Skip to content

Incidents from

2022

Data breachResolved

RailYatri data breach (2022)

In December 2022, Indiaโ€™s government-approved online travel agency RailYatri suffered a data breach. The incident impacted over 31M customers and exposed 23M unique email addresses. Also impacted were names, genders, phone numbers and tickets purchased, including travel information and fares.

Victim
RailYatri
Records
23.2M
Data breachResolved

Gemini data breach (2022)

In late 2022, a hacker posted a data set to a public hacking forum which they alleged was sourced from the Gemini crypto exchange, a claim that was later proven to be false as the data was traced back to an incident at a third-party vendor.

Victim
Gemini
Records
5.3M
RansomwareResolved

EPM BlackCat ransomware attack

The BlackCat/ALPHV ransomware gang crippled Colombia's largest public utility, Empresas Pรบblicas de Medellรญn, forcing 4,000 staff to work offline and disrupting electricity, water, and gas billing across 123 municipalities.

Victim
Empresas Pรบblicas de Medellรญn (EPM)
Data breachResolved

SevenRooms data breach (2022)

In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum. The data included 1.2M unique email addresses alongside names and purchases.

Victim
SevenRooms
Records
1.2M
Data breachResolved

Activision data breach (2022)

In December 2022, attackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee.

Victim
Activision
Records
16.0K
Data breachResolved

GunAuction.com data breach (2022)

In December 2022, the online firearms auction website GunAuction.com suffered a data breach which was later discovered left unprotected on the hacker's server.

Victim
GunAuction.com
Records
565.5K
Data breachResolved

CoinTracker data breach (2022)

In December 2022, the Crypto & NFT taxes service CoinTracker reported a data breach that impacted over 1.5M of their customers. The company later attributed the breach to a compromise SendGrid in an attack that targeted multiple customers of the email provider.

Victim
CoinTracker
Records
1.6M
Data breachResolved

BreachForums data breach (2022)

In November 2022, the well-known hacking forum "BreachForums" was itself, breached. Later the following year, the operator of the website was arrested and the site seized by law enforcement agencies.

Victim
BreachForums
Records
212.2K
Data breachResolved

Movie Forums data breach (2022)

In December 2022, the Movie Forums website suffered a data breach that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking forum.

Victim
Movie Forums
Records
39.9K
RansomwareContained

AIIMS Delhi ransomware

Ransomware encrypted the All India Institute of Medical Sciences in New Delhi โ€” India's most prestigious public hospital โ€” taking patient registration and clinical records offline for two weeks during peak winter patient load.

Victim
All India Institute of Medical Sciences (AIIMS) New Delhi
Loss
$15.0M
Data breachResolved

Avito data breach (2022)

In November 2022, the Moroccan e-commerce service Avito suffered a data breach that exposed the personal information of 2.7M customers. The data included name, email, phone, IP address and geographic location.

Victim
Avito
Records
2.7M
Data breachResolved

Washington State Food Worker Card data breach (2022)

In June 2023, the Tacoma-Pierce County Health Department announced a data breach of their Washington State Food Worker Card online training system. The breach was published to a popular hacking forum the year before and dated back to a 2018 database backup.

Victim
Washington State Food Worker Card
Records
1.6M
Data breachResolved

Abandonia (2022) data breach (2022)

In November 2022, the gaming website dedicated to classic DOS games Abandonia suffered a data breach resulting in the exposure of 920k unique user records. This breach was in addition to another one 7 years earlier in 2015.

Victim
Abandonia (2022)
Records
919.8K
Data breachResolved

MyPertamina data breach (2022)

In November 2022, the Indonesian oil and gas company Pertamina suffered a data breach of their MyPertamina service. The incident exposed 44M records with 6M unique email addresses along with names, dates of birth, genders, physical addresses and purchases.

