Skip to content
Cyber Breaches
Search
Data breachResolved

Verifications.io data breach (2019)

In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses…

Victim
Verifications.io
records
763.1M
SectorRetail

Imported from Have I Been Pwned — pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2019-02-25, Verifications.io was affected by a data breach. Approximately 763,117,241 accounts were exposed. In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses…

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Verifications.io
  2. verifications.iohttps://verifications.io

Related incidents

Data breachResolved

Benchmark data breach (2019)

In November 2019, the Serbian technology news website Benchmark suffered a breach of its forum that exposed 93k customer records. The breach exposed IP and email addresses, usernames and passwords stored as salted MD5 hashes.

Victim
Benchmark
Records
93.3K
Data breachResolved

Indian Railways data breach (2019)

In November 2019, the website for Indian Rail left more than 2M records exposed on an unprotected Firebase database instance. The exposed data included 583k unique email addresses alongside usernames and passwords stored in plain text.

Victim
Indian Railways
Records
583.4K
Data breachResolved

StarTribune data breach (2019)

In October 2019, the Minnesota-based news service StarTribune suffered a data breach which was subsequently sold on the dark web. The breach exposed over 2 million unique email addresses alongside names, usernames, physical addresses, dates of birth, genders and passwords stored as bcrypt hashes.

Victim
StarTribune
Records
2.2M
Data breachResolved

The Halloween Spot data breach (2019)

In September 2019, the Halloween costume store The Halloween Spot suffered a data breach. Originally misattributed to fancy dress store Smiffys, the breach contained 13GB of data with over 10k unique email addresses alongside names, physical and IP addresses, phone numbers and order histories.

Victim
The Halloween Spot
Records
10.7K