Breaches index

Sport 2000 2024

In approximately June 2024, the French sports store Sport2000, known for sporting goods and apparel, suffered a data breach. Reports suggest that the breach was orchestrated by an individual using the pseudonym anonyme1456, who publicly posted the information on BreachForums. The breach exposed data including over 3.2 million unique email addresses and account balances. Among the compromised data were account balances, dates of birth, names, phone numbers, physical locations, and website activity.

Date: Jun 2024
Domain: sport2000.fr
Threat Actor: anonyme1456
Country: France
Category: Sports
Records Announced: 3,217,146
Source: haveibeenpwned.com

Data: Email Addresses Names Phone Numbers Physical Locations Balances Site Activity Birthdates

Imported:
Records Imported: 4,375,147
Number of lines: 4,376,037
Size: 1.12 GB
Passwords: No

YouPorn 2012

Sensitive

In February 2012, the adult website YouPorn had over 1.3M user accounts exposed in a data breach. The publicly released data included both email addresses and plain text passwords.

Date: Feb 21, 2012
Domain: youporn.com
Category: Pornography
Records Announced: 1,327,567
Sources:

Data: Birthdates Email Addresses Geographic Locations Passwords Site Activity

Imported:
Records Imported: 5,833,811
Number of lines: 102,729,403
Size: 1.37 GB
Passwords: Plaintext

Ticketfly (Partial) 2018

In May 2018, the website for the ticket distribution service Ticketfly was defaced by an attacker and was subsequently taken offline. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location. The data included over 26 million unique email addresses along with names, physical addresses and phone numbers. Whilst there were no passwords in the publicly leaked data, Ticketfly later issued an incident update and stated that "It is possible, however, that hashed values of password credentials could have been accessed".

Date: May 31, 2018
Domain: ticketfly.com
Category: Streaming & Entertainment
Records Announced: 6,151,436
Sources:

Data: Email Addresses Names Phