Breach Intelligence

2,840

Total breached databases

SuperVPN & GeckoVPN 2021

In February 2021, a series of "free" VPN services were breached including SuperVPN and GeckoVPN, exposing over 20M records. The data appeared together in a single file with a small number of records also included from FlashVPN, suggesting that all three brands may share the same platform. Impacted data also included email addresses, the country logged in from and the date and time each login occurred alongside device information including the make and model, IMSI number and serial number.
  • Data: Device Identifiers Device Information Email Addresses Geographic Locations Site Activity
  • Imported:
  • Records Imported: 21,301,280
  • Number of lines: 21,301,315
  • Size: 9.3 GB
  • Passwords: No
Hathway 2023

Hathway 2023

In December 2023, hundreds of gigabytes of data allegedly taken from Indian ISP and digital TV provider Hathway appeared on a popular hacking website. The incident exposed extensive personal information including 4.7M unique email addresses along with names, physical and IP addresses, phone numbers, password hashes and support ticket logs.
  • Data: Device Information Email Addresses IP Addresses Names Passwords Phone Numbers Physical Locations Salutations Site Activity
  • Imported:
  • Records Imported: 42,245,659
  • Number of lines: 65,408,821
  • Size: 15.09 GB
  • Passwords: Hashed
  • Cracked: 5%
The Fappening 2015

The Fappening 2015

Sensitive
In December 2015, the forum known as "The Fappening," which was dedicated to discussing leaked celebrity photos from the 2014 iCloud incident, was compromised. The breach resulted in the exposure of approximately 179,000 user accounts. Among the compromised data were usernames, email addresses, and salted password hashes.
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 179,104
  • Number of lines: 179,166
  • Size: 16 MB
  • Passwords: BCrypt
  • Cracked: 58%

MSPA Forums 2016

In approximately March 2016, the webcomic Forum MSPA Forums suffered a data breach. The breach included Usernames, Email addresses, IP Addresses and Passwords stored as vBulletin hashes. In total, 180k users were affected.
  • Data: Email Addresses IP Addresses Passwords Usernames
  • Imported:
  • Records Imported: 180,929
  • Number of lines: 180,989
  • Size: 19.77 MB
  • Passwords: Hashed
  • Cracked: 80%
Xponential Fitness 2022

Xponential Fitness 2022

In March 2022, the "Largest Fitness Franchise Group in Boutique Fitness" Xponential Fitness suffered a data breach that impacted 179k customers. The attack led to the exposure of data including Email addresses, Full names and Locations. The database was leaked due to Xponential leaving a backup exposed.
  • Data: Email Addresses Geographic Locations Names
  • Imported:
  • Records Imported: 179,456
  • Number of lines: 179,610
  • Size: 12.97 MB
  • Passwords: No
Russian America 2017

Russian America 2017

In approximately 2017, the website for Russian speakers in America known as Russian America suffered a data breach. The incident exposed 183k unique records including names, email addresses, phone numbers and passwords stored in both plain text and as MD5 hashes.
  • Data: Email Addresses Names Passwords Phone Numbers
  • Imported:
  • Records Imported: 175,104
  • Number of lines: 175,163
  • Size: 13.43 MB
  • Passwords: MD5, Plaintext
TheTVDB 2017

TheTVDB 2017

In November 2017, the open television database known as TheTVDB.com suffered a data breach. The breached data was posted to a hacking forum and included 182k records with usernames, email addresses and MySQL password hashes.
  • Data: Email Addresses Passwords Usernames
  • Imported:
  • Records Imported: 192,810
  • Number of lines: 192,845
  • Size: 13.43 MB
  • Passwords: MySQL
  • Cracked: 0%