Breach Intelligence

2,850

Total breached databases

VAPSTORE 2021

VAPSTORE 2021

In approximately August 2021, the Vaporizer & E-Cigarette Shop VAPSTORE suffered a data breach. The breach included Email addresses, Full names, Physical addresses, Phone numbers and Dates of birth. In total, 253k users were affected.
  • Date: Aug 2021
  • Domain: vapstore.de
  • Country: Germany
  • Category: E-commerce & Retail
  • Records Announced: 253,723
  • Source: vapstore.de
  • Data: Email Addresses Names Phone Numbers Physical Locations Birthdates Genders
  • Imported:
  • Records Imported: 253,723
  • Number of lines: 253,724
  • Size: 117.17 MB
  • Passwords: No
EPA.gov 2023

EPA.gov 2023

Approximately between 2022-2023, the U.S. Environmental Protection Agency (https://www.epa.gov/) suffered a data breach impacting over 8.5 million users and exposing personal and sensitive information of its customers and contractors. A hacker operating under the pseudonym @USDoD claimed responsibility and released the EPA's global contact database on a dark web forum. The leaked database contained three zipped files with approximately 500MB of data in CSV formats, holding common fields such as "Zipcodes," "Full names," "Phone numbers," "Email addresses," and "County, City, States," as well as additional fields in each file.
  • Date: 2023
  • Domain: epa.gov
  • Threat Actor: USDoD
  • Country: United States
  • Category: Government
  • Records Announced: 8,446,999
  • Data: Email Addresses Job Information Names Phone Numbers Physical Locations
  • Imported:
  • Records Imported: 8,497,246
  • Number of lines: 8,497,247
  • Size: 1.53 GB
  • Passwords: No
Tigo 2023

Tigo 2023

Sensitive
In mid-2023, Tigo, a Chinese video chat platform, allegedly suffered a data breach after 300GB of data containing more than 100 million records was discovered. The dataset, dating back to March 2023, reportedly included over 700,000 unique names. Among the compromised information were usernames, email addresses, IP addresses, genders, profile photos, and private messages.
  • Data: Device Information Email Addresses Genders Geographic Locations IP Addresses Messages Names Profile Photos Usernames
  • Imported:
  • Records Imported: 5,519,795
  • Number of lines: 5,519,797
  • Size: 157.36 MB
  • Passwords: No
PropTiger 2018

PropTiger 2018

In January 2018, PropTiger, an Indian property website, allegedly suffered a data breach that exposed a 3.46GB database file. The data, which surfaced on a popular hacking forum two years later, reportedly contained user records and login histories with more than 2 million unique customer email addresses. Among the compromised information were names, dates of birth, genders, IP addresses, and passwords stored as MD5 hashes.
  • Data: Birthdates Device Information Email Addresses Genders IP Addresses Names Passwords
  • Imported:
  • Records Imported: 7,971,626
  • Number of lines: 20,051,981
  • Size: 2.72 GB
  • Passwords: MD5
  • Cracked: 0%
WedMeGood 2021

WedMeGood 2021

In January 2021, the Indian wedding planning platform WedMeGood suffered a data breach that exposed 1.3 million customers. The breach exposed 41.5GB of data including email and physical addresses, names, genders, phone numbers and password hashes.
  • Data: Email Addresses Genders Names Passwords Phone Numbers Physical Locations
  • Imported:
  • Records Imported: 1,624,742
  • Number of lines: 4,683,466
  • Size: 1.06 GB
  • Passwords: Hashed
  • Cracked: 0%
Travelio 2021

Travelio 2021

In November 2021, the Indonesian real estate website Travelio suffered a data breach that exposed over 470k customer accounts. The data included email addresses, names, password hashes, phone numbers and for some accounts, dates of birth, physical address and Facebook auth tokens.
  • Data: Birthdates Email Addresses Names Passwords Phone Numbers Physical Locations Security Credentials
  • Imported:
  • Records Imported: 474,198
  • Number of lines: 474,315
  • Size: 278.54 MB
  • Passwords: Hashed
  • Cracked: 0%
Read Novel 2019

Read Novel 2019

In May 2019, the Chinese literature website Read Novel allegedly suffered a data breach that exposed 22M unique email addresses. Data also included usernames, genders, phone numbers and passwords stored as salted MD5 hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Physical Locations Genders Usernames
  • Imported:
  • Records Imported: 19,218,089
  • Number of lines: 19,218,090
  • Size: 1.93 GB
  • Passwords: MD5
  • Cracked: 99%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.