Skip to content

Incidents from

2023

Data breachResolved

Hathway data breach (2023)

In December 2023, hundreds of gigabytes of data allegedly taken from Indian ISP and digital TV provider Hathway appeared on a popular hacking website. The incident exposed extensive personal information including 4.7M unique email addresses along with names, physical and IP addresses, phoneโ€ฆ

Victim
Hathway
Records
4.7M
Data breachResolved

GLAMIRA data breach (2023)

In late 2023, the online jewellery store GLAMIRA suffered a data breach they attributed to "an unauthorised individual [who] briefly accessed one of our servers". The data was subsequently published on a popular hacking forum and included 875k email addresses, names, phone numbers and purchases.

Victim
GLAMIRA
Records
874.6K
Data breachResolved

InflateVids data breach (2023)

In December 2023, the inflatable and balloon fetish videos website InflateVids suffered a data breach. The incident exposed over 13k unique email addresses alongside usernames, IP addresses, genders and SHA-1 password hashes.

Victim
InflateVids
Records
13.4K
RansomwareContained

Westpole LockBit ransomware โ€” Italian PA outage (2023)

LockBit 3.0 encrypted the data centres of Italian cloud provider Westpole, taking down PA Digitale's Urbi platform โ€” which serves 1,300 Italian public administrations including 540 municipalities, the Quirinale presidency, ISTAT, the Bank of Italy, and the Ministry of Environment. Payroll, citizen services, and local-government workflows were degraded for weeks.

Victim
Westpole / PA Digitale (Urbi platform)
Data breachResolved

Welhof data breach (2023)

In late 2023, the Dutch appliance store Welhof suffered a data breach. The incident exposed over 100k unique email addresses along with names, physical addresses and the value of purchases made.

Victim
Welhof
Records
107.3K
RansomwareResolved

ALAB Laboratoria ransomware data leak

The RA World ransomware gang breached Poland's nationwide ALAB Laboratoria medical-lab network, stealing patient test results and PESEL identity numbers. ALAB refused to pay, and the criminals published sensitive medical data on tens of thousands of patients in what became Poland's largest medical data breach.

Victim
ALAB Laboratoria
Records
50.0K
Data breachResolved

Zadig & Voltaire data breach (2023)

In June 2024, a data brach sourced from French fashion brand Zadig & Voltaire was publicly posted to a popular hacking forum. The data included names, email and physical addresses, phone numbers and genders.

Victim
Zadig & Voltaire
Records
586.9K
Data breachResolved

KitchenPal data breach (2023)

In November 2023, the kitchen management application KitchenPal suffered a data breach that exposed 146k lines of data. When contacted about the incident, KitchenPal advised the corpus of data came from a staging environment, although acknowledged it contained a small number of users for debuggingโ€ฆ

Victim
KitchenPal
Records
98.7K
Data breachResolved

Blooms Today data breach (2023)

In April 2024, 15M records from the online florist Blooms Today were listed for sale on a popular hacking forum. The most recent data in the breach corpus was from November 2023 and appeared alongside 3.2M unique email addresses, names, phone numbers physical addresses and partial credit card dataโ€ฆ

Victim
Blooms Today
Records
3.2M
RansomwareContained

ICBC Financial Services LockBit ransomware (2023)

LockBit ransomware disrupted the U.S. broker-dealer arm of the world's largest bank, ICBC, jamming settlement of over $9 billion in U.S. Treasury trades. Bank staff sent critical settlement details by USB stick via a messenger across Manhattan. $62 billion of Treasuries failed to deliver in one day.

Victim
ICBC Financial Services (U.S. broker-dealer of Industrial and Commercial Bank of China)
Loss
$9.00B
Data breachResolved

Chess data breach (2023)

In November 2023, over 800k user records were scraped from the Chess website and posted to a popular hacking forum. The data included email address, name, username and the geographic location of the user. A further 446k scraped records were later provided and added to HIBP.

Victim
Chess
Records
1.3M
Data breachResolved

LinkedIn Scraped and Faked Data (2023) data breach (2023)

In November 2023, a post to a popular hacking forum alleged that millions of LinkedIn records had been scraped and leaked. On investigation, the data turned out to be a combination of legitimate data scraped from LinkedIn and email addresses constructed from impacted individuals' names.

Victim
LinkedIn Scraped and Faked Data (2023)
Records
19.8M
Data breachResolved

Toumei data breach (2023)

In October 2023, the Japanese consultancy firm Toumei suffered a data breach. The breach exposed over 100M lines and 10GB of data including 77k unique email addresses along with names, phone numbers and physical addresses.

Victim
Toumei
Records
76.7K
Data breachResolved

Facebook Marketplace data breach (2023)

In February 2024, 200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations.

Victim
Facebook Marketplace
Records
77.3K
Data breachResolved

Shadow data breach (2023)

In September 2023, the cloud gaming provider Shadow suffered a data breach that exposed over half a million customer records. The data included email and physical addresses, names and dates of birth.