Victim
MyPertamina
Records
6.0M
Data breachResolved

RealDudesInc data breach (2022)

In October 2022, the GTA mod menu provider RealDudesInc suffered a data breach that exposed over 100k email addresses (many of which are temporary guest account addresses). The breach also included usernames and bcrypt password hashes.

Victim
RealDudesInc
Records
101.5K
Data breachResolved

Doomworld data breach (2022)

In October 2022, the Doomworld fourm suffered a data breach that exposed 34k member records. The data included email and IP addresses, usernames and bcrypt password hashes.

Victim
Doomworld
Records
34.5K
Data breachResolved

Locally data breach (2022)

In October 2022, "The Industry's Leading Online-to-Offline Shopping Solution" Locally suffered a data breach. Whilst Locally acknowledged the breach privately, it's unknown whether impacted customers were subsequently notified of the incident which exposed over 362k names, phone numbers, email andโ€ฆ

Victim
Locally
Records
362.6K
Data breachResolved

ClickASnap data breach (2022)

In September 2022, the online photo sharing platform ClickASnap suffered a data breach. The incident exposed almost 3.3M personal records including email addresses, usernames and passwords stored as SHA-512 hashes.

Victim
ClickASnap
Records
3.3M
Data breachResolved

Traderie data breach (2022)

In September 2022, the in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles.

Victim
Traderie
Records
364.9K
Data breachResolved

Online Trade (ะžะฝะปะฐะนะฝ ะขั€ะตะนะด) data breach (2022)

In September 2022, the Russian e-commerce website Online Trade (ะžะฝะปะฐะนะฝ ะขั€ะตะนะด) suffered a data breach that exposed 3.8M customer records. The data included email and IP addresses, names, phone numbers, dates of birth and MD5 password hashes.

Victim
Online Trade (ะžะฝะปะฐะนะฝ ะขั€ะตะนะด)
Records
3.8M
Data breachResolved

Get Revenge On Your Ex data breach (2022)

In September 2022, the revenge website Get Revenge On Your Ex suffered a data breach that exposed almost 80k unique email addresses. The data spanned both customers and victims including names, IP and physical addresses, phone numbers, purchase histories and plain text passwords.

Victim
Get Revenge On Your Ex
Records
79.2K
Data breachResolved

APK.TW data breach (2022)

In September 2022, the Taiwanese Android forum APK.TW suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.5M unique email addresses along with IP addresses, usernames and salted MD5 password hashes.

Victim
APK.TW
Records
2.5M
Data breachResolved

Wakanim data breach (2022)

In August 2022, the European streaming service Wakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.

Victim
Wakanim
Records
6.7M
Data breachResolved

Brand New Tube data breach (2022)

In August 2022, the streaming website Brand New Tube suffered a data breach that exposed the personal information of almost 350k subscribers. The impacted data included email and IP addresses, usernames, genders, passwords stored as unsalted SHA-1 hashes and private messages.

Victim
Brand New Tube
Records
349.6K
Data breachResolved

Latest Pilot Jobs data breach (2022)

In August 2022, the Latest Pilot Jobs website suffered a data breach that later appeared on a popular hacking forum before being redistributed as part of a larger corpus of data. The data included 119k unique email addresses along with names, usernames and unsalted MD5 password hashes.

Victim
Latest Pilot Jobs
Records
118.9K
Data breachResolved

GGCorp data breach (2022)

In August 2022, the MMORPG website GGCorp suffered a data breach that exposed almost 2.4M unique email addresses. The data also included IP addresses, usernames and MD5 password hashes.

Victim
GGCorp
Records
2.4M
Data breachResolved

iMenu360 data breach (2022)

In approximately late 2022, 3.4M customer records from iMenu360 ("The world's #1 most trusted online ordering platform") were exposed. The data appeared to be from ordering systems using the platform and contained email and physical addresses, latitudes and longitudes, names and phone numbers.

