Skip to content
Cyber Breaches
Search
Data breachResolved

Evony data breach (2016)

In June 2016, the online multiplayer game Evony was hacked and over 29 million unique accounts were exposed. The attack led to the exposure of usernames, email and IP addresses and MD5 hashes of passwords (without salt).

Victim
Evony
records
29.4M
SectorTechnology

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2016-06-01, Evony was affected by a data breach. Approximately 29,396,116 accounts were exposed. In June 2016, the online multiplayer game Evony was hacked and over 29 million unique accounts were exposed. The attack led to the exposure of usernames, email and IP addresses and MD5 hashes of passwords (without salt).

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Evony
  2. evony.comhttps://evony.com

Related incidents

Data breachResolved

PayAsUGym data breach (2016)

In December 2016, an attacker breached PayAsUGym's website exposing over 400k customers' personal data. The data was consequently leaked publicly and broadly distributed via Twitter.

Victim
PayAsUGym
Records
400.3K
Data breachResolved

FashionFantasyGame data breach (2016)

In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.

Victim
FashionFantasyGame
Records
2.4M
Data breachResolved

Warmane data breach (2016)

In approximately December 2016, the online service for World of Warcraft private servers Warmane suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes.

Victim
Warmane
Records
1.1M
Data breachResolved

GFAN data breach (2016)

In October 2016, data surfaced that was allegedly obtained from the Chinese website known as GFAN and contained 22.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified".

Victim
GFAN
Records
22.5M