Breach Intelligence

2,850

Total breached databases

Lifes-hack.ru 2014

Lifes-hack.ru 2014

We do not yet have a full description for the Lifes-hack.ru 2014 breach. Our goal is to track incidents like this so that users can stay informed. You will be able to check if your information is included when this breach is processed. Until then, you can check other breaches in our database.

  • Data: It is not yet known which data types were exposed in the Lifes-hack.ru 2014 incident. This page will be updated as more details are verified.
  • Imported:
  • Number of lines: 46,907
  • Size: 47.57 MB
  • Passwords: ?
Appartoo 2017

Appartoo 2017

In March 2017, Appartoo, a French flatsharing website, allegedly suffered a data breach that exposed personal information of nearly 50,000 members. Among the compromised data were email addresses, genders, ages, private messages exchanged between users, and passwords stored as SHA-256 hashes.
  • Data: Ages Email Addresses Genders IP Addresses Job Information Marital Statuses Messages Names Passwords Physical Locations Security Credentials Social Profiles
  • Imported:
  • Passwords: SHA-256
  • Cracked: 0%

SaverSpy 2018

In September 2018, a massive collection of personal details was discovered exposed in an unprotected MongoDB instance. The database, labeled "Yahoo_090618_SaverSpy," appeared to have been used for marketing campaigns, possibly for spam purposes, though its origins were unclear. The exposure reportedly affected 2.5 million records. Among the compromised data were names, email addresses, genders, and physical locations.
  • Date: Sep 18, 2018
  • Category: Professional & Corporate
  • Records Announced: 2,457,420
  • Source: haveibeenpwned.com
  • Data: Email Addresses Genders Names Physical Locations
  • Imported:
  • Passwords: No
UCAR 2020

UCAR 2020

In approximately October 2020, the French car renting service UCAR suffered a data breach that impacted 134k members. The attack led to the exposure of data including Email addresses, Home Phone numbers, Mobile Phone numbers, Physical Addresses and Full names.
  • Data: Email Addresses Names Phone Numbers Physical Locations
  • Imported:
  • Number of lines: 134,846
  • Size: 117.47 MB
  • Passwords: No
pochta.ru 2022

pochta.ru 2022

Pro-Ukrainian hackers made the 2nd part of the Russian Post database available for free in hacker forum. The second fragment that now appears contains 141,211 lines with FULL NAME; Address (registration and actual); Telephone; Email address mail (not for everyone); SNILS/TIN (not for everyone); Floor; Date of Birth; Passport series/number, by whom and when issued. Judging by the information from the dump, it was made no earlier than November 30, 2022.
  • Date: 2022
  • Domain: pochta.ru
  • Country: Russia
  • Category: Logistics & Transportation
  • Records Announced: 141,211
  • Data: The exact data fields compromised in the pochta.ru 2022 breach are still under review. Updates will be published when confirmed.
  • Imported:
  • Number of lines: 141,409
  • Size: 94.73 MB
  • Passwords: ?

Hopamedia 2020

In 2024, data relating to an unknown service referred to as "Hopamedia" and dating back to 2020 appeared in a publicly exposed database. The data included almost 24M records of email address, name, phone number, the country of the individual and their telecommunications carrier.
  • Date: Aug 30, 2020
  • Category: Data Brokers
  • Records Announced: 23,835,870
  • Source: haveibeenpwned.com
  • Data: Email Addresses Geographic Locations Names Phone Numbers Telecom Providers
  • Imported:
  • Passwords: No
schenkYOU 2024

schenkYOU 2024

In September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum. Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store was subsequently shut down with all traffic redirected to their Amazon store.
  • Data: Dates of birth Email addresses Names Passwords
  • Imported:
  • Passwords: SHA-256 Salted
  • Cracked: 0%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.