DarkHive Breach Catalog

IBFIM Online
Breached Records: 430
In January 2023, The Islamic Banking and Finance Institute Malaysia (IBFIM), an Malaysian educational platform offering professional certifications and training programs for banking and finance related careers, suffered a data breach exposing approximately 250,000 records containing 430 unique email addresses, usernames, full names, and MD5 hashed passwords. This highlights the importance of robust cybersecurity measures to protect such sensitive information from unauthorized access and safeguard user privacy against potential threats.
Leaked Data Types: Email Address, Password Hash, Username, First Name, Last Name
Added on June 23, 2025

Profitech
Breached Records: 151,052
In August 2018, Profitech, a now-defunct Hungary-based electronics component distributor (Profitech Kft.) specializing in surveillance, RF, cabling, and electronic modules, suffered a data breach that affected 151,052 users. The compromised data included email addresses and MD5 password hashes. Since MD5 is no longer considered secure, users should update any reused passwords and prioritize services that use modern encryption methods.
Leaked Data Types: Email Address, Password Hash
Added on June 23, 2025

ImportDirect
Breached Records: 23,014
In February 2023, ImportDirect, a Romanian e-commerce platform, suffered a data breach affecting approximately 28,000 records. The exposed data includes over 23,000 unique email addresses, full names, phone numbers, and physical addresses. Proper cybersecurity measures are crucial to protect sensitive user data and prevent future breaches from occurring.
Leaked Data Types: Email Address, Phone Number, First Name, Last Name
Added on June 23, 2025

Ilanburada
Breached Records: 23,362
In October 2022, Ilanburada, a Turkish e-commerce platform for classified advertisements, suffered a data breach impacting approximately 100,000 mailing list records. The exposed data included over 23,000 unique email addresses and usernames. Proper cybersecurity measures are critical to safeguarding sensitive user information and preventing future breaches from occurring.
Leaked Data Types: Email Address, Username
Added on June 23, 2025

Telegram Alien_Log 3k 6-9-25 by .boxed.pw
Breached Records: 49,104
On June 9, 2025, a stealer log labeled Alien_Log 3K pcs was distributed via a Telegram channel. The log revealed over 49,000 email addresses, along with plaintext passwords, homepage URLs, IP addresses, and system information from infected machines. This event highlights the urgent need for effective cybersecurity measures to combat the spread of stealer malware.
Leaked Data Types: Email Address, Plaintext Password, HomePage URL
Added on June 23, 2025

The Personality Code (TalentSmart)
Breached Records: 24,554
In August 2018, The Personality Code, TalentSmart's online EQ self-assessment tool based in the United States, suffered a data breach affecting nearly 25 thousand unique records. The exposed data includes email addresses and plaintext passwords. Strong cybersecurity practices are essential to ensure the safety and confidentiality of personal data.
Leaked Data Types: Email Address, Plaintext Password
Added on June 23, 2025

Africa Desk (Asia) Limited
Breached Records: 48,099
In March 2018, Africa Desk (Asia) Limited, a Hong Kong–based company likely operating as an Africa–Asia research or business collaboration center, suffered a data breach that affected 48,099 users. The compromised data included email addresses and MD5 password hashes. Users should update their credentials and avoid platforms that still rely on legacy hashing methods like MD5, which are vulnerable to modern cracking techniques.
Leaked Data Types: Email Address, Password Hash
Added on June 23, 2025

National Speech and Debate Association
Breached Records: 146,464
In August 2018, the National Speech and Debate Association, based in the United States, suffered a data breach affecting approximately 281 thousand records. The exposed data includes over 146,000 unqiue email addresses and MD5 hashed passwords. Implementing modern encryption standards is vital to ensure the security of user credentials.
Leaked Data Types: Email Address, Password Hash
Added on June 23, 2025

Telegram UP_DaisyCloud 5k Logs June 9 by .boxed.pw
Breached Records: 89,238
On June 9, 2025, a stealer log titled UP_DaisyCloud June 9 5110 was circulated through a Telegram channel. The log exposed over 89,000 email addresses, along with plaintext passwords, usernames, homepage URLs, IP addresses, and system information from the compromised devices. This incident reinforces the necessity of strong cybersecurity defenses to guard against stealer malware threats.
Leaked Data Types: Email Address, Plaintext Password, HomePage URL
Added on June 23, 2025

Aadalsiden
Breached Records: 48,068
In October 2018, Aadalsiden, a small-scale, volunteer-run Norwegian community portal focusing on the Ã…dal area, suffered a data breach that affected 48,068 users. The compromised data included email addresses and MD5 password hashes. Since MD5 is an outdated and insecure hashing algorithm, users are urged to update their passwords immediately and use services that implement modern cryptographic standards.
Leaked Data Types: Email Address, Password Hash
Added on June 23, 2025

