EnrichLivingNow Data Breach Exposes 89K Plaintext Password Records

HEROIC's DarkHive system discovered the EnrichLivingNow breach, exposing 89,060 records in August 2018. This now-defunct US general business platform suffered a database compromise that revealed email addresses and plaintext passwords belonging to tens of thousands of users registered with this American online platform.

Why This Is Dangerous

The storage of passwords in plaintext is a critical security failure that eliminates all protection for user credentials, giving any attacker who accesses the database immediate use of the exposed passwords without any additional effort. With over 89,000 records exposed, this breach provides attackers with a large pool of immediately usable credentials. The combination of plaintext passwords and working email addresses means every affected user faced immediate risk of account compromise on any other platform where the same credentials were used.

What Was Exposed

• Email Address
• Plaintext Password

Why This Matters

Plaintext password breaches have a long shelf life because the credentials remain fully usable years after the breach occurred, unlike hashed passwords that may eventually become unusable as users update their accounts. Users who registered on EnrichLivingNow in 2018 and have not changed the password they used there remain vulnerable to credential stuffing attacks on any service where that password was reused. This breach demonstrates why plaintext password storage is categorically unacceptable and why any platform that did not protect user passwords must be treated as a total credential compromise.

How Database and Combolist Breach Works

Platforms storing passwords in plaintext face catastrophic data loss when their databases are accessed by attackers, because there is no cryptographic protection preventing immediate use of the credentials. Extracted plaintext password databases are among the most valuable breach data on underground markets because they require no additional processing before use. These records are combined with similar plaintext credential dumps into large combolists used by credential stuffing operators to test thousands of email and password combinations per minute against target services.

Check If You Are Affected

HEROIC offers a free identity scanner searching over 400 billion records including data from the EnrichLivingNow breach. Visit heroic.com to check if your information was exposed.