Aha! Data Breach Exposes Over 26,000 Customers: Here’s What We Know
Breach Date: October 1, 2024 Publish Date: March 1, 2025 Industry: eCommerce, IT Services...
Verticalscope.com and all of their domains were hacked in February of 2016
Preface Verticalscope.com and all of their domains were hacked in February of 2016....
Socialblade.com was hacked in August of 2016
Table of Contents Summary Passwords Leafyishere sub botting controversy Summary Socialblade.com...
WebHostingTalk.com, Mac-Forums.com, DbForums.com and ABestWeb.com all owned by Penton were hacked on July 4th, 2016
Preface WebHostingTalk.com, Mac-Forums.com, DbForums.com and ABestWeb.com all owned by Penton...
Shadi.com another dating site was hacked around July 10th, 2016
Preface Shortly after the hack of MuslimMatch.com, Shadi.com another dating site was hacked...
Dota2 official forums was hacked on July 10th, 2016
Table of Contents Summary Passwords Emails Summary Dota2 official forums was hacked on July...
Twitter credentials are being traded in the tens of millions on the dark web
Preface Twitter credentials are being traded in the tens of millions on the dark web....
Subdomains belonging to mail.ru were hacked in August of 2016
Table of Contents About Us Summary Passwords About us LeakedSource is already the best data...
LinkedIn.com was hacked in June 2012 and a copy of data for 167,370,910 accounts has been obtained by LeakedSource
Preface LinkedIn.com was hacked in June 2012 and a copy of data for 167,370,910 accounts has...
Two Bitcoin related websites were hacked, namely Btc-E.com and Bitcointalk.org
Summary Two Bitcoin related websites were hacked, namely Btc-E.com (a Bitcoin exchange acting...
Telegram StarLinkClouds Logs v3 6-11-25 by .boxed.pw
On June 11, 2025, a stealer log titled StarLink[Logs] v.3 was shared on a Telegram channel. It exposed rougly 25,000 email addresses, along with plaintext passwords, homepage URLs, IP addresses, and system details of infected machines. This incident underscores the ongoing need for strong cybersecurity measures to prevent the spread of stealer malware.
Telegram CuckooLogs 6-17-25 by .boxed.pw
On June 17, 2025, a stealer log titled CuckooLogsPublic-20250617 was shared on a Telegram channel. The log exposed around 69,085 email addresses, as well as plaintext passwords, homepage URLs, and system information on affected devices. This type of breach, stemming from infostealer malware, underscores the urgent need for proactive cybersecurity measures—including the use of password managers, antivirus protection, and routine system monitoring—to mitigate the risk of identity theft and further exploitation.
Telegram RusCloud 6-16-25 by .boxed.pw
On June 17, 2025, a stealer log titled Logs_16 June was shared on a Telegram channel. The log exposed around 885 email addresses, as well as plaintext passwords, homepage URLs, and system information on affected devices. This type of breach, stemming from infostealer malware, underscores the urgent need for proactive cybersecurity measures—including the use of password managers, antivirus protection, and routine system monitoring—to mitigate the risk of identity theft and further exploitation.
Telegram StarLinkClouds Logs 6-10-25 by .boxed.pw
On June 10, 2025, a stealer log titled StarLink[Logs] was circulated through a Telegram channel. The log exposed around 39,000 email addresses, along with plaintext passwords, usernames, homepage URLs, IP addresses, and system information from the compromised devices. This incident reinforces the necessity of strong cybersecurity defenses to guard against stealer malware threats.
Armorama
In February 2018, Armorama, a well-established international community and media hub for armor and AFV scale modelers, hosted by the KitMaker Network in the United States, suffered a data breach that affected 54,372 users. The compromised data included email addresses and MD5 password hashes. Due to the weak security of MD5, users should change affected passwords and use unique, strong ones going forward.
InMovil
In June 2022, InMovil, a Spanish e-commerce platform specializing in mobile phones, suffered a data breach exposing approximately 8 million records containing nearly 44,000 unique email addresses, full names, IP addresses, birthdays, and MD5 hashed passwords. The incident highlights the importance of implementing strong cybersecurity measures to protect sensitive information and prevent such breaches from escalating risks.
Cambridge Australia
In August 2018, Cambridge Australia suffered a data breach affecting nearly 1 million records. The exposed data includes over 411,000 unique email addresses and passwords hashed using either MD5 or bcrypt. The presence of weak hashing like MD5 poses a significant risk to account security. Adopting consistent, modern encryption methods is essential to protect user data and prevent unauthorized access.
