physical addresses, and either PHPass hashed, bcrypt hashed, or plaintext passwords. Proper cybersecurity measures are crucial to protect sensitive user information and safeguard online platforms from potential breaches like this one.
RedLaser
In July 2024, RedLaser, a Bermuda-based retailer specializing in office supplies and computer equipment, suffered a data breach that impacted 1,312 users. The compromised data included email addresses, phone numbers, full names, geographic locations, physical addresses, and dates, exposing a broad set of personally identifiable information. This incident highlights the critical need for robust cybersecurity measures to protect organizational and user information in national industry platforms.