Breach Intelligence

2,843

Total breached databases

Tamil Nadu Police Facial Recognition 2024

Tamil Nadu Police Facial Recognition 2024

Sensitive
In May 2024, a data leak occurred from the Tamil Nadu Police Facial Recognition Portal (frs.tnpolice.gov.in), affecting 896,391 records. The breach included approximately 37k unique emails, as well as ages, genders, government issued IDs, names, police station details, phone numbers, physical addresses, and usernames. The data breach was executed by the user known as Valerie.
  • Date: May 2024
  • Domain: frs.tnpolice.gov.in
  • Threat Actor: Valerie
  • Country: India
  • Category: Law Enforcement
  • Records Announced: 896,391
  • Data: Email Addresses Names Phone Numbers Physical Locations Usernames Government IDs Genders Ages
  • Imported:
  • Number of lines: 1,551,568
  • Size: 70.11 MB
  • Passwords: No
RankWatch 2016

RankWatch 2016

In November 2016, RankWatch, a search engine optimization management company, exposed an unsecured MongoDB database to the public. The data was subsequently stolen and posted to an online forum, exposing 7.4 million unique email addresses along with names, employers, phone numbers, and job titles.
  • Data: Company Information Email Addresses Job Information Names Phone Numbers
  • Imported:
  • Passwords: Plaintext
EyeVisionClinic 2024

EyeVisionClinic 2024

Sensitive
In 2024, the Singapore Eye & Vision Clinic, a medical facility specializing in eye care services, allegedly experienced a data breach. Reports indicate that the exposed data was shared on a popular hacking forum by a user known as "themob." The breach reportedly compromised over 813,000 patient records. Among the leaked data were names, email addresses, phone numbers, geographic locations, genders, dates of birth, ages, ethnicities, and nationalities.
  • Date: 2024
  • Domain: eyevision.com.sg
  • Threat Actor: themob
  • Country: Singapore
  • Category: Healthcare
  • Records Announced: 813,231
  • Data: Email Addresses Names Phone Numbers Geographic Locations Genders Birthdates Ages Ethnicities Nationalities
  • Imported:
  • Passwords: Unknown
Real Estate Mogul 2016

Real Estate Mogul 2016

In September 2016, Real Estate Mogul, a real estate investment site, allegedly suffered a breach after a MongoDB instance was compromised and 5GB of data was downloaded by an unauthorised party. The incident reportedly exposed real estate listings along with seller details. Among the compromised data were 308,000 unique email addresses, names, phone numbers, and property addresses.
  • Data: Email Addresses Names Phone Numbers Physical Locations
  • Imported:
  • Passwords: Unknown
monespaceprime.engie.fr 2023

monespaceprime.engie.fr 2023

In April 2023, a subdomain of Engie.fr (monespaceprime.engie.fr), belonging to Engie, a French multinational utility company operating in electricity generation and distribution, natural gas, nuclear energy, renewable energy, and petroleum, was reportedly breached by a threat actor known as "@HommeDeLombre." The leaked data was shared on a popular hacking forum and allegedly exposed information of over 157,000 website clients, including more than 109,000 unique email addresses. Among the compromised data were names, email addresses, phone numbers, geographic locations, genders, order information, and site activity.
  • Date: Apr 2023
  • Domain: monespaceprime.engie.fr
  • Threat Actor: HommeDeLombre
  • Country: France
  • Category: Industry
  • Records Announced: 157,466
  • Data: Email Addresses Names Phone Numbers Geographic Locations Order Information Genders Site Activity
  • Imported:
  • Passwords: No
Unimarc.cl

Unimarc.cl

At present, no extended description exists for the Unimarc.cl incident. This entry is included so you are aware of its existence. Verification against this breach will be possible in the future. Meanwhile, you can check other breaches for your information.

  • Data: It is unclear which categories of data were compromised in the Unimarc.cl breach. This page will be revised as information becomes available.
  • Imported:
  • Number of lines: 2,838,661
  • Size: 3.17 GB
  • Passwords: ?
Arkansas 2017 Voter 2017

Arkansas 2017 Voter 2017

In 2017 the database of Arkansas' Voters was leaked and it has been posted exclusively here on raidforums for you to download. It has around 1.7 million records and is available to download below [RaidForums Exclusive].
  • Date: 2017
  • Domain: arkansas.gov
  • Country: United States
  • Category: Government
  • Records Announced: 1,746,067
  • Data: Birthdates Genders Government IDs Names Personal Information Phone Numbers Physical Locations
  • Imported:
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.