Skip to content
Cyber Breaches
Search
Data breachResolved

123RF data breach (2020)

In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was provided to HIBP by dehashed.com.

Victim
123RF
records
8.7M
SectorRetail

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2020-03-22, 123RF was affected by a data breach. Approximately 8,661,578 accounts were exposed. In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was provided to HIBP by dehashed.com.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#123RF
  2. 123rf.comhttps://123rf.com

Related incidents

Data breachResolved

MEO data breach (2020)

In early 2023, a corpus of data sourced from the New Zealand based face mask company MEO was discovered. Dating back to December 2020, the data contained over 8k customer records including names, addresses, phone numbers and passwords stored as MD5 Wordpress hashes.

Victim
MEO
Records
8.2K
Data breachResolved

NetGalley data breach (2020)

In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1 hashes.

Victim
NetGalley
Records
1.4M
Data breachResolved

DriveSure data breach (2020)

In December 2020, the car dealership service provider DriveSure suffered a data breach. The incident resulted in 26GB of data being downloaded and later shared on a hacking forum. Impacted personal information included 3.6 million unique email addresses, names, phone numbers and physical addresses.

Victim
DriveSure
Records
3.7M
Data breachResolved

Wongnai data breach (2020)

In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service, Wongnai.

Victim
Wongnai
Records
3.9M