Victim
Shadow
Records
543.3K
Data breachResolved

Naz.API data breach (2023)

In September 2023, over 100GB of stealer logs and credential stuffing lists titled "Naz.API" was posted to a popular hacking forum. The incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairsโ€ฆ

Victim
Naz.API
Records
70.8M
Data breachResolved

Sphero data breach (2023)

In September 2023, over 1M rows of data from the educational robots company Sphero was posted to a popular hacking forum. The data contained 832k unique email addresses alongside names, usernames, dates of birth and geographic locations.

Victim
Sphero
Records
832.3K
Data breachResolved

Qakbot data breach (2023)

In August 2023, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure.

Victim
Qakbot
Records
6.4M
RansomwareRansom paid

Caesars Entertainment Scattered Spider ransom payment (2023)

Scattered Spider impersonated a Caesars employee on a call to a third-party IT support vendor and convinced the vendor to grant Okta credentials, then exfiltrated customer loyalty data including SSNs and driver's licences. Caesars paid roughly $15 million ransom; the FBI later froze a substantial portion of the funds with Chainalysis assistance.

Victim
Caesars Entertainment
Loss
$15.0M
Data breachResolved

PlayCyberGames data breach (2023)

In August 2023, PlayCyberGames which "allows users to play any games with LAN function or games using IP address" suffered a data breach which exposed 3.7M customer records. The data included email addresses, usernames and MD5 password hashes with a constant value in the "salt" field.

Victim
PlayCyberGames
Records
3.7M
Data breachResolved

MagicDuel data breach (2023)

In August 2023, the MagicDuel Adventure website suffered a data breach that exposed 138k user records. The data included player names, email and IP addresses and bcrypt password hashes.

Victim
MagicDuel
Records
138.4K
Data breachResolved

Manipulated Caiman data breach (2023)

In July 2023, Perception Point reported on a phishing operation dubbed "Manipulated Caiman". Targeting primarily the citizens of Mexico, the campaign attempted to gain access to victims' bank accounts via spear phishing attacks using malicious attachments.

Victim
Manipulated Caiman
Records
39.9M
Data breachResolved

Dymocks data breach (2023)

In September 2023, the Australian book retailer Dymocks announced a data breach. The data dated back to June 2023 and contained 1.2M records with 836k unique email addresses. The breach also exposed names, dates of birth, genders, phone numbers and physical addresses.

Victim
Dymocks
Records
836.1K
Data breachResolved

BreachForums Clone data breach (2023)

In June 2023, a clone of the previously shuttered popular hacking forum "BreachForums" suffered a data breach that exposed over 4k records. The breach was due to an exposed backup of the MyBB database which included email and IP addresses, usernames and Argon2 password hashes.

Victim
BreachForums Clone
Records
4.2K
DDoSResolved

Greek school-exam system DDoS attack

A massive multi-day DDoS attack on Greece's 'Subject Bank' (Trapeza Thematon) high-school exam platform disrupted nationwide exams with up to 280,000 connections per second and 165 million hits from 114 countries, the largest attack on a Greek public body.

Victim
Greek Ministry of Education (Subject Bank / Trapeza Thematon)
Data breachResolved

Polish Credentials data breach (2023)

In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum. Likely obtained by malware running on victims' machines, each record included an email address and plain text password alongside the website the credentials were used on.

Victim
Polish Credentials
Records
1.2M
RansomwareContained

Xplain Play ransomware and Swiss federal documents leak (2023)

Play ransomware breached Swiss IT services provider Xplain, exfiltrating 1.3 million files. Approximately 65,000 documents belonging to the Swiss Federal Administration โ€” including classified content, personal data, and readable passwords โ€” were published on Play's dark-web leak site in June 2023.

Victim
Xplain (Swiss IT services provider to the Federal Administration)
Records
1.3M
EspionageContained

Microsoft Storm-0558 signing-key theft and US government email access (2023)

China-based Storm-0558 forged authentication tokens using a stolen Microsoft consumer signing key and read email at approximately 25 organisations โ€” including the US State Department, the Department of Commerce, and the U.S. Ambassador to China. The 'cascade of errors' that enabled it became a defining case for cloud-provider key custody.

Victim
Microsoft customers (US State Department, Department of Commerce, ~25 organisations)
Data breachResolved

Le Coq Sportif Columbia data breach (2023)

In January 2025, a data breach from the Columbian website for Le Coq Sportif was posted to a popular hacking forum. The data included almost 80k unique email addresses with the breach dating back to May 2023.

Victim
Le Coq Sportif Columbia
Records
79.7K
Data breachResolved

RentoMojo data breach (2023)

In April 2023, the Indian rental service RentoMojo suffered a data breach. The breach exposed over 2M unique email addresses along with names, phone, passport and Aadhaar numbers, genders, dates of birth, purchases and bcrypt password hashes.

Victim
RentoMojo
Records
2.2M
Data breachResolved

Genesis Market data breach (2023)

In April 2023, the stolen identity marketplace Genesis Market was shut down by the FBI and a coalition of law enforcement agencies across the globe in "Operation Cookie Monster".

