Breach Intelligence

In December 2020, the Indian Esports community GamingMonk suffered a data breach. The breach included Usernames, Full names, Email addresses, Dates of birth and Passwords stored as bcrypt hashes. In total, 609k users were affected.

In January 2015, the RuneScape Private Server Ikov suffered a data breach. The attack led to the exposure of data including Usernames, IP Addresses and Passwords stored as Salted MD5 hashes. In total, 316k users were affected.

In September 2022, the website sushi-master.ru, a chain of sushi, rolls, and other pan-Asian dishes, suffered a data breach. Reports suggest that the breach exposed approximately 852,000 users and 2.7 million orders. Among the compromised data were names, genders, phone numbers, email addresses, birthdays, and site activity.

The user emo published the following in a hacking forum: When attempting to login to a life360 account on android the login endpoint would return the first name and phone number of the user, this existed only in the API response and was not visible to the user. If a user had verified their phone number it would instead be returned as a partial number like +1******4830. This endpoint no longer returns phone numbers and now a placeholder number is returned in the API response.

In May 2014, the link management company Bitly announced they'd suffered a data breach. The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.