Breach Intelligence

2,844

Total breached databases

VAPSTORE 2021

VAPSTORE 2021

In approximately August 2021, the Vaporizer & E-Cigarette Shop VAPSTORE suffered a data breach. The breach included Email addresses, Full names, Physical addresses, Phone numbers and Dates of birth. In total, 253k users were affected.
  • Date: Aug 2021
  • Domain: vapstore.de
  • Country: Germany
  • Category: E-commerce & Retail
  • Records Announced: 253,723
  • Source: vapstore.de
  • Data: Email Addresses Names Phone Numbers Physical Locations Birthdates Genders
  • Imported:
  • Records Imported: 253,723
  • Number of lines: 253,724
  • Size: 117.17 MB
  • Passwords: No
EPA.gov 2023

EPA.gov 2023

Approximately between 2022-2023, the U.S. Environmental Protection Agency (https://www.epa.gov/) suffered a data breach impacting over 8.5 million users and exposing personal and sensitive information of its customers and contractors. A hacker operating under the pseudonym @USDoD claimed responsibility and released the EPA's global contact database on a dark web forum. The leaked database contained three zipped files with approximately 500MB of data in CSV formats, holding common fields such as "Zipcodes," "Full names," "Phone numbers," "Email addresses," and "County, City, States," as well as additional fields in each file.
  • Date: 2023
  • Domain: epa.gov
  • Threat Actor: USDoD
  • Country: United States
  • Category: Government
  • Records Announced: 8,446,999
  • Data: Email Addresses Job Information Names Phone Numbers Physical Locations
  • Imported:
  • Records Imported: 8,497,246
  • Number of lines: 8,497,247
  • Size: 1.53 GB
  • Passwords: No
Tigo 2023

Tigo 2023

Sensitive
In Mid-2023, 300GB of data containing over 100M records from the Chinese video chat platform "Tigo" dating back to March that year was discovered. The data contained over 700k unique names, usernames, email and IP addresses, genders, profile photos and private messages. Tigo did not respond to multiple attempts to disclose the incident.
  • Data: Device Information Email Addresses Genders Geographic Locations IP Addresses Messages Names Profile Photos Usernames
  • Imported:
  • Records Imported: 5,519,795
  • Number of lines: 5,519,797
  • Size: 157.36 MB
  • Passwords: No
PropTiger 2018

PropTiger 2018

In January 2018, the Indian property website PropTiger suffered a data breach which resulted in a 3.46GB database file being exposed and subsequently shared extensively on a popular hacking forum 2 years later. The exposed data contained both user records and login histories with over 2M unique customer email addresses. Exposed data also included additional personal attributes such as names, dates of birth, genders, IP addresses and passwords stored as MD5 hashes. PropTiger advised they believe the usability of the data is "limited" due to how certain data attributes were generated and stored.
  • Data: Birthdates Device Information Email Addresses Genders IP Addresses Names Passwords
  • Imported:
  • Records Imported: 7,971,626
  • Number of lines: 20,051,981
  • Size: 2.72 GB
  • Passwords: MD5
  • Cracked:
WedMeGood 2021

WedMeGood 2021

In January 2021, the Indian wedding planning platform WedMeGood suffered a data breach that exposed 1.3 million customers. The breach exposed 41.5GB of data including email and physical addresses, names, genders, phone numbers and password hashes.
  • Data: Email Addresses Genders Names Passwords Phone Numbers Physical Locations
  • Imported:
  • Records Imported: 1,624,742
  • Number of lines: 4,683,466
  • Size: 1.06 GB
  • Passwords: Hashed
  • Cracked: