Breach Intelligence

2,841

Total breached databases

Lampungutarakab.go.id 2023

Lampungutarakab.go.id 2023

In 2023, the Lampung Utara Regency Government portal (lampungutarakab.go.id) in Indonesia allegedly suffered a data breach. The exposed database belonged to an employee attendance management system used across public health centers (puskesmas) in the regency. Reports suggest approximately 3,600 records were compromised, including full names, Indonesian civil servant IDs (NIP), job titles, work unit names, genders, usernames, and plaintext passwords.
  • Data: Passwords Names Geographic Locations Usernames Government IDs Genders Site Activity Job Information Company Information
  • Imported:
  • Records Imported: 3,500
  • Number of lines: 1,051,448
  • Size: 353.58 MB
  • Passwords: Plaintext
Microplus.co.id 2023

Microplus.co.id 2023

In 2023, Microplus, an Indonesian IT company operating at microplus.co.id, allegedly suffered a data breach exposing internal system data. The breach reportedly affected approximately 300 individuals and exposed names, usernames, passwords, genders, birthdates, geographic locations, and site activity data.
  • Data: Email Addresses Passwords Names Geographic Locations Usernames Genders Site Activity Birthdates
  • Imported:
  • Number of lines: 61,144
  • Size: 8.51 MB
  • Passwords: MD5, SHA-1, SHA-256
  • Cracked: 60%
Renault.co.in 2020

Renault.co.in 2020

In 2020, the vtiger CRM system used by Renault India, the Indian subsidiary of French automaker Renault, was allegedly breached. Renault India operates an extended warranty and annual maintenance contract (AMC) management platform for its Indian dealer network. Reports suggest the breach exposed approximately 10,000 records, including email addresses, names, phone numbers, geographic locations, vehicle chassis and plate numbers, and MD5 and MD5Crypt password hashes belonging to CRM users and customers.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Site Activity License Plate Numbers Vehicle Information
  • Imported:
  • Records Imported: 30,500
  • Number of lines: 10,194,198
  • Size: 1.12 GB
  • Passwords: MD5, MD5Crypt
  • Cracked: 0%
Teslavpn.net 2023

Teslavpn.net 2023

Sometime before 2023, teslavpn.net allegedly suffered a data breach. TeslaVPN is a mobile VPN subscription service operated by a Lebanese mobile app developer targeting Middle Eastern markets. Reports suggest approximately 16,000 individuals were affected, with exposed data including email addresses, plaintext passwords, usernames, phone numbers, names, genders, birthdates, IP addresses, and geographic locations.
  • Date: 2023
  • Domain: teslavpn.net
  • Country: Lebanon
  • Category: Technology
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Genders IP Addresses Site Activity Websites Birthdates
  • Imported:
  • Records Imported: 17,000
  • Number of lines: 12,669,861
  • Size: 1.51 GB
  • Passwords: BCrypt, MD5, PHPass
  • Cracked: 4950%
Unidental.com 2023

Unidental.com 2023

In 2023, unidental.com allegedly suffered a data breach. Unidental is a Venezuelan dental insurance and care network that manages affiliated dental centers, patient records, and provider coordination. Reports suggest the breach exposed data on approximately 9,000 individuals, including email addresses, plaintext-equivalent and hashed passwords (PHPass, SHA-256), full names, phone numbers, dates of birth, national identity numbers (cédulas), gender, postal addresses, and company information belonging to affiliated dental centers and practitioners.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Government IDs Genders Site Activity Company Information Birthdates
  • Imported:
  • Records Imported: 44,500
  • Number of lines: 1,136,917
  • Size: 2.26 GB
  • Passwords: PHPass, SHA-256
  • Cracked: 0%
Subitodisponibile.com 2023

Subitodisponibile.com 2023

In June 2023, the Italian e-commerce site Subitodisponibile.com allegedly suffered a data breach. The site is an online retailer specializing in wedding favors, sugared almonds, sweets, and gift items. Reports suggest the exposed data, exfiltrated from a Magento e-commerce database, affected approximately 360,000 individuals. The compromised information allegedly included email addresses, names, phone numbers, geographic locations, birthdates, account activity, and salted SHA-256 password hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Site Activity Birthdates
  • Imported:
  • Records Imported: 866,000
  • Number of lines: 23,597,871
  • Size: 4.87 GB
  • Passwords: SHA-256 Salted
  • Cracked: 0%
Zeengal.com 2023

Zeengal.com 2023

Sometime before 2024, Zeengal Technologies, an Indian software development company based in Kanpur, Uttar Pradesh, allegedly suffered a data breach. Reports suggest the exposed data originates from a shared hosting server containing databases for multiple client applications built by the company, including an MLM referral platform, a coaching management system, a cook-booking service, and a job portal. Approximately 4,000 individuals were allegedly affected, with compromised data including email addresses, names, phone numbers, passwords, dates of birth, genders, physical locations, bank account information, and bios.
  • Date: 2023
  • Domain: zeengal.com
  • Country: India
  • Category: Technology
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Bank Account Information Genders Websites Birthdates Bios
  • Imported:
  • Records Imported: 99,049
  • Number of lines: 17,013,146
  • Size: 2.04 GB
  • Passwords: MD5, PHPass
  • Cracked: 0%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.