Victim
iMenu360
Records
3.4M
Data breachResolved

Shitexpress data breach (2022)

In August 2022, the online faeces delivery service Shitexpress suffered a data breach that exposed 24k unique email addresses. The addresses spanned invoices, gift cards, promotions and PayPal records.

Victim
Shitexpress
Records
23.8K
Data breachResolved

DoorDash data breach (2022)

In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed "third-party vendor" they stated was the victim of a phishing campaign.

Victim
DoorDash
Records
367.5K
Data breachResolved

Didi Global data security enforcement case

China's cyberspace regulator fined ride-hailing giant Didi Global RMB 8.026 billion (about $1.2 billion) after a year-long review found 16 violations of the Cybersecurity Law, Data Security Law and Personal Information Protection Law, including the illegal collection of facial-recognition, location and clipboard data from hundreds of millions of riders and drivers.

Victim
Didi Global
Loss
$1.20B
Data breachResolved

Exvagos data breach (2022)

In July 2022, the direct download website Exvagos suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and MD5 password hashes.

Victim
Exvagos
Records
2.1M
Data breachResolved

Hjedd data breach (2022)

In July 2022, the Chinese adult website Hjedd was found to be leaking more than 13M customer records which subsequently appeared on a popular hacking forum. The exposed data included email and IP addresses, usernames and passwords stored as bcrypt hashes.

Victim
Hjedd
Records
13.2M
WiperContained

Albania HomeLand Justice destructive wiper (Iran MOIS, 2022)

Iran's Ministry of Intelligence and Security, operating as 'HomeLand Justice', spent 14 months dwelling in Albanian government networks before launching ransomware-style file encryption and disk-wiping malware. Albania suspended online public services and became the first country in history to sever diplomatic ties with another state over a cyberattack.

Victim
Government of Albania
Data breachResolved

OGUsers (2022 breach) data breach (2022)

In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords stored as argon2 hashes. A total of 529k unique email addresses appeared in the breach.

Victim
OGUsers (2022 breach)
Records
529.0K
Data breachResolved

Weee data breach (2022)

In February 2023, data belonging to the Asian and Hispanic food delivery service Weee appeared on a popular hacking forum. Dating back to mid-2022, the data included 1.1M unique email addresses from 11M rows of orders containing names, phone numbers and delivery instructions.

Victim
Weee
Records
1.1M
Data breachResolved

Vultr data breach (2022)

In March 2023, the "AI-first global cloud platform" Vultr disclosed a security incident at a third-party vendor. Dating back to the previous year, the incident was attributed to the ActiveCampaign email marketing service provider and resulted in the exposure of 188k unique email addresses.

Victim
Vultr
Records
187.9K
Data breachunresolved

Shanghai National Police database leak

An exposed Shanghai Public Security Bureau database left a hacker known as 'ChinaDan' offering 23 terabytes of data on roughly 1 billion Chinese residents โ€” names, national ID numbers, phone numbers, addresses and police case records โ€” for 10 bitcoin, in what is widely regarded as the largest government data breach in Chinese history.

Victim
Shanghai National Police (Shanghai Public Security Bureau)
Records
1.00B
Data breachResolved

Adopt Me Trading Values data breach (2022)

In July 2022, the Adopt Me Trading Values website for assessing the value of pet trades within the "Adopt Me!" Roblox game suffered a data breach that was later redistributed as part of a larger corpus of data.

Victim
Adopt Me Trading Values
Records
86.1K
sabotageunresolved

Iranian steel plants cyber-sabotage

Predatory Sparrow compromised industrial control systems at three major Iranian steelmakers, halting production and โ€” in CCTV footage the group released โ€” causing a machine at Khouzestan Steel to spew molten metal and fire across the factory floor.

Victim
Khouzestan Steel, Mobarakeh Steel & Hormozgan Steel
Data breachResolved

Altenen data breach (2022)

In June 2022, the malicious "carding" (referring to credit card fraud) website Altenen suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 1.3M unique email addresses, usernames, bcrypt password hashes and cryptocurrency wallet addresses.

