DARKHIVEâ„¢
The world’s largest database of compromised credentials.
Our dark web analysts have uncovered over 100+ billion compromised records stemming from tens of thousands of company data breaches. Discover if your company, employees, or customers have been compromised.
Database Leaks
Stealerlogs
Pastebins
Combolists
Access sensitive data and breach insights
Data holds no value unless it’s actionable. Our database will show email addresses, passwords (including hashes), usernames, IP addresses and any other information that may have been exposed for your team to properly remediate.
Over 100 Billion+ Breached Records From The Dark Web
Data is breached and then leaked online
hEROIC UNCOVERS THE DATA AS IT’S SHARED
DATA IS CLEANED, Processed, & distributed
Data is uploaded into the HEROIC DarkHiveâ„¢ for compromised credential search and reporting capabilities utilizing our advanced AI Engine.Â
GrupoDragon
In August 2018, GrupoDragon, a now-defunct Spanish construction service and oil industry website, suffered a data breach that affected 56,210 users. The compromised data included email addresses and MD5 password hashes. Users should rotate passwords immediately and be cautious with accounts that share credentials.
Obeikan Education
In July 2020, Obeikan Education, a division of the Obeikan Investment Group headquartered in Riyadh, Saudi Arabia, and active across the GCC and MENA regions, suffered a data breach that affected 838,405 users. The compromised data included email addresses and MD5 password hashes. Since MD5 is a weak algorithm, users should update their passwords and avoid using similar ones on other platforms.
On Thi Online
In July 2020, On Thi Online, a now-defunct Vietnamese exam prep portal for secondary and high school students, suffered a data breach that affected 335,637 users. The compromised data included email addresses and MD5 password hashes. Users should change affected passwords and stay alert to potential credential misuse.
Institute of History and Philology at Academia Sinica
In August 2018, the Institute of History and Philology at Academia Sinica, Taiwan’s premier academic research institution located in Nankang, Taipei, suffered a data breach that affected 35,110 users. The compromised data included email addresses and MD5 password hashes. Users should change passwords and ensure stronger credentials are used for academic and institutional platforms.
Upstrax
In February 2018, Upstrax, a German music-sharing platform for emerging DJs and artists—known for connecting with Sunshine Live radio—suffered a data breach that affected 142,865 users. The compromised data included email addresses and password hashes stored in an unknown format. Users are advised to change passwords as a precaution due to the unclear strength of the encryption used.
Sherton English
In August 2018, Sherton English, an educational e-learning platform offering a free, comprehensive 52-week English course and based in the United States, suffered a data breach that affected 569,483 users. The compromised data included email addresses and password hashes stored in an unknown format. Due to the uncertainty of the hashing method, users should update passwords and avoid reusing credentials elsewhere.
Poshmark
In May 2018, Poshmark, a U.S.-based social commerce marketplace, suffered a data breach that affected 36 million user accounts. The compromised data included email addresses, names, usernames, genders, locations, and passwords stored as bcrypt hashes. This incident highlights the importance of enforcing strong cybersecurity practices in retail operations to protect customer privacy and prevent misuse of personal data.
Autolikes
In June 2025, Autolikes, a desktop application developed in Japan to automate engagement on Instagram and X (formerly Twitter), suffered a data breach that impacted 38,811 users. The compromised data included email addresses and pHpass password hashes, putting users at risk of credential cracking or targeted phishing attacks.
Bonobos
In August 2020, the clothing retailer Bonobos suffered a data breach containing approximately 2.8 million records. The compromised information included email addresses, names, physical and IP addresses, phone numbers, and passwords stored as salted SHA-512 hashes. Additionally, partial credit card details were exposed, such as the card type, name on the card, expiration date, and the last four digits of the card. This breach emphasizes the importance of safeguarding sensitive customer data through enhanced security protocols.
Stacje Benzynowe
In August 2018, Stacje Benzynowe, a Polish platform for checking fuel prices and tracking driver spending, suffered a data breach that affected 188,342 users. The compromised data included email addresses and MD5 password hashes. Users should update any reused passwords and avoid platforms using weak hashing techniques like MD5.
MyStudiyo
In February 2018, MyStudio, a now-defunct online quiz and interactive assessment platform based in the United States, suffered a data breach that affected 408,813 users. The compromised data included email addresses and MD5 password hashes. Users should change any reused passwords and ensure strong security practices across platforms.
Center for Civic Education
In August 2018, the Center for Civic Education, a U.S.-based nonprofit founded in 1965 and headquartered in Calabasas, California, suffered a data breach that affected 74,886 users. The compromised data included email addresses and MD5 password hashes. Users should rotate credentials and be cautious about reusing passwords on other websites.
CATIA Community
In February 2018, Catia Community, a French professional community portal for users of CATIA software, suffered a data breach affecting over 336,000 records. The exposed data includes around 316,000 unique email addresses and passwords stored as plain text. Storing passwords without encryption poses severe security risks. Implementing secure password storage and strong cybersecurity practices is critical to protect user accounts.
Centre Local de Promotion de la Santé de Charleroi–Thuin (CLPS‑CT)
In April 2020, the Centre Local de Promotion de la Santé de Charleroi–Thuin (CLPS‑CT), a nonprofit public health promotion agency in Wallonia, Belgium, suffered a data breach that affected 371,050 users. The compromised data included email addresses and MD5 password hashes. Users should update passwords and monitor for potential misuse of exposed data.
Super Talent
In May 2020, Super Talent, a U.S.-based employment website, suffered a data breach that affected 215,029 users. The compromised data included email addresses and password hashes stored in an unknown format. Users should update their credentials due to uncertainty around the security of the hashing method used.
Telegram StarLinkClouds Logs 6-10-25 by .boxed.pw
On June 10, 2025, a stealer log titled StarLink[Logs] was circulated through a Telegram channel. The log exposed around 39,000 email addresses, along with plaintext passwords, usernames, homepage URLs, IP addresses, and system information from the compromised devices. This incident reinforces the necessity of strong cybersecurity defenses to guard against stealer malware threats.
7 Day Listings
In March 2023, 7 Day Listings, a California-based real estate platform, suffered a data breach exposing approximately 48,000 records containing nearly 1500 unique email addresses, phone numbers, full names, physical addresses, and MD5 hashed passwords. This incident highlights the critical need for robust cybersecurity measures to safeguard sensitive information from unauthorized access.
Telegram StarLinkClouds Logs v3 6-11-25 by .boxed.pw
On June 11, 2025, a stealer log titled StarLink[Logs] v.3 was shared on a Telegram channel. It exposed rougly 25,000 email addresses, along with plaintext passwords, homepage URLs, IP addresses, and system details of infected machines. This incident underscores the ongoing need for strong cybersecurity measures to prevent the spread of stealer malware.
101db
In January 2023, 101db, a US-based e-commerce platform specializing in professional audio equipment, experienced a data breach exposing approximately 2,300 records containing over 2100 unique email addresses and full names. This incident emphasizes the importance of implementing strong cybersecurity measures to protect sensitive customer information from potential breaches.
WorldByte
In January 2023, WorldByte, a Russian-based web hosting company offering comprehensive hosting and server solutions, suffered a data breach exposing approximately 17,000 records containing just 33 unique email addresses, usernames, and MD5 hashed passwords. The exposure poses risks such as unauthorized access to sensitive information, which could be exploited for identity theft or fraud. Proper cybersecurity measures are crucial to protect such information from falling into the wrong hands.