Breach Intelligence

2,850

Total breached databases

Grand Exchange Tracker 2017

Grand Exchange Tracker 2017

In May 2017, the website GE Tracker, focused on providing trading and pricing tools for Old School RuneScape items, allegedly suffered a data breach. Reports suggest that the breach affected approximately 42,215 records. The data compromised included email addresses, usernames, phone numbers, and passwords stored as bcrypt hashes.
  • Data: Email Addresses Passwords Phone Numbers Geographic Locations Usernames
  • Imported:
  • Records Imported: 42,215
  • Number of lines: 42,262
  • Size: 6.82 MB
  • Passwords: BCrypt
  • Cracked: 0%
Auphan Online 2017

Auphan Online 2017

In August 2017, Auphan Software, a Canadian technology company offering a restaurant management system, allegedly suffered a data breach. It has been reported that approximately 46,945 records were exposed. Compromised data included email addresses, usernames, and passwords stored using unsalted MD5 hashes.
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 46,945
  • Number of lines: 46,990
  • Size: 3.02 MB
  • Passwords: MD5
  • Cracked: 29%
PKMN.NET 2019

PKMN.NET 2019

In August 2019, PKMN.NET, a fan-driven website dedicated to discussions and content related to the Poké​mon franchise, allegedly suffered a data breach. Reports suggest that the incident impacted 53,698 records. Key compromised data included usernames, email addresses, and hashed passwords.
  • Date: Aug 2019
  • Domain: pkmn.net
  • Threat Actor: donjuji
  • Category: Gaming
  • Records Announced: 53,698
  • Source: pkmn.net
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 53,698
  • Number of lines: 53,760
  • Size: 3.57 MB
  • Passwords: Hashed
  • Cracked: 0%
Namma11 2022

Namma11 2022

In February 2022, the Indian fantasy sports website Namma11, operating under the domain namma11.com, allegedly suffered a data breach. Namma11 allows users to play fantasy cricket, football, and other sports. It has been reported that the incident exposed 57,333 records, including email addresses, names, phone numbers, geographic locations, usernames, balances, and site activity.
  • Data: Email Addresses Names Phone Numbers Geographic Locations Usernames Balances Site Activity
  • Imported:
  • Records Imported: 57,333
  • Number of lines: 57,370
  • Size: 8.86 MB
  • Passwords: No

GetPaidTo 2019

In July 2019, the website GetPaidTo (getpaidto.com), an online platform allowing users to earn rewards through activities such as completing surveys and playing games, allegedly experienced a data breach. Reports suggest that approximately 92,810 records were compromised, including email addresses, usernames, and passwords stored as hashed values.
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 92,810
  • Number of lines: 92,827
  • Size: 8.7 MB
  • Passwords: Hashed
  • Cracked: 0%
Adopt Me Trading Values 2022

Adopt Me Trading Values 2022

In July 2022, Adopt Me Trading Values, a platform at adoptmetradingvalues.com, which is a website providing value lists and trading resources for items within the Roblox game 'Adopt Me', allegedly experienced a data breach. Reports suggest that approximately 104,745 records were compromised, exposing email addresses, usernames, IP addresses, and passwords stored as BCrypt hashes.
  • Data: Email Addresses Passwords Usernames IP Addresses
  • Imported:
  • Records Imported: 104,745
  • Number of lines: 104,807
  • Size: 28.56 MB
  • Passwords: BCrypt
  • Cracked: 0%
AG Energy 2022

AG Energy 2022

In March 2022, AG Energy, an Australian company engaged in energy solutions, particularly focusing on reducing energy costs for businesses through various services and products, allegedly suffered a data breach. It has been reported that approximately 138,338 records were compromised in the incident. The data exposed includes email addresses, names, phone numbers, and physical locations.
  • Data: Email Addresses Names Phone Numbers Physical Locations
  • Imported:
  • Records Imported: 138,338
  • Number of lines: 138,377
  • Size: 13.4 MB
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.