Victim
Altenen
Records
1.3M
Data breachResolved

Disk Union data breach (2022)

In June 2022, the Japanese record chain store Disk Union suffered a data breach. The incident exposed 690k unique email addresses along with names, post codes, phone numbers and plain text passwords.

Victim
Disk Union
Records
690.7K
Data breachResolved

MemeChat data breach (2022)

In mid-2022, "the ultimate hub of memes" MemeChat suffered a data breach that exposed 7.4M records. Alleged to be due to a misconfigured Elasticsearch instance, the data contained 4.3M unique email addresses alongside usernames.

Victim
MemeChat
Records
4.3M
Data breachResolved

TNAFlix data breach (2022)

In June 2022, the adult website TNAFlix suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 1.4M records of email and IP addresses, usernames and plain text passwords.

Victim
TNAFlix
Records
1.4M
Data breachResolved

WiredBucks data breach (2022)

In May 2022, the now defunct social media influencer platform WiredBucks suffered a data breach that was later redistributed as part of a larger corpus of data.

Victim
WiredBucks
Records
918.5K
Data breachResolved

QuestionPro data breach (2022)

In May 2022, the survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IPโ€ฆ

Victim
QuestionPro
Records
22.2M
Data breachResolved

Mangatoon data breach (2022)

In May 2022, the Hong Kong based Manga service Mangatoon suffered a data breach that exposed 23M subscriber records. The breach exposed names, email addresses, genders, social media account identities, auth tokens from social logins and passwords stored as salted MD5 hashes.

Victim
Mangatoon
Records
23.0M
Data breachResolved

BlackBerry Fans data breach (2022)

In May 2022, the Chinese BlackBerry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member records. The impacted data included usernames, email and IP addresses and passwords stored as salted MD5 hashes.

Victim
BlackBerry Fans
Records
174.2K
Data breachResolved

Gemotest medical laboratory data breach

A database from Russian medical-testing chain Gemotest was offered on a hacking forum, with sellers claiming data on 31 million clients โ€” names, passport and insurance numbers, dates of birth, addresses, phone numbers and email addresses. Have I Been Pwned later indexed about 6.3 million unique email addresses from the leak.

Victim
Gemotest
Records
31.0M
Data breachResolved

PaySystem.tech data breach (2022)

In mid-2022, data alleged to have been sourced from the Russian payment provider PaySystem.tech appeared in hacking circles where it was made publicly available for download.

Victim
PaySystem.tech
Records
1.4M
Data breachResolved

E-Pal data breach (2022)

In October 2022, the service dedicated to finding friends on Discord known as E-Pal disclosed a data breach. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.

Victim
E-Pal
Records
108.9K
Data breachResolved

PayHere data breach (2022)

In late March 2022, the Sri Lankan payment gateway PayHere suffered a data breach that exposed more than 65GB of payment records including over 1.5M unique email addresses.

Victim
PayHere
Records
1.6M
Data breachResolved

Viva Air data breach (2022)

In March 2022, the now defunct Colombian airline Viva Air suffered a data breach and subsequent ransomware attack. Among a trove of other ransomed data, the incident exposed a log of 2.6M transactions with 932k unique email addresses, physical and IP addresses, names, phone numbers and partialโ€ฆ

Victim
Viva Air
Records
932.2K
Data breachResolved

CDEK data breach (2022)

In early 2022, a collective known as IT Army whose stated goal is to "completely de-anonymise most Russian users by leaking hundreds of gigabytes of databases" published over 30GB of data allegedly sourced from Russian courier service CDEK.

Victim
CDEK
Records
19.2M
Data breachResolved

CraftRise data breach (2022)

In May 2023, news broke of a data breach of the Turkish Minecraft server known as CraftRise. The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords.

