Serasa Experian 2020

At the end of 2020, the credit analysis company known as Serasa Experian had its data leaked online. The breach included CPF Numbers, Full names, Genders and Dates of birth. In total, 223 million users were affected. A hacker known as JBR was the one who initially posted the file.

• Date: 2020
• Domain: serasaexperian.com.br
• Country: Brazil
• Category: Data Broker
• Records Announced: 223,739,216
• Numer of lines: 223,739,216
• Records Imported: 223,739,215
• Size: 13.11 GB
• Data: CPF Numbers, Full names, Genders, Dates of birth
• Passwords: No
• Imported:
• Links:
  • breachforums.st
  • zdnet.com

Adult FriendFinder 2016

In October 2016, the adult entertainment company Friend Finder Networks suffered a massive data breach. The incident impacted multiple separate online assets owned by the company, the largest of which was the Adult FriendFinder website alleged to be "the world's largest sex & swinger community". Exposed data included usernames, passwords stored as SHA-1 hashes and 170 million unique email addresses. This incident is separate to the 2015 data breach Adult FriendFinder also suffered

• Date: Oct 16, 2016
• Domain: adultfriendfinder.com
• Category: Porn
• Records Announced: 169,746,810
• Numer of lines: 220,000,068
• Records Imported: 220,000,000
• Size: 29.32 GB
• Data: Email addresses, Passwords, Spoken languages, Usernames
• Passwords: SHA1
• Cracked: 17%
• Imported:
• Links:
  • breachforums.st
  • hashmob.net
  • haveibeenpwned.com
  • raidforums.com

Zynga 2019

In September 2019, game developer Zynga (the creator of Words with Friends) suffered a data breach. The incident exposed 173M unique email addresses alongside usernames and passwords stored as salted SHA-1 hashes

• Date: Sep 2019
• Domain: zynga.com
• Category: Gaming
• Records Announced: 172,869,660
• Numer of lines: 216,595,932
• Records Imported: 213,970,859
• Size: 81.33 GB
• Data: Email addresses, Passwords, Phone numbers, Usernames
• Passwords: SHA1 Salted
• Cracked: 22%
• Imported:
• Links:
  • breachforums.st
  • hashmob.net
  • haveibeenpwned.com
  • raidforums.com

Twitter 2021

In early 2023, over 200M records scraped from Twitter appeared on a popular hacking forum. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.

• Date: Jan 2021
• Domain: twitter.com
• Category: Social Media
• Records Announced: 211,524,284
• Numer of lines: 209,595,668
• Records Imported: 209,595,667
• Size: 11.57 GB
• Data: Email addresses, Names, Social media profiles, Usernames
• Passwords: No
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com

IntelligenceX Pastes Scrape 2021

In approximately August 2021, Intelligence X (intelx.io) was targeted by an attacker who scraped the "Pastes" section on their website. This data was scraped by searching common email domains and then exporting the results. The released archive contained over 80,000 pastes that were scraped from pastebin.com, pastie.org, and skidpaste.org by either IntelX or third parties they bought the data from. In total, 46 Million Unique Email addresses were present in the archive, many of the files being email:password combolists or small databases people posted on the pasting websites. The data uncompressed is around 6GB.

• Date: 2021
• Domain: intelx.io
• Numer of lines: 203,424,933
• Size: 6.89 GB
• Data: Usernames, Email addresses, Passwords
• Passwords: Plain
• Imported:
• Links: breachforums.st