Breach Intelligence

2,850

Total breached databases

TastyCat 2015

TastyCat 2015

In 2015, the website Tastycat.com experienced a data breach. Some of the leaked data includes plaintext passwords. Approximately 130,000 lines of data were compromised in the breach.
  • Date: 2015
  • Domain: tastycat.se
  • Country: Sweden
  • Category: Forums & Communities
  • Records Announced: 130,927
  • Data: Passwords Usernames
  • Imported:
  • Passwords: Plaintext
?

Hackyard.net 2016

At this time, no official description is available for the Hackyard.net 2016 incident. This record remains published to ensure transparency. Once imported, you will be able to check if your data was involved. For now, you can review other breaches to see if your information appears there.

  • Data: At present, the information about what data was leaked in the Hackyard.net 2016 breach remains unavailable. Further updates will follow.
  • Imported:
  • Number of lines: 8,580
  • Size: 52.73 MB
  • Passwords: ?

Ixam-hosting.com 2015

The Ixam-hosting.com 2015 breach has been recorded in our database, but additional details are not yet confirmed. When more data becomes available, you will be able to verify your exposure. In the meantime, you can check our list of other breaches.

  • Data: The data categories affected by the Ixam-hosting.com 2015 breach have not been disclosed yet. We will expand this section when details are released.
  • Imported:
  • Number of lines: 4,673
  • Size: 345.47 KB
  • Passwords: MyBB
  • Cracked: 0%
BtoBet 2019

BtoBet 2019

In December 2019, a large collection of data from Nigerian gambling company Surebet247 was leaked, along with database backups from other gambling sites, including BetAlfa, BetWay, BongoBongo, and TopBet. Further investigation suggested that betting platform provider BtoBet was the common source of the data. The breach exposed information such as birthdates, names, usernames, email addresses, geographic locations, IP addresses, financial information, and gambling histories.
  • Data: Birthdates Email Addresses Financial Information Geographic Locations IP Addresses Names Usernames
  • Imported:
  • Passwords: No
New York 2018 Voter 2018

New York 2018 Voter 2018

In October 2018 I decided I would require every database I could with Voter's informations this was in part achieved by gaining access to the state's official SSH / SFTP servers and downloading the data. Some data was crowdfunded by users and some was obtained by me with the aforementioned methods.
  • Date: Oct 2018
  • Domain: ny.gov
  • Country: United States
  • Category: Government
  • Records Announced: 18,158,537
  • Data: Birthdates Genders Government IDs Names Physical Locations Political Affiliation
  • Imported:
  • Passwords: No
?

Poa.st 2023

At this time, no official description is available for the Poa.st 2023 incident. This record remains published to ensure transparency. Once imported, you will be able to check if your data was involved. For now, you can review other breaches to see if your information appears there.

  • Data: At present, the information about what data was leaked in the Poa.st 2023 breach remains unavailable. Further updates will follow.
  • Imported:
  • Number of lines: 486,623
  • Size: 48.44 MB
  • Passwords: ?
Onthionline 2017

Onthionline 2017

We do not yet have a full description for the Onthionline 2017 breach. Our goal is to track incidents like this so that users can stay informed. You will be able to check if your information is included when this breach is processed. Until then, you can check other breaches in our database.

  • Data: It is not yet known which data types were exposed in the Onthionline 2017 incident. This page will be updated as more details are verified.
  • Imported:
  • Passwords: ?

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.