Skip to content
Cyber Breaches
Search
Data breachResolved

Kaneva data breach (2016)

In July 2016, now defunct website Kaneva, the service to "build and explore virtual worlds", suffered a data breach that exposed 3.9M user records. The data included email addresses, usernames, dates of birth and salted MD5 password hashes.

Victim
Kaneva
records
3.9M
SectorTechnology

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2016-07-01, Kaneva was affected by a data breach. Approximately 3,901,179 accounts were exposed. In July 2016, now defunct website Kaneva, the service to "build and explore virtual worlds", suffered a data breach that exposed 3.9M user records. The data included email addresses, usernames, dates of birth and salted MD5 password hashes.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Kaneva
  2. kaneva.comhttps://kaneva.com

Related incidents

Data breachResolved

PayAsUGym data breach (2016)

In December 2016, an attacker breached PayAsUGym's website exposing over 400k customers' personal data. The data was consequently leaked publicly and broadly distributed via Twitter.

Victim
PayAsUGym
Records
400.3K
Data breachResolved

FashionFantasyGame data breach (2016)

In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt. The data was contributed to Have I Been Pwned courtesy of rip@creep.im.

Victim
FashionFantasyGame
Records
2.4M
Data breachResolved

Warmane data breach (2016)

In approximately December 2016, the online service for World of Warcraft private servers Warmane suffered a data breach. The incident exposed over 1.1M accounts including usernames, email addresses, dates of birth and salted MD5 password hashes.

Victim
Warmane
Records
1.1M
Data breachResolved

GFAN data breach (2016)

In October 2016, data surfaced that was allegedly obtained from the Chinese website known as GFAN and contained 22.5M accounts. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified".

Victim
GFAN
Records
22.5M