Breach Intelligence

2,849

Total breached databases

Nnm-club.ru 2013

Nnm-club.ru 2013

NNM-Club was created in 2005. It quickly gained popularity within the Russian-speaking community as a platform for sharing torrents and discussing various media-related topics. Over the years, it became a significant site for fans of anime, movies, music, and other forms of entertainment.
  • Date: 2013
  • Domain: nnm-club.ru
  • Country: Russia
  • Category: Piracy
  • Records Announced: 3,429,552
  • Data: Email Addresses Passwords Site Activity Usernames
  • Imported:
  • Records Imported: 3,429,327
  • Number of lines: 3,429,427
  • Size: 1.66 GB
  • Passwords: ?
Lime Leads 2020

Lime Leads 2020

In 2020, the US data broker LimeLeads suffered a data breach. LimeLeads is known for providing business sales leads and contacts. The breach exposed approximately 49 million records. Among the compromised data were email addresses, phone numbers, job information, and company names.
  • Date: 2020
  • Domain: limeleads.com
  • Country: United States
  • Category: Data Brokers
  • Records Announced: 40,000,000
  • Source: zdnet.com
  • Data: Email Addresses Names Phone Numbers Physical Locations Job Information Company Information
  • Imported:
  • Records Imported: 39,825,642
  • Number of lines: 39,825,642
  • Size: 39.4 GB
  • Passwords: No
T-Mobile 2018

T-Mobile 2018

On August 20, T-Mobile, a major mobile phone provider, experienced a data breach that exposed the personal information of approximately 2 million customers, accounting for around 3% of its 77 million user base. Among the compromised data were names, phone numbers, genders, geographic locations, physical addresses, and ethnicities.
  • Date: 2018
  • Domain: t-mobile.com
  • Country: United States
  • Category: Telecommunications
  • Records Announced: 2,000,000
  • Data: Names Phone Numbers Genders Geographic Locations Physical Locations Ethnicities
  • Imported:
  • Records Imported: 2,060,368
  • Number of lines: 2,060,410
  • Size: 266.36 MB
  • Passwords: No
Telegram 2019

Telegram 2019

In 2019, a data breach involving Telegram users' information was reported. The breach exposed a database containing phone numbers and unique Telegram user IDs, which was shared on darknet forums. The data was primarily collected before mid-2019, with about 84% of it being outdated and around 60% inaccurate. The majority of the affected accounts were from Iran (70%) and Russia (30%). The breach was attributed to the app's built-in contact export feature, which allows users to see which of their contacts are also using Telegram. This feature can be exploited by malicious users to build databases matching phone numbers with user IDs.
  • Data: Names Phone Numbers Social Profiles
  • Imported:
  • Records Imported: 28,403,635
  • Number of lines: 28,403,916
  • Size: 1.27 GB
  • Passwords: No
IRAQ national Security Leak

IRAQ national Security Leak

The data was stolen from the ministry devices and not obtained with online methods, the data contain all Iraqi citizen information.
  • Country: Iraq
  • Category: Government
  • Data: Birthdates Geographic Locations Government IDs Names Physical Locations
  • Imported:
  • Number of lines: 39,017,831
  • Size: 6.05 GB
  • Passwords: No
Platan 2024

Platan 2024

On August 14, 2024, the Russian electronic store Platan experienced a data breach. Platan is known for selling consumer electronics and related products. The breach exposed approximately 165,000 user records and 415,000 orders. Among the compromised data were names, phone numbers, email addresses, geographic locations, bank information, order information, usernames, and passwords stored as MD5 hashes.
  • Date: Aug 14, 2024
  • Domain: platan.ru
  • Country: Russia
  • Category: E-commerce & Retail
  • Records Announced: 165,939
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Bank Account Information Order Information
  • Imported:
  • Passwords: MD5
  • Cracked: 0%
MOE (Ministry of Education of Thailand) 2024

MOE (Ministry of Education of Thailand) 2024

On August 23, 2024, the Ministry of Education of Thailand's website (moe.go.th), an official online portal providing comprehensive resources on Thailand's education system, experienced a data breach. Breached by SILKFIN AGENCY, the breach exposed over 140,000 student records and 8,500 teacher records. Among the compromised data for students were IDs, names, geographic locations, birth dates, nationalities, and educational details. Teachers' data included similar personal identifiers, professional qualifications, and geographic information.
  • Date: Aug 23, 2024
  • Domain: moe.go.th
  • Threat Actor: SILKFIN AGENCY
  • Country: Thailand
  • Category: Education
  • Records Announced: 153,335
  • Data: Names Geographic Locations Marital Statuses Disabilities Birthdates Nationalities Education IDs
  • Imported:
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.