Breach Intelligence

2,850

Total breached databases

DJchat 2016

Sometime in late 2016, the forum DJchat suffered a data breach. The attack led to the exposure of more than 50 thousand user accounts and included Email addresses, IP addresses, Passwords and Usernames. Passwords are vBulletin Hashes.
  • Date: 2016
  • Domain: djchat.com
  • Category: Streaming & Entertainment
  • Records Announced: 54,911
  • Data: Email Addresses IP Addresses Passwords Usernames
  • Imported:
  • Records Imported: 54,898
  • Number of lines: 54,911
  • Size: 5.05 MB
  • Passwords: vBulletin
  • Cracked: 0%
NetProspex 2016

NetProspex 2016

In 2016, a list of over 33 million individuals in corporate America sourced from Dun & Bradstreet's NetProspex service was leaked online. D&B believe the targeted marketing data was lost by a customer who purchased it from them. It contained extensive personal and corporate information including names, email addresses, job titles and general information about the employer.
  • Data: Company Information Email Addresses Job Information Names Phone Numbers Physical Locations
  • Imported:
  • Records Imported: 45,657,645
  • Number of lines: 45,657,645
  • Size: 6.97 GB
  • Passwords: No
Zacks 2020

Zacks 2020

In December 2022, the investment research company Zacks announced a data breach. The following month, reports emerged of the incident impacting 820k customers. However, in June 2023, a corpus of data with almost 9M Zacks customers appeared before being broadly circulated on a popular hacking forum. The most recent data was dated May 2020 and included names, usernames, email and physical addresses, phone numbers and passwords stored as unsalted SHA-256 hashes. On disclosure of the larger breach, Zacks advised that in addition to their original report "the unauthorised third parties also gained access to encrypted [sic] passwords of zacks.com customers, but only in the encrypted [sic] format".
  • Data: Email Addresses Names Passwords Phone Numbers Physical Locations Usernames
  • Imported:
  • Records Imported: 10,439,040
  • Number of lines: 10,439,062
  • Size: 2.01 GB
  • Passwords: SHA-256
  • Cracked: 96%

Doodhvale.com 2021

In 2021, Doodhvale, an online app-based dairy service known for delivering farm-fresh and 100% pure cow and buffalo milk within hours of milking, experienced a data breach. The incident reportedly impacted approximately 233,000 users, with a total data size of 401.06 MB. Among the compromised information were email addresses, names, phone numbers, geographic locations, physical addresses, genders, and site activity details.
  • Date: 2021
  • Category: Food
  • Records Announced: 233,000
  • Data: Email Addresses Names Phone Numbers Physical Locations Geographic Locations Genders Site Activity
  • Imported:
  • Records Imported: 232,233
  • Number of lines: 233,347
  • Size: 401.06 MB
  • Passwords: No
Fling 2011

Fling 2011

Sensitive
In 2011, the self-proclaimed "World's Best Adult Social Network" website known as Fling was hacked and more than 40 million accounts obtained by the attacker. The breached data included highly sensitive personal attributes such as sexual orientation and sexual interests as well as email addresses and passwords stored in plain text.
  • Data: Birthdates Email Addresses Genders Geographic Locations IP Addresses Passwords Phone Numbers Sexual Fetishes Sexual Orientations Site Activity Usernames
  • Imported:
  • Records Imported: 40,769,744
  • Number of lines: 40,769,744
  • Size: 5.03 GB
  • Passwords: Plaintext
MatchUSA 2018

MatchUSA 2018

Sensitive
In January 2018, the US Based dating service MatchUSA suffered a data breach that impacted 208k users. The leak led to the exposure of data including Email addresses and Passwords stored in Plaintext.
  • Data: Email Addresses Passwords
  • Imported:
  • Records Imported: 208,539
  • Number of lines: 208,541
  • Size: 6.56 MB
  • Passwords: Plaintext
YS168 2011

YS168 2011

In December 2011, the Chinese File Storage and Communication Platform YS168 suffered a data breach that impacted 328k members. The breach included Usernames, Email addresses and Passwords stored in Plaintext.
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 328,586
  • Number of lines: 328,587
  • Size: 11.63 MB
  • Passwords: Plaintext

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.