Skip to content
Cyber Breaches
Search
Data breachResolved

NetGalley data breach (2020)

In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1 hashes.

Victim
NetGalley
records
1.4M
SectorRetail

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2020-12-21, NetGalley was affected by a data breach. Approximately 1,436,435 accounts were exposed. In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1 hashes.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#NetGalley
  2. netgalley.comhttps://netgalley.com

Related incidents

Data breachResolved

MEO data breach (2020)

In early 2023, a corpus of data sourced from the New Zealand based face mask company MEO was discovered. Dating back to December 2020, the data contained over 8k customer records including names, addresses, phone numbers and passwords stored as MD5 Wordpress hashes.

Victim
MEO
Records
8.2K
Data breachResolved

DriveSure data breach (2020)

In December 2020, the car dealership service provider DriveSure suffered a data breach. The incident resulted in 26GB of data being downloaded and later shared on a hacking forum. Impacted personal information included 3.6 million unique email addresses, names, phone numbers and physical addresses.

Victim
DriveSure
Records
3.7M
Data breachResolved

Wongnai data breach (2020)

In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service, Wongnai.

Victim
Wongnai
Records
3.9M
Data breachResolved

bigbasket data breach (2020)

In October 2020, the Indian grocery platform bigbasket suffered a data breach that exposed over 20 million customer records. The data was originally sold before being leaked publicly in April the following year and included email, IP and physical addresses, names, phones numbers, dates of birth…

Victim
bigbasket
Records
24.5M