Breach Intelligence

In 2022, a data breach exposed 3,178,461 COVID-19 vaccination records obtained from an unprotected API found in a GitHub repository. Among the compromised data were email addresses, government IDs, names, birthdates, phone numbers, physical locations, genders, and health information.

In August 2019, the computer hardware and software forum HKGolden (高登讨论区) suffered a data breach that impacted 297k users. The attack led to the exposure of data including Email addresses, Usernames, Phone numbers, IP Addresses, Genders, Dates of birth and Passwords stored in Plaintext.

In 2016, Fave, a shopping deals app formerly available at the now-defunct website thefaveapp.com, experienced a data breach. The platform was known for offering discounted deals on food, spa, fitness, and other services in Malaysia and Singapore. The incident reportedly exposed approximately 549,000 user records. Among the compromised data were names, email addresses, and password information stored as salted hashes.

In approximately October 2022, maisamigas.com.br, the website of Brazilian multi-level marketing company Amigas, suffered a data breach. The incident, attributed to threat actor @thrax, reportedly exposed data belonging to around 603,000 users, including 93,000 unique email addresses. Among the compromised data were full names, email addresses, phone numbers, tax identification numbers, physical addresses, genders, marital statuses, and dates of birth.

In June 2022, the Taiwan's low-cost airline Tigerair Taiwan (https://www.tigerairtw.com/) suffered a data breach exposed over 585k clients. The data contained over 656k unique email addresses, dates of birth, genders, names, passport numbers and passport expiration date as well as passwords stored as Base64(unhex(SHA-256($plaintext))) hashes.The data also contains almost 3 million credit cards.