Breach Intelligence

2,850

Total breached databases

Unknown1

Unknown1

A CSV file containing approximately 1,402,971 user records, reportedly from the United Kingdom, surfaced on the internet from an unknown source. Details about the origin or cause of the breach remain unclear. Among the compromised data were names, email addresses, and physical addresses.
  • Country: United Kingdom
  • Category: Others
  • Data: Email Addresses Names Physical Locations
  • Imported:
  • Records Imported: 1,402,971
  • Number of lines: 1,402,971
  • Size: 123.15 MB
  • Passwords: No
Unico Campania 2020

Unico Campania 2020

In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively circulated. The breach contained 166k user records with email addresses and plain text passwords.
  • Data: Email Addresses Passwords
  • Imported:
  • Records Imported: 166,161
  • Number of lines: 166,183
  • Size: 5.93 MB
  • Passwords: Plaintext
Kaixin001 2011

Kaixin001 2011

In approximately October 2011, the Chinese social-media website Kaixin001 suffered a data breach that impacted 8.2 million members. The breach included Email addresses, Usernames and Passwords stored in Plaintext. Kaixin001 concluded that the hacked credentials were acquired via brute forcing rather than by infiltrating their database.
  • Date: Oct 2011
  • Domain: kaixin001.com
  • Threat Actor: Kaixin001
  • Country: China
  • Category: Social Media & Communication
  • Records Announced: 8,283,110
  • Source: softpedia.com
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 8,288,761
  • Number of lines: 8,288,755
  • Size: 334.22 MB
  • Passwords: Plaintext
Haijiao 2023

Haijiao 2023

Sensitive
In October 2023, Haijiao.com, a Chinese adult forum, experienced a data breach that exposed information on over 4.8 million users. Among the compromised data were email addresses, usernames, passwords, IP addresses, phone numbers, site activity, and account balances.
  • Date: Oct 2023
  • Country: China
  • Category: Pornography
  • Records Announced: 4,871,025
  • Data: Email Addresses Passwords Usernames IP Addresses Phone Numbers Site Activity Balances
  • Imported:
  • Records Imported: 4,871,024
  • Number of lines: 4,871,025
  • Size: 4.35 GB
  • Passwords: BCrypt
  • Cracked: 0%
Renren 2011

Renren 2011

In December 2011, Renren.com, a Chinese social networking platform often referred to as the "Facebook of China," experienced a data breach that exposed approximately 4.7 million user records. The compromised data included email addresses and passwords stored in plaintext.
  • Date: 2011
  • Domain: renren.com
  • Country: China
  • Category: Social Media & Communication
  • Records Announced: 4,768,600
  • Source: dehashed.com
  • Data: Email Addresses Passwords
  • Imported:
  • Records Imported: 4,768,501
  • Number of lines: 4,768,600
  • Size: 156.38 MB
  • Passwords: Plaintext
HiAPK 2014

HiAPK 2014

In 2014, the Chinese Android app store HIAPK allegedly suffered a data breach. Reports suggest that the incident impacted over 13.8 million users. The compromised data reportedly includes usernames, email addresses, and salted MD5 password hashes.
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 17,275,063
  • Number of lines: 17,275,087
  • Size: 2.04 GB
  • Passwords: vBulletin
  • Cracked: 34%
Tencent 2024

Tencent 2024

In August 2024, Tencent experienced a major data breach that exposed the personal data of 1.4 billion user accounts. This breach was orchestrated by a hacker known as "Fenice," and the compromised data included sensitive information such as email addresses, phone numbers, and QQ IDs.
  • Date: Aug 2024
  • Domain: tencent.com
  • Threat Actor: Fenice
  • Country: China
  • Category: Technology
  • Records Announced: 1,400,000,000
  • Data: Email Addresses Phone Numbers Social Profiles
  • Imported:
  • Records Imported: 1,468,566,171
  • Number of lines: 1,468,566,171
  • Size: 31 GB
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.