Victim
CraftRise
Records
2.5M
Insider threatResolved

Yandex.Eda customer data leak

Yandex's food-delivery service Yandex.Eda leaked the names, phone numbers, addresses, intercom codes and order details of more than 58,000 customers, which were later mapped onto an interactive public website. Russian regulator Roskomnadzor opened a case and a Moscow court fined the company 60,000 rubles.

Victim
Yandex.Eda
Loss
$700
Records
58.0K
Data breachResolved

Explore Talent (July 2024) data breach (2022)

In July 2024, a data breach attributed to Explore Talent was publicly posted to a popular hacking forum. Containing 5.7M rows with 5.4M unique email addresses, the incident has been described by various sources as occurring between early 2022 to 2023 and also contains names, phone numbers andโ€ฆ

Victim
Explore Talent (July 2024)
Records
5.4M
Data breachResolved

NVIDIA data breach (2022)

In February 2022, microchip company NVIDIA suffered a data breach that exposed employee credentials and proprietary code. Impacted data included over 70k employee email addresses and NTLM password hashes, many of which were subsequently cracked and circulated within the hacking community.

Victim
NVIDIA
Records
71.3K
Data breachResolved

A1 Hrvatska data breach

Croatian mobile carrier A1 Hrvatska disclosed unauthorized access to a customer database exposing the names, personal identification numbers, addresses and phone numbers of roughly 200,000 subscribers โ€” about 10% of its customer base.

Victim
A1 Hrvatska
Records
200.0K
Data breachResolved

GiveSendGo data breach (2022)

In February 2022, the Christian fundraising service GiveSendGo suffered a data breach which exposed the personal data of 90k donors to the Canadian "Freedom Convoy" protest against vaccine mandates.

Victim
GiveSendGo
Records
90.0K
Data breachResolved

Leaked Reality data breach (2022)

In January 2022, the now defunct uncensored video website Leaked Reality suffered a data breach that exposed 115k unique email addresses. The data also included usernames, IP addresses and passwords stored as either MD5 or phpass hashes.

Victim
Leaked Reality
Records
114.9K
Data breachResolved

MacGeneration data breach (2022)

In January 2022, the French Apple news website MacGeneration suffered a data breach. The incident exposed over 100k usernames, email addresses and passwords stored as salted SHA-512 hashes. After discovering the incident, MacGeneration self-submitted data to HIBP.

Victim
MacGeneration
Records
101.0K
Data breachResolved

Sundry Files data breach (2022)

In January 2022, the now defunct file upload service Sundry Files suffered a data breach that exposed 274k unique email addresses. The data also included usernames, IP addresses and passwords stored as salted SHA-256 hashes.

Victim
Sundry Files
Records
274.5K
WiperResolved

WhisperGate wiper attack

On the eve of Russia's invasion, a destructive wiper disguised as ransomware corrupted master boot records and files across dozens of Ukrainian government, IT and non-profit organisations, defacing official websites and signalling the cyber dimension of the coming war.

Victim
Ukrainian government, IT and non-profit organisations
Data breachResolved

Doxbin data breach (2022)

In January 2022, the "doxing" website designed to disclose the personal information of targeted individuals ("doxes") Doxbin suffered a data breach. The breach was subsequently leaked online and included over 370k unique email addresses across user accounts and doxes.

Victim
Doxbin
Records
370.8K
RansomwareResolved

Impresa media group ransomware attack

The Lapsus$ group seized the Amazon Web Services account of Impresa, Portugal's largest media conglomerate, knocking the Expresso newspaper and SIC television channels offline, defacing their websites and hijacking Expresso's verified Twitter account in what authorities called the country's largest ransomware attack.

Victim
Impresa (Expresso / SIC)
Data breachResolved

Twitter data breach (2022)

In January 2022, a vulnerability in Twitter's platform allowed an attacker to build a database of the email addresses and phone numbers of millions of users of the social platform.

Victim
Twitter
Records
6.7M