Victim
Genesis Market
Records
8.0M
Data breachResolved

Tigo data breach (2023)

In Mid-2023, 300GB of data containing over 100M records from the Chinese video chat platform "Tigo" dating back to March that year was discovered. The data contained over 700k unique names, usernames, email and IP addresses, genders, profile photos and private messages.

Victim
Tigo
Records
700.4K
Supply chainResolved

3CX supply-chain attack (DPRK)

North Korea-linked actors trojanized the 3CXDesktopApp softphone client, distributing the SmoothOperator malware through a legitimately-signed update to a customer base of over 600,000 organizations โ€” the first documented cascading software supply-chain compromise, itself enabled by a prior breach of trading software X_TRADER.

Victim
3CX (3CXDesktopApp customers)
Data breachResolved

MediaWorks data breach (2023)

In March 2024, millions of rows of data from the New Zealand media company MediaWorks was publicly posted to a popular hacking forum. The incident exposed 163k unique email addresses provided by visitors who filled out online competitions and included names, physical addresses, phone numbers, datesโ€ฆ

Victim
MediaWorks
Records
162.7K
Data breachResolved

DC Health Link data breach (2023)

In March 2023, DC Health Link discovered a data breach that was later publicly posted to a popular data breach forum. The impacted data included 48k unique email addresses alongside names, genders, dates of birth, home addresses, phone numbers and social security numbers.and "IntelBroker".

Victim
DC Health Link
Records
48.1K
Data breachResolved

CityJerks data breach (2023)

In early 2023, the "mutual masturbation" website CityJerks suffered a data breach that exposed 177k unique email addresses. The breach also included data from the TruckerSucker "dating app for REAL TRUCKERS and REAL MEN" with the combined corpus of data also exposing usernames, IP addresses, datesโ€ฆ

Victim
CityJerks
Records
177.6K
Data breachResolved

TheGradCafe data breach (2023)

In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes.

Victim
TheGradCafe
Records
311.0K
Data breachResolved

Phished Data via CERT Poland data breach (2023)

In August 2023, CERT Poland observed a phishing campaign that collected credentials from 68k victims. The campaign collected email addresses and passwords via a phishing email masquerading as a purchase order confirmation.

Victim
Phished Data via CERT Poland
Records
67.9K
Data breachResolved

HDB Financial Services data breach (2023)

In March 2023, the Indian non-bank lending unit HDB Financial Services suffered a data breach that disclosed over 70M customer records. Containing 1.6M unique email addresses, the breach also disclosed names, dates of birth, phone numbers, genders, post codes and loan information belonging to theโ€ฆ

Victim
HDB Financial Services
Records
1.7M
fraudinvestigating

Flutterwave unauthorized-transfer incidents

Nigeria's largest fintech suffered a series of unauthorized-transfer incidents in 2023, including a โ‚ฆ2.9 billion ($4.2M) diversion across 28 accounts and a later โ‚ฆ19 billion ($24M) loss via abused POS-merchant access, prompting Mareva injunctions to freeze thousands of beneficiary accounts.

Victim
Flutterwave
Loss
$24.0M
Data breachResolved

The Kodi Foundation data breach (2023)

In February 2023, The Kodi Foundation suffered a data breach that exposed more than 400k user records. Attributed to an account belonging to "a trusted but currently inactive member of the forum admin team", the breach involved the administrator account creating a database backup that wasโ€ฆ

Victim
The Kodi Foundation
Records
400.6K
Data breachResolved

Convex data breach (2023)

In February 2023, the Russian telecommunications provider Convex was hacked by "Anonymous" who subsequently released 128GB of data publicly, alleging it revealed illegal government surveillance. The leaked data contained 150k unique email, IP and physical addresses, names and phone numbers.

Victim
Convex
Records
150.1K
Data breachResolved

Terravision data breach (2023)

In February 2023, the European airport transfers service Terravision suffered a data breach. The breach exposed over 2M records of customer data including names, phone numbers, email addresses, salted password hashes and in some cases, date of birth and country of origin.

Victim
Terravision
Records
2.1M
Data breachResolved

Eye4Fraud data breach (2023)

In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of theโ€ฆ

Victim
Eye4Fraud
Records
16.0M
Data breachResolved

Duolingo data breach (2023)

In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP (experience points),โ€ฆ

Victim
Duolingo
Records
2.7M
Data breachResolved

Zurich data breach (2023)

In January 2023, the Japanese arm of Zurich insurance suffered a data breach that exposed 2.6M customer records with over 756k unique email addresses. The data was subsequently posted to a popular hacking forum and also included names, genders, dates of birth and details of insured vehicles.

Victim
Zurich
Records
756.7K
Data breachResolved

Autotrader data breach (2023)

In January 2023, 1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum. Autotrader stated that the "data in question relates to aged listing data that was generally publicly available on our site at the time and open to automated collection methods".

Victim
Autotrader
Records
20.0K
Data breachResolved

iD Tech data breach (2023)

In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have been breached in the previous month.

Victim
iD Tech
Records
415.1K