Breach Intelligence

3,152

Total breached databases

Sometime before late 2022, lpmiaw.univ-lr.fr, a subdomain of the University of La Rochelle in France hosting student coursework for its LPMIAW professional web-development program, allegedly had a small project database exposed. Reports suggest the data originated from a student's WordPress and exam-PHP lab environment, with the most recent activity dated October 2022. It has been reported that only a handful of records were affected, including email addresses, usernames, PHPass password hashes, websites, and site-activity data.
  • Data: Email Addresses Passwords Geographic Locations Usernames Site Activity Websites
  • Records: 3
  • Lines: 1,701
  • Size: 862.63 KB
  • Passwords: PHPass
  • Cracked: 0%
Sometime before 2023, littleitalykk.my — the online ordering store of Little Italy, an Italian restaurant in Kota Kinabalu, Malaysia — allegedly suffered a data breach. Reports suggest a WordPress/WooCommerce database was exposed, affecting approximately 25,000 customer records. The compromised data allegedly included email addresses, names, phone numbers, usernames, geographic locations (addresses and postcodes), IP addresses, websites, and passwords stored as PHPass hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames IP Addresses Site Activity Websites
  • Records: 30,986
  • Lines: 3,325,620
  • Size: 266.24 MB
  • Passwords: PHPass
  • Cracked: 0%
Sometime before November 2020, LocalGiftCards.com allegedly suffered a data breach that surfaced as part of the Cit0day collection. LocalGiftCards.com is a US-based online gift-card retailer. Reports suggest approximately 132,000 individuals were affected, with the exposed data including email addresses, names, phone numbers, dates of birth, genders, geographic locations, usernames, and passwords stored as salted MD5 and SHA-1 hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Genders Birthdates
  • Records: 230,181
  • Lines: 629,330
  • Size: 94.78 MB
  • Passwords: MD5 Salted, SHA-1
  • Cracked: 0%
Sometime before late 2022, app.servicios-locales.cl, a Chilean COVID-19 ticketing and access-control system used to log health-screening tickets, worker shift rosters, and personnel records for mining-sector companies and their contractors, allegedly suffered a data breach. Reports suggest approximately 315,000 records relating to roughly 19,000 individuals were exposed, including full names, national identity numbers (RUN/RUT), phone numbers, birthdates, employer information, and a small number of plaintext passwords.
  • Date: 2022
  • Domain: locales.cl
  • Country: Chile
  • Category: Healthcare
  • Data: Passwords Names Phone Numbers Geographic Locations Government IDs Company Information Birthdates
  • Records: 315,136
  • Lines: 330,446
  • Size: 55.58 MB
  • Passwords: Plaintext
In December 2022, a shared-hosting account on the Czech web-hosting provider blueboard.cz (database server locutus.blueboard.cz) allegedly had its full database exported. The account bundled around fourteen separate databases belonging to a Czech web-development shop, spanning multiple small Czech and Slovak online stores and internal tools. Reports suggest the phpMyAdmin export exposed approximately 70,000 individuals. The compromised data allegedly included email addresses, names, phone numbers, geographic locations, company information, and a small number of SHA-1 hashed administrator passwords.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Company Information
  • Records: 143,521
  • Lines: 1,469,968
  • Size: 355 MB
  • Passwords: SHA-1
  • Cracked: 0%
Sometime in or after 2017, the Portuguese online store Lino Coelho (linocoelho.pt) allegedly suffered a data breach. Reports suggest the site's database was exposed, affecting approximately 800 records. The compromised data allegedly included email addresses, names, usernames, phone numbers, geographic locations, government-issued tax identification numbers, IP addresses, company information, and passwords stored as salted and unsalted MD5 hashes.
  • Date: 2017
  • Domain: linocoelho.pt
  • Country: Portugal
  • Category: E-commerce & Retail
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Government IDs IP Addresses Site Activity Company Information
  • Records: 791
  • Lines: 113,893
  • Size: 13.49 MB
  • Passwords: MD5, MD5 Salted
  • Cracked: 0%
In March 2023, the video streaming platform OzinTV (whose database was catalogued under its developer/host domain logixtree.in) allegedly suffered a data breach. Reports suggest the exposed dump contained roughly 9 registered user accounts alongside notification and subscriber records, totalling approximately 140 records. The compromised data allegedly included email addresses, BCrypt-hashed passwords, names, usernames, phone numbers, IP addresses and geographic location details.
  • Date: Mar 17, 2023
  • Domain: logixtree.in
  • Country: India
  • Category: Streaming & Entertainment
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames IP Addresses Site Activity
  • Records: 140
  • Lines: 3,896
  • Size: 968.53 KB
  • Passwords: BCrypt
  • Cracked: 0%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.