We've been tracking the resurgence of older breach datasets being re-shared and re-monetized across various dark web communities. What initially seemed like routine noise took a sharper turn when we encountered a sizable database attributed to Adirect Hong Kong Holdings Limited. It wasn't just the volume of 312,357 records that caught our attention, but the age of the breach (April 2019) coupled with the continued presence of active, yet likely outdated, credentials. The combination suggests ongoing credential stuffing attacks and a failure to adequately rotate or invalidate compromised passwords.
The breach stems from a compromise of "Aimware," a website known for selling video game cheats. While the initial breach occurred in mid-2019, the data continues to circulate, presenting a persistent risk. The compromised database includes a variety of personally identifiable information (PII) from Aimware users, including email addresses, usernames, first and last names, birthdays, and passwords secured as salted MD5 hashes. The data was originally dumped on a popular hacking forum, where it has likely been traded and utilized in various malicious activities.
The age of this leak is significant because it highlights the longevity of compromised data in the threat landscape. Even years after an initial breach, exposed credentials can remain valid due to user password reuse and a lack of proactive security measures by affected companies. This makes older breaches a valuable resource for attackers engaged in credential stuffing, account takeover (ATO), and other forms of identity theft.
This incident underscores a broader threat theme: the continuous recycling of leaked data. As noted by security researcher Troy Hunt, many breaches are not "new" in the sense of being recently discovered, but rather re-releases or compilations of previously exposed information. This "compilation" effect increases the likelihood of credential overlap across different services, making it easier for attackers to gain unauthorized access to user accounts.
Key point: Total records exposed: 312,357
Key point: Types of data included: Email Address, Birthday, Username, First Name, Last Name, Password Hash, Salt
Key point: Sensitive content types: PII
Key point: Source structure: Database
Key point: Leak location(s): Hacking forum (specific URL unavailable)
Key point: Date leaked: 28-Apr-2019
While specific news coverage of the Adirect Hong Kong Holdings Limited breach is limited, the underlying Aimware breach has been documented in various security communities and forums. Discussions on sites like Reddit and BreachForums confirm the existence and spread of this data. One post on BreachForums discusses the implications of using MD5 for password hashing, highlighting its vulnerability to cracking. The continued availability of the Aimware data, combined with the use of weak hashing algorithms, makes this breach a significant concern for organizations that rely on user authentication.
Email · Address · Birthday · Username · First · Name · Last · Password · Hash · Salt
See if your personal information has been exposed in data breaches
Scan to sign up instantly
We found your data exposed in multiple breaches. This includes:
Your information is protected by enterprise-grade security