Skip to content
Cyber Breaches
Search
Data breachResolved

Estante Virtual data breach (2019)

In February 2019, the Brazilian book store Estante Virtual suffered a data breach that impacted 5.4M customers. The exposed data included names, usernames, email and physical addresses, phone numbers, dates of birth and unsalted SHA-1 password hashes.

Victim
Estante Virtual
records
5.4M
SectorRetail
CountryBrazil

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2019-02-28, Estante Virtual was affected by a data breach. Approximately 5,412,603 accounts were exposed. In February 2019, the Brazilian book store Estante Virtual suffered a data breach that impacted 5.4M customers. The exposed data included names, usernames, email and physical addresses, phone numbers, dates of birth and unsalted SHA-1 password hashes.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#EstanteVirtual
  2. estantevirtual.com.brhttps://estantevirtual.com.br

Related incidents

Data breachResolved

Vakinha data breach (2020)

In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which was subsequently shared extensively…

Victim
Vakinha
Records
4.8M
Data breachResolved

HomeRefill data breach (2020)

In April 2020, now defunct Brazilian e-commerce platform HomeRefill suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 187k unique email addresses along with names, phone numbers, dates of birth and salted password hashes.

Victim
HomeRefill
Records
187.5K
Data breachResolved

James data breach (2020)

In June 2020, 14 previously undisclosed data breaches appeared for sale including the Brazilian delivery service, "James". The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations expressed in longitude and latitude and passwords stored as bcrypt hashes.

Victim
James
Records
1.5M
Data breachResolved

Catho data breach (2020)

In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed for sale on a dark web marketplace. The breach included almost 11 million records with 1.2 million unique email addresses.

Victim
Catho
Records
1.2M