Relink.to
Breached Records: 116,073
In October 2018, Relink.to, a now-defunct Austria-based cryptocurrency website that featured articles and information on how to earn money, suffered a data breach that affected 116,073 users. The compromised data included email addresses and plaintext passwords. Users should replace any reused credentials and be cautious with platforms that use outdated hashing algorithms like MD5, which are susceptible to brute-force attacks.
Leaked Data Types: Email Address, Plaintext Password
Added on June 23, 2025

PlanetFeedback
Breached Records: 122,637
In December 2017, PlanetFeedback, a United States-based consumer feedback platform, suffered a data breach affecting around 122 thousand unique records. The exposed data includes email addresses and passwords stored in plain text. Implementing strong encryption is essential to safeguard sensitive information and ensure user safety.
Leaked Data Types: Email Address, Plaintext Password
Added on June 23, 2025

Telegram BabaCloudLogs 6-14-25 by .boxed.pw
Breached Records: 36,786
On June 14, 2025, a stealer log titled @BabaCloudLogs { 606 } Cloud Logs 14.06.2025 was shared on a Telegram channel. The log exposed around 36,786 email addresses, as well as plaintext passwords, homepage URLs, and system information on affected devices. This type of breach, stemming from infostealer malware, underscores the urgent need for proactive cybersecurity measures—including the use of password managers, antivirus protection, and routine system monitoring—to mitigate the risk of identity theft and further exploitation.
Leaked Data Types: Email Address, Username, IP Address, Credit Card, Plaintext Password, HomePage URL
Added on June 23, 2025

iMask
Breached Records: 13,846
In March 2023, iMask, a Portuguese e-commerce platform specializing in personal protective equipment (PPE) and hygiene products, suffered a data breach impacting approximately 2 million records. The exposed data included nearly 14,000 unique email addresses, full names, and bcrypt or MD5 hashed passwords. The incident may have been facilitated by phishing or unauthorized access methods. Proper cybersecurity measures are crucial to protect sensitive user information and prevent such breaches from occurring.
Leaked Data Types: Email Address, Password Hash, First Name, Last Name
Added on June 23, 2025

Telegram KeyCloud Logs #137 by .boxed.pw
Breached Records: 6,173
On June 14, 2025, a stealer log titled KeyCloud_Free_logs#137 was shared on a Telegram channel. The log exposed around 6,173 email addresses, as well as plaintext passwords, homepage URLs, and system information on affected devices. This type of breach, stemming from infostealer malware, underscores the urgent need for proactive cybersecurity measures—including the use of password managers, antivirus protection, and routine system monitoring—to mitigate the risk of identity theft and further exploitation.
Leaked Data Types: Email Address, Username, IP Address, Credit Card, Plaintext Password, HomePage URL
Added on June 23, 2025

Bangkok Gems & Jewelry Fair
Breached Records: 65,660
In August 2018, Bangkok Gems & Jewelry Fair, the official online portal for the world-renowned biannual trade exhibition held in Thailand, suffered a data breach that affected 65,660 users. The compromised data included email addresses and MD5 password hashes. Users should be aware that MD5 hashes are easily crackable and should change their passwords on any platforms where similar credentials may have been used.
Leaked Data Types: Email Address, Password Hash
Added on June 23, 2025

PlayKidsGames
Breached Records: 28,528
In August 2018, PlayKidsGames, a Malaysian platform serving as a free online children’s game portal, suffered a data breach affecting nearly 29 thousand unique records. The exposed data includes email addresses and plaintext passwords. Strong cybersecurity measures are essential to protect vulnerable users and prevent unauthorized access.
Leaked Data Types: Email Address, Plaintext Password
Added on June 23, 2025

Baseball Prospectus
Breached Records: 107,622
In August 2018, Baseball Prospectus, a United States-based sports analysis and media platform, suffered a data breach affecting approximately 290 thousand records. The exposed data includes around 107,000 unique email addresses and either bcrypt hashed, PHPass hashed, or plaintext passwords. Consistent use of strong encryption methods is vital to protect sensitive data and maintain user trust.
Leaked Data Types: Email Address, Password Hash, Plaintext Password
Added on June 20, 2025

NOD Games
Breached Records: 104,543
In August 2018, NOD Games—a South Korea–based developer and publisher of blockchain-powered games specializing in play-to-earn MMO and RPG titles—suffered a data breach that affected 104,543 users. The compromised data included email addresses and plaintext passwords. This incident highlights the critical importance of robust cybersecurity practices in the gaming and blockchain sectors, where user accounts often involve both personal data and digital assets.
Leaked Data Types: Email Address, Plaintext Password
Added on June 20, 2025

SBoards
Breached Records: 127,686
In August 2018, SBoards—a now-defunct U.S.-based informational website covering all topics related to SBoards—suffered a data breach that affected 127,686 users. The compromised data included email addresses and plaintext passwords. This incident highlights the ongoing need for strong cybersecurity measures, even for niche or discontinued platforms, to ensure the long-term protection of user information.
Leaked Data Types: Email Address, Plaintext Password
Added on June 20, 2025