Breach Intelligence

2,967

Total breached databases

In May 2022, Flora Contagem (floracontagem.com.br), a Brazilian online florist based in Contagem, Minas Gerais, allegedly suffered a data breach. Reports suggest that approximately 1,000 records were exposed. The compromised data reportedly included email addresses, names, phone numbers, physical addresses, government identification numbers (CPF), and genders, with passwords stored mostly in plaintext alongside a small number of MD5 hashes.
  • Data: Email Addresses Passwords Phone Numbers Geographic Locations Usernames Government IDs Genders Site Activity
  • Records: 1,069
  • Lines: 15,190
  • Size: 943.58 KB
  • Passwords: Plaintext, MD5
In 2022, fixtel.me allegedly suffered a data breach. fixtel.me is the billing and subscriber-management panel for a Hungarian-language IPTV/VPN streaming service. Reports suggest the exposed data covered approximately 11,000 individuals and included email addresses, plaintext and hashed passwords (bcrypt, SHA-256 and SHA-512), names, phone numbers, IP addresses, geographic locations, usernames and Telegram profile identifiers.
  • Date: 2022
  • Domain: fixtel.me
  • Country: Hungary
  • Category: Piracy
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames IP Addresses Site Activity Social Profiles
  • Records: 16,615
  • Lines: 99,054
  • Size: 13.95 MB
  • Passwords: Plaintext, BCrypt, SHA-256, SHA-512 Salted
Sometime before 2022, extratime365.net allegedly suffered a data breach. extratime365.net operated as a mobile carrier-billing subscription service delivering content to subscribers across Saudi Arabia and Egypt. It has been reported that the exposed data covered approximately 330,000 individuals, identified primarily by their mobile phone numbers. Reports suggest the compromised information included phone numbers, a small number of email addresses, geographic locations and IP addresses. No passwords were included in the exposed data.
  • Data: Email Addresses Phone Numbers Geographic Locations IP Addresses
  • Records: 5,856,006
  • Lines: 7,083,665
  • Size: 2.22 GB
  • Passwords: No
In 2022, the Portuguese online store Flexobag (flexobag.com), which sells paper bags and packaging products, allegedly suffered a data breach of its e-commerce database. Reports suggest the exposed data affected approximately 1,700 individuals. The compromised information reportedly included email addresses, names, MD5-hashed passwords, phone numbers, postal addresses, government identification numbers, birthdates, genders, and IP addresses.
  • Date: 2022
  • Domain: flexobag.com
  • Country: Portugal
  • Category: E-commerce & Retail
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Government IDs Genders IP Addresses Site Activity Company Information Birthdates
  • Records: 2,032
  • Lines: 326,251
  • Size: 20.11 MB
  • Passwords: MD5
  • Cracked: 0%
In December 2022, American Cars Mania (americancarsmania.com.pl), a Polish website for an American-car enthusiast event, allegedly suffered a data breach. Reports suggest the exposed WordPress database contained the records of approximately 80 individuals, including email addresses, usernames, PHPass-hashed passwords, geographic locations, and site activity data.
  • Data: Email Addresses Passwords Geographic Locations Usernames Site Activity
  • Records: 121
  • Lines: 40,771
  • Size: 67.34 MB
  • Passwords: PHPass
  • Cracked: 0%
In March 2023, Focus Marketing (focusmarketing.pk) allegedly suffered a data breach. Focus Marketing is a Pakistani real estate marketing company that manages property listings and client leads. Reports suggest that approximately 1,600 records were exposed, including email addresses, usernames, bcrypt-hashed passwords, phone numbers, government identification numbers, physical addresses, family member names, birthdates, and site activity data.
  • Data: Email Addresses Passwords Phone Numbers Geographic Locations Usernames Government IDs Family Members Site Activity Birthdates
  • Records: 1,639
  • Lines: 1,753
  • Size: 445.25 KB
  • Passwords: BCrypt
  • Cracked: 0%
In March 2023, the Israeli adult content creator and subscription platform flirtim.com allegedly suffered a data breach. It has been reported that a database from the site was exposed, affecting approximately 400 individuals. The compromised data allegedly included email addresses, names, usernames, birthdates, geographic locations, website links, site activity, and passwords stored as bcrypt and PHPass hashes.
  • Date: Mar 2023
  • Domain: flirtim.com
  • Country: Israel
  • Category: Pornography
  • Data: Email Addresses Passwords Names Geographic Locations Usernames Site Activity Websites Birthdates
  • Records: 466
  • Lines: 26,632
  • Size: 4.38 MB
  • Passwords: BCrypt, PHPass
  • Cracked: 0%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.