Breach Intelligence

2,849

Total breached databases

Fantamatic App 2021

Fantamatic App 2021

In June 2021, Fantamatic App, a football game platform known for engaging users in virtual football games, reportedly suffered a data breach. The breach exposed approximately 89,613 lines of data. Among the compromised information were email addresses, passwords, names, phone numbers, geographic locations, usernames, IP addresses, site activity, and birthdates.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames IP Addresses Site Activity Birthdates
  • Imported:
  • Passwords: Unknown
Wiener Büchereien 2019

Wiener Büchereien 2019

In June 2019, the library of Vienna (Wiener Büchereien) suffered a data breach. The compromised data included 224k unique email addresses, names, physical addresses, phone numbers and dates of birth. The breached data was subsequently posted to Twitter by the alleged perpetrator of the breach.
  • Date: Jun 10, 2019
  • Country: Austria
  • Category: Education
  • Records Announced: 224,119
  • Source: haveibeenpwned.com
  • Data: Birthdates Email Addresses Names Phone Numbers Physical Locations
  • Imported:
  • Passwords: No
UTair 2019

UTair 2019

Near the end of March 2019, the Russian airline UTair suffered a data breach that impacted 519k passengers. The leak led to the exposure of data including Full names, Email addresses, Phone numbers, Dates of birth and Phyiscal Addresses.
  • Data: Birthdates Email Addresses Names Phone Numbers Physical Locations
  • Imported:
  • Passwords: No
Facebook Marketplace 2023

Facebook Marketplace 2023

In February 2024, 200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic locations. The data also contained bcrypt password hashes, although there is no indication these belong to the corresponding Facebook accounts.
  • Data: Email Addresses Geographic Locations Names Passwords Phone Numbers Social Profiles
  • Imported:
  • Passwords: BCrypt
  • Cracked: 0%

Stealer Logs Posted to Telegram 2024

In July 2024, info stealer logs with 26M unique email addresses were collated from malicious Telegram channels. The data contained 22GB of logs consisting of email addresses, passwords and the websites they were used on, all obtained by malware running on infected machines.
  • Date: Jul 18, 2024
  • Category: Stealers
  • Records Announced: 26,105,473
  • Source: haveibeenpwned.com
  • Data: Email Addresses Passwords
  • Imported:
  • Passwords: Unknown
Danswinkel 2024

Danswinkel 2024

In 2024, Danswinkel.nl, an online retail platform, experienced a data breach. Reports suggest that the breach exposed approximately 90,000 customer records. Some of the leaked data includes order information, geographic locations, and customer details.
  • Date: 2024
  • Domain: danswinkel.nl
  • Country: Netherlands
  • Category: E-commerce & Retail
  • Records Announced: 89,390
  • Data: Names Physical Locations Order Information
  • Imported:
  • Passwords: No
NurseryCam 2021

NurseryCam 2021

In February 2021, a series of egregiously bad security flaws were identified in the NurseryCam system designed for parents to remotely monitor their children whilst attending nursery. The flaws led to the exposure of over 10k parent records before the service was shut down.
  • Data: Email Addresses
  • Imported:
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.