Breach Intelligence

2,850

Total breached databases

Kid.travel 2019

Kid.travel 2019

No detailed description is available for the Kid.travel 2019 data breach. This entry is listed for awareness, and once it is imported, you will be able to check if your personal data was exposed. Meanwhile, you can see if your information is present in other breaches.

  • Data: No confirmed list of leaked data fields exists for the Kid.travel 2019 incident. As new details emerge, we will add them here.
  • Imported:
  • Number of lines: 443,453
  • Size: 318.76 MB
  • Passwords: ?
Biohack.me 2016

Biohack.me 2016

In December 2016, the forum for the biohacking website Biohack.me reportedly suffered a data breach that exposed 3,400 accounts. The compromised data included usernames, email addresses, hashed passwords, and private messages of forum members.
  • Data: Email Addresses Messages Passwords Usernames
  • Imported:
  • Passwords: Hashed
  • Cracked: 0%
SpyFone 2018

SpyFone 2018

In August 2018, the spyware company SpyFone left terabytes of data publicly exposed. Collected surreptitiously whilst the targets were using their devices, the data included photos, audio recordings, text messages and browsing history which were then exposed via a number of misconfigurations within SpyFone's systems. The data belonged the thousands of SpyFone customers and included 44k unique email addresses, many likely belonging to people the targeted phones had contact with.
  • Data: Device Identifiers Device Information Email Addresses Geographic Locations IP Addresses Messages Names Passwords Personal Information Profile Photos Site Activity
  • Imported:
  • Passwords: Unknown
Nevada 2018 Voter 2018

Nevada 2018 Voter 2018

In October 2018 I decided I would require every database I could with Voter's informations this was in part achieved by gaining access to the state's official SSH / SFTP servers and downloading the data. Some data was crowdfunded by users and some was obtained by me with the aforementioned methods.
  • Date: Oct 2018
  • Domain: nevada.gov
  • Country: United States
  • Category: Government
  • Records Announced: 1,743,937
  • Source: dehashed.com
  • Data: Birthdates Financial Information Genders Government IDs Names Phone Numbers Physical Locations Political Affiliation
  • Imported:
  • Passwords: No
E-Pal 2022

E-Pal 2022

In October 2022, the service dedicated to finding friends on Discord known as E-Pal disclosed a data breach. The compromised data included over 100k unique email addresses and usernames spanning approximately 1M orders. The data was subsequently distributed via a popular hacking forum.
  • Data: Email Addresses Order Information Usernames
  • Imported:
  • Number of lines: 931,000
  • Size: 250.12 MB
  • Passwords: No
?

Guidedev.xyz 2023

We currently have no detailed description for the Guidedev.xyz 2023 data breach. This page is part of our effort to track security incidents. You will be able to check your information against this breach once it has been processed. Until then, try our search tool for other breaches.

  • Data: The types of personal information exposed in the Guidedev.xyz 2023 breach are not yet confirmed. This entry will be updated once verified sources provide details.
  • Imported:
  • Number of lines: 13,048,055
  • Size: 3.7 GB
  • Passwords: ?
Zadig & Voltaire 2023

Zadig & Voltaire 2023

In June 2024, a data brach sourced from French fashion brand Zadig & Voltaire was publicly posted to a popular hacking forum. The data included names, email and physical addresses, phone numbers and genders. When contacted about the incident, Zadig & Voltaire advised the incident had occurred more than 6 months ago and that "all measures were taken quickly".
  • Data: Email Addresses Genders Names Phone Numbers Physical Locations
  • Imported:
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.