Avifauna
In October 2017, Avifauna, a Danish ecommerce platform specializing in pet supplies, suffered a data breach affecting nearly 35 thousand unique records. The exposed data includes email addresses and MD5 hashed and salted passwords. Despite salting, the use of MD5 leaves passwords vulnerable to modern cracking techniques. Adopting secure, up-to-date hashing algorithms is essential to ensure strong protection of user credentials.
BDSM Story
In August 2018, BDSM Story, a pornographic site, suffered a data breach affecting approximately 90 thousand records. The exposed data includes over 87,000 unique email addresses and either plaintext or MD5 hashed passwords. Using strong encryption and maintaining robust cybersecurity practices are essential to protect user anonymity and data.
EMESCN
In August 2018, EMESCN, a now-defunct U.K.-based educational website for migrants, ethnic minorities, and stateless children, suffered a data breach that affected 27,893 users. The compromised data included email addresses and bcrypt password hashes. Although bcrypt is a stronger hashing method, users should still rotate passwords to be safe.
WorldShop
In August 2018, WorldShop, a now-defunct Lufthansa Miles & More shopping portal based in Germany/Europe, suffered a data breach that affected 73,698 users. The compromised data included email addresses and plaintext passwords. Users should reset passwords immediately and avoid reusing them across services.
InfosMarket
In November 2022, InfosMarket, an ecommerce platform based in the Democratic Republic of Congo, suffered a data breach affecting approximately 140,000 records. The exposed data included over 300 unique email addresses, usernames, and PHPass hashed passwords. Proper cybersecurity measures are essential to protect sensitive user information and safeguard online platforms from potential breaches like this one.
Canal Educatif
In August 2018, Canal Educatif, a non-commercial French educational video platform for students, teachers, and lifelong learners, suffered a data breach that affected 73,137 users. The compromised data included email addresses and MD5 password hashes. Users should secure their accounts with updated passwords and avoid services relying on outdated hash algorithms.
Flashgame.Hehagame
In March 2018, Flashgame.Hehagame, a Taiwanese online flash-game portal offering daily updated games, guides, and community features for Hong Kong and Taiwan gamers, suffered a data breach that affected 888,460 users. The compromised data included email addresses and MD5 password hashes. Users should update their passwords and avoid reusing old ones on insecure platforms.
I Paid a Bribe
In May 2022, I Paid a Bribe, an Indian platform enabling anonymous reporting of bribery cases, suffered a data breach exposing approximately 8.5 million records containing nearly 5000 unique email addresses, phone numbers, usernames, full names, IP addresses, and hashed passwords using PHPass or MD5. Proper cybersecurity measures are vital to protect sensitive information and prevent similar breaches from causing significant harm.
Superfate
In August 2018, Superfate, the English version of a largely Asia-focused fortune-telling subscription service catering to users in Taiwan, suffered a data breach that affected 120,055 users. The compromised data included email addresses and plaintext passwords. Users should update their passwords immediately and avoid services that store credentials in plain text.
FlyingHearts
In September 2018, FlyingHearts, a now-defunct website based in the Czech Republic that provided immigration legal support services, suffered a data breach that affected 304,550 users. The compromised data included email addresses and passwords stored both as plaintext and bcrypt hashes. While bcrypt is relatively secure, the presence of plaintext passwords indicates poor handling practices; affected users should change passwords and exercise caution.
Arendator
In August 2018, Arendator, a now-defunct Russian real estate informational website, suffered a data breach that affected 188,790 users. The compromised data included email addresses and password hashes stored in an unknown format. Without knowing the strength of the hashing, users are strongly advised to update passwords and use only trusted services.
Bunedir
In August 2018, Bunedir, a Turkish question and answer website, suffered a data breach affecting around 50 thousand records. The exposed data includes nearly 47,000 unique email addresses and MD5 hashed passwords. Reliance on outdated hashing algorithms weakens password security. Upgrading to modern encryption standards is essential to protect user credentials and maintain platform integrity.
AQAD (ASSET Question-A-Day)
In August 2018, AQAD (ASSET Question-A-Day), an educational initiative by Educational Initiatives Pvt Ltd in India, suffered a data breach that affected 328,828 users. The compromised data included email addresses and MySQL password hashes. Users should update passwords and ensure that reused credentials on other platforms are changed to prevent unauthorized access.