Breach Intelligence

2,855

Total breached databases

Linked-hosting.com 2013

In 2013, Linked Hosting LLC (linked-hosting.com) allegedly suffered a data breach. The company was a small web hosting provider offering VPS and shared hosting services. Reports suggest approximately 310 individuals were affected, with exposed data including email addresses, names, phone numbers, geographic locations, usernames, IP addresses, company information, and passwords stored as MD5 and salted MD5 hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames IP Addresses Site Activity Company Information Languages
  • Imported:
  • Records Imported: 11,922
  • Number of lines: 26,160
  • Size: 12.24 MB
  • Passwords: MD5, MD5 Salted
  • Cracked: 0%
Alden.mx 2019

Alden.mx 2019

In 2019, Alden.mx, a Mexican automotive dealership group operating multiple car brands (Isuzu, Suzuki, Toyota, and others) through the Exer Web Solutions SaaS platform, allegedly suffered a data breach affecting five dealership databases. Reports suggest approximately 22,000 individuals were exposed, including customer records, vendor registrations, and job applications. Compromised data includes email addresses, plaintext passwords, MD5 password hashes, full names, phone numbers, geographic locations, usernames, Mexican RFC tax IDs, relationship statuses, genders, account creation dates, and birthdates.
  • Date: 2019
  • Domain: alden.mx
  • Country: Mexico
  • Category: Automotive
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Government IDs Relationship Statuses Genders Site Activity Birthdates
  • Imported:
  • Records Imported: 70,096
  • Number of lines: 6,057,387
  • Size: 1.28 GB
  • Passwords: MD5
  • Cracked: 104%
Rift-online.ru 2016

Rift-online.ru 2016

In August 2016, the Russian gaming community site Rift-Online.ru allegedly suffered a data breach. The site operated an Invision Power Board forum and a DataLife Engine CMS for the MMORPG Rift. Reports suggest approximately 2,000 user accounts were exposed, including email addresses, usernames, IP addresses, geographic locations, site activity data, social profiles, and passwords stored as MD5 and MyBB hashes.
  • Date: Aug 2016
  • Domain: rift-online.ru
  • Country: Russia
  • Category: Gaming
  • Records Announced: 192
  • Data: Email Addresses Passwords Geographic Locations Usernames IP Addresses Site Activity Social Profiles
  • Imported:
  • Records Imported: 3,861
  • Number of lines: 4,000
  • Size: 1.51 MB
  • Passwords: MD5, MyBB, Unknown
Lastolitevideos.com 2019

Lastolitevideos.com 2019

Sometime before 2019, Lastolitevideos.com allegedly suffered a data breach. The site was a video tutorial platform operated by Lastolite, a UK-based photography lighting equipment manufacturer, also running a companion Lastolite School of Photography site. Reports suggest approximately 6 accounts were exposed, comprising staff and administrator accounts across both sites, with data including email addresses, usernames, passwords (phpass hashes and plaintext), websites, and account activity dates.
  • Data: Email Addresses Passwords Usernames Site Activity Websites
  • Imported:
  • Records Imported: 16
  • Number of lines: 23,730
  • Size: 10.34 MB
  • Passwords: PHPass, Plaintext

Zion-network.cc 2011

In October 2011, Zion-Network (zion-network.cc), a German-speaking underground hacking forum running vBulletin, allegedly suffered a data breach. Reports suggest the exposed data contained approximately 9,500 records, including email addresses, vBulletin password hashes with salts, usernames, account activity dates, ICQ and Skype handles, websites, and birthdates.
  • Data: Email Addresses Passwords Usernames Site Activity Social Profiles Websites Birthdates
  • Imported:
  • Records Imported: 9,475
  • Number of lines: 9,776
  • Size: 4.42 MB
  • Passwords: vBulletin
  • Cracked: 5680%

Vpsace.com 2013

In 2013, VPSace.com, a VPS hosting provider, allegedly suffered a data breach exposing customer records from its WHMCS billing system. Reports suggest approximately 2,500 individuals were affected. The compromised data included email addresses, names, phone numbers, geographic locations, IP addresses, site activity, usernames, and passwords stored as salted MD5 hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames IP Addresses Site Activity
  • Imported:
  • Records Imported: 2,565
  • Number of lines: 1,343,560
  • Size: 105.35 MB
  • Passwords: MD5, MD5 Salted
  • Cracked: 0%
FirstVDS 2012

FirstVDS 2012

In August 2012, the Russian VDS hosting provider FirstVDS allegedly suffered a data breach. Reports suggest approximately 126,000 users were affected. The compromised data included email addresses, usernames, full names, physical addresses, phone numbers, fax numbers, order information, and passwords stored as md5crypt and bcrypt hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Physical Locations Geographic Locations Usernames Bank Account Information Order Information Government IDs Site Activity Websites Company Information Fax Numbers Birthdates Languages
  • Imported:
  • Records Imported: 263,924
  • Number of lines: 862,609
  • Size: 469.95 MB
  • Passwords: BCrypt, MD5, MD5Crypt
  • Cracked: 32%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.