Breach Intelligence

2,693

Total breached databases

Search breaches

The Collection #5 data breach is part of a larger series of data dumps, including Collections #1 through #5, which compiled email addresses and passwords from thousands of sources, from previously known data breaches and some new alleged breaches. Collection #1 alone contained about 2.7 billion records, including 1.2 billion unique email and password combinations, 773 million unique email addresses, and 21 million unique plaintext passwords. Additional collections, named Collections #2 through #5, along with "AP MYR&ZABUGOR #2" and "ANTIPUBLIC #1," were also discovered, significantly adding to the scope of compromised data​.
  • Date: 2019
  • Category: Compilations & Combo lists
  • Records Announced: 1,282,398,456
  • Records Imported: 643,773,546
  • Size: 20.82 GB
  • Data: Email Addresses, Passwords
  • Passwords: Plaintext
  • Imported:
  • Sources:
In September 2023, over 100GB of stealer logs and credential stuffing lists titled "Naz.API" was posted to a popular hacking forum. The incident contained a combination of email address and plain text password pairs alongside the service they were entered into, and standalone credential pairs obtained from unnamed sources. In total, the corpus of data included 71M unique email addresses and 100M unique passwords.
  • Date: Sep 20, 2023
  • Category: Stealers
  • Records Announced: 70,840,771
  • Numer of lines: 1,213,250,346
  • Records Imported: 1,044,594,675
  • Size: 83.13 GB
  • Data: Email Addresses, Passwords
  • Passwords: Plaintext
  • Imported:
  • Source: haveibeenpwned.com
On October 21, 2024, Hot Topic, Box Lunch, and Torrid suffered a major data breach, exposing the personal information of approximately 350 million customers. Data included names, emails, addresses, phone numbers, birth dates, loyalty and rewards details, as well as partial payment information.
  • Date: Oct 19, 2024
  • Domain: hottopic.com
  • Threat Actor: Satanic
  • Country: United States
  • Category: E-commerce & Retail
  • Records Announced: 350,000,000
  • Numer of lines: 1,201,279,303
  • Records Imported: 966,951,153
  • Size: 347 GB
  • Data: Birthdates, Email Addresses, Payment Information, Phone Numbers
  • Passwords: No
  • Imported:
  • Sources:
In January 2019, a large collection of credential stuffing lists (combinations of email addresses and passwords used to hijack accounts on other services) was discovered being distributed on a popular hacking forum. The data contained almost 2.7 billion records including 773 million unique email addresses alongside passwords those addresses had used on other breached services. Full details on the incident and how to search the breached passwords are provided in the blog post The 773 Million Record "Collection #1" Data Breach.
In December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum. The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unauthorised access of "a file transfer interface of a third-party vendor".
  • Date: Dec 11, 2022
  • Domain: sevenrooms.com
  • Category: Food
  • Records Announced: 1,205,385
  • Numer of lines: 938,054,130
  • Size: 427.23 GB
  • Data: Email Addresses, Names, Order Information
  • Passwords: No
  • Imported:
  • Source: haveibeenpwned.com