DARKHIVE™
The world’s largest database of compromised credentials.
Our dark web analysts have uncovered over 100+ billion compromised records stemming from tens of thousands of company data breaches. Discover if your company, employees, or customers have been compromised.
Database Leaks
Stealerlogs
Pastebins
Combolists
Access sensitive data and breach insights
Data holds no value unless it’s actionable. Our database will show email addresses, passwords (including hashes), usernames, IP addresses and any other information that may have been exposed for your team to properly remediate.
Over 100 Billion+ Breached Records From The Dark Web
Data is breached and then leaked online
hEROIC UNCOVERS THE DATA AS IT’S SHARED
DATA IS CLEANED, Processed, & distributed
Data is uploaded into the HEROIC DarkHive™ for compromised credential search and reporting capabilities utilizing our advanced AI Engine.
Host my Website Online
In January 2023, Host my Website Online, a web hosting service platform, suffered a data breach exposing approximately 7,000 records containing 65 unique email addresses, usernames, IP addresses, and PHPass hashed passwords. The exposure of these sensitive information underscores the critical need for robust cybersecurity measures to protect such personal data from unauthorized access and safeguard user privacy.
TalentMovers Consulting
In March 2025, a login portal for the Recruitment Management System (RMS) operated by TalentMovers Consulting, a recruitment and staffing firm based in India, suffered a data breach that affected 131,251 users. The compromised data included email addresses, full names, birthdates, genders, phone numbers, physical addresses, and dates. This breach underscores the importance of strong cybersecurity protocols, especially for platforms handling personal and employment-related information.
Top Cruise Deals
In April 2025, Top Cruise Deals, a U.S.-based online platform that helps users compare cruise rates and discover discounted cruise packages, experienced a data breach affecting 25,886 users. The compromised information included email addresses, IP addresses, and associated dates. This incident emphasizes the importance of implementing robust cybersecurity measures to protect user privacy and maintain trust in travel and booking services.
Hightech-TH
In August 2022, Hightech-TH, a Thai-based platform specializing in FiveM mod programs for GTA V, exposed approximately 6,000 records containing over 3800 unique email addresses, usernames, and MD5 hashed passwords. This breach underscores the importance of proper cybersecurity measures to protect such sensitive data from unauthorized access, as easily crackable hashes like MD5 increase the risk of potential attacks on gaming software and hardware, leading to further security breaches or misuse.
Nacon (Gamecom)
In April 2019, Nacon (formerly known as Gamecon)—a U.S.-based e-commerce platform specializing in gaming gear—experienced a data breach that affected 1 million users. The compromised data included email addresses and plaintext passwords. This breach underscores the importance of implementing robust cybersecurity measures in e-commerce environments to protect customer data and maintain consumer confidence.
HispaShare Club
In December 2022, HispaShare Club, a Spanish online catalogue for films, TV series, and documentaries, suffered a data breach exposing approximately 2 million records containing around 170,000 unique email addresses, usernames, IP addresses, and SHA256 hashed passwords. The exposure of such sensitive information highlights the critical need for robust cybersecurity measures to protect user data from unauthorized access and safeguard against potential threats that could arise.
Duduniu
In October 2011, Duduniu, a Chinese gaming forum and community platform, suffered a data breach impacting over 16 million records. The exposed data includes approximately 7.3 million unique email addresses, usernames, and passwords stored as plain text. Strong cybersecurity practices, such as hashing and salting passwords, are crucial to protect user data and prevent widespread damage.
GameForum
In August 2018, GameForum—a now-defunct U.K.-based online gaming forum—experienced a data breach that affected 73,573 users. The compromised data included email addresses and plaintext passwords. This breach serves as a reminder of the critical importance of implementing effective cybersecurity measures, even for niche or discontinued platforms, to safeguard user information and maintain digital trust.
WomPlay
Sometime in 2019, WomPlay, a blockchain-based gaming platform created by the German company Spielworks GmbH, experienced a data breach that affected 123,212 users. The compromised data included usernames and plaintext passwords. This incident highlights the critical need for secure password storage practices and robust cybersecurity frameworks to protect user credentials.
Forum Lukas
In August 2018, Forum Lukas—a now-defunct U.S.-based online forum—suffered a data breach that affected 132,746 users. The compromised data included email addresses and plaintext passwords. This incident highlights the ongoing need for strong cybersecurity practices, even for smaller or discontinued platforms, to ensure user data remains protected throughout the platform’s lifecycle.
Giorgiotave.it
In August 2018, Giorgiotave.it—a now-defunct Italy-based digital marketing platform known for its news, expert insights, educational content, and active SEO community forum—suffered a data breach that affected 60,115 users. The compromised data included email addresses and plaintext passwords. This incident highlights the essential need for strong cybersecurity practices to protect user data, especially within professional and knowledge-sharing communities.
BiteGame
In August 2018, BiteGame suffered a data breach involving approximately 53 thousand records. The exposed data includes over 50,000 unique email addresses and passwords stored as plain text. Implementing strong encryption and secure storage methods is essential to prevent unauthorized access and data exploitation.
Xuesheng360
In June 2016, Xuesheng360, a Chinese student-focused portal offering classified services such as shopping, study materials, and entertainment, suffered a data breach affecting around 428 thousand unique records. The exposed data includes email addresses, usernames, and MD5 hashed and salted passwords. Adopting modern hashing algorithms and maintaining rigorous cybersecurity standards are essential to safeguard user information.
Hotel Plaza Roma
In March 2023, Hotel Plaza Roma, a hotel in Buenos Aires, Argentina, suffered a data breach exposing approximately 20,000 records containing over 7400 unique email addresses, usernames, full names, phone numbers, physical addresses, and IP addresses. The exposure of such sensitive information highlights the importance of implementing robust cybersecurity measures to protect personal data from unauthorized access and safeguard user privacy against potential threats.
3Asafeer
In August 2018, 3Asafeer, an Arabic ecommerce platform, suffered a data breach affecting nearly 13 thousand records. The exposed data includes over 10,000 email addresses and MD5 hashed passwords. Adopting robust encryption and security protocols is vital to protect user credentials and uphold platform integrity.
OTP Bank Russia
In May 2025, the call center of OTP Bank Russia—a subsidiary of the Hungarian OTP Group that provides a variety of banking services including retail banking and customer support—suffered a data breach impacting 76,511 users. The compromised data included phone numbers, full names, geographic locations, physical addresses, and dates. This incident highlights the critical need for robust cybersecurity measures within the financial sector to safeguard sensitive customer information.
EAP Films and Theatres
In August 2018, EAP Films and Theatres—a leading cinema chain and online ticketing platform based in Sri Lanka—experienced a data breach that affected 73,506 users. The compromised data included email addresses and plaintext passwords. This breach emphasizes the critical importance of strong cybersecurity measures in protecting customer data, particularly in online services that handle personal and transactional information.
Krasnodar Krai (Краснодарский край)
In December 2024, the official government portal for Krasnodar Krai (Краснодарский край), a federal subject of the Russian Federation located in the country's southwest, suffered a data breach that affected 691 users. The compromised data included email addresses, phone numbers, full names, birthdates, and physical addresses. This incident highlights the critical need for government institutions to adopt and maintain robust cybersecurity measures to protect sensitive citizen data.
Catwalk
In October 2011, Catwalk, a Chinese ecommerce platform specializing in fashion and beauty related products, suffered a data breach affecting approximately 7.5 million records. The exposed data includes over 235,000 unique email addresses, usernames, and MD5 hashed passwords. Strong cybersecurity measures are essential to prevent large-scale data leaks and protect customer trust.
Hemporium
In June 2022, Hemporium, an Italian e-commerce platform specializing in cannabis products, suffered a data breach exposing approximately 450,000 records containing over 34,000 unique email addresses, full names, IP addresses, genders, birthdays, and MD5 hashed passwords. The exposure of these sensitive details underscores the critical need for robust cybersecurity measures to safeguard such personal information from unauthorized access and potential threats.
/qr-code.png)