Boris Miksic

We've been tracking a consistent pattern of older breaches resurfacing in underground forums, often years after the initial incident. What really struck us with this particular dataset wasn't its size, but the fact that it contained plaintext passwords from a Croatian platform called **Boris Miksic**. The data had been circulating quietly, but we noticed a spike in mentions across several breach aggregation sites, suggesting renewed interest from threat actors. The simplicity of the breach – email addresses and plaintext passwords – highlights a continuing vulnerability, even in established platforms.

Boris Miksic Breach: 13k+ Records Exposed with Plaintext Passwords

In August 2018, the Croatian platform Boris Miksic suffered a data breach that exposed over 13,000 records. The breach, which included email addresses and, critically, plaintext passwords, has recently resurfaced on a prominent hacking forum. The re-emergence of this older data is concerning, as it provides attackers with a fresh source of potentially valid credentials for credential stuffing attacks.

The breach initially came to light following a database compromise at Boris Miksic. The exposed data was subsequently compiled and shared within various online communities. The recent uptick in activity surrounding the data suggests a renewed interest in exploiting these credentials, potentially targeting users who may have reused these passwords across multiple platforms. The use of plaintext passwords is an egregious security lapse, making this breach particularly damaging.

The re-emergence of the Boris Miksic data is a stark reminder of the long tail of data breaches and the enduring risk posed by compromised credentials. It underscores the importance of proactive password management, multi-factor authentication, and continuous monitoring for leaked credentials.

Key point: Total records exposed: 13,453

Key point: Types of data included: Email Address, Plaintext Password

Key point: Source structure: Likely a database dump, later compiled into a combolist

Key point: Leak location(s): Prominent hacking forum (specific URL unavailable, but mentioned across multiple breach aggregation sites)

Key point: Date of first appearance: 21-Aug-2018

Troy Hunt, creator of Have I Been Pwned, added the breach to his database on August 21, 2018, confirming the incident and allowing users to check if their email addresses were compromised (HaveIBeenPwned.com). This highlights the importance of such services in disseminating information about data breaches and empowering users to take protective measures.

Email · Address · Plaintext · Password