The Shaker & Spoon Data Quietly Appeared on the Dark Web in 2022

Sometime in March 2022, 127,879 Shaker & Spoon customer records quietly occured in underground data markets with little public notice. The US-based cocktail subscription service had its database compromised, and the exposed data went far beyond simple login details. Credit card information, phone numbers, and full names were all included, creating serious downstream fraud risk for affected customers.

What Attackers Can Do With Stolen Credit Card and Contact Data

When a breach includes partial payment card data alongside full names, email addresses, and phone numbers, criminals have enough to launch highly targeted fraud. They can use the last four digits and expiry data to impersonate legitimate card issuers in phone scams. Email and phone combinations are also used in smishing and vishing campaigns that are partcularly difficult for victims to identify as fake, since the attacker already knows personal details.

What Was Exposed in the Shaker & Spoon Breach

• Email Address
• First Name
• Last Name
• Phone Number
• Credit Card (partial)

Why the Shaker & Spoon Breach Puts Customers at Ongoing Risk

This breach is not just a 2022 problem. Databases like this one are bought and sold on dark web markets for years after the initial leak. Affected customers remain exposed to phishing, targeted scams, and account takeover attempts indefinitely. The presence of credit card data makes this breach seperate from typical credential dumps, as financial institutions may need to be notified even years later if fraud patterns emerge.

How a Database Breach Works

A database breach happens when an attacker gains unauthorised access to a company's data storage systems, often through SQL injection, compromised admin credentials, or an unpatched server vulnerability. Once access is gained, structured customer records are extracted in bulk. The resulting data file is then sold or distributed across criminal networks, where it is used for fraud, phishing, and identity theft operations.

Check If Your Data Was Exposed

HEROIC's DarkWatch monitors more than 400 billion leaked records, including data from breaches like Shaker & Spoon, to alert you when your personal information surfaces on the dark web. Search your email address now to see exactly what has been exposed and take steps to protect yourself before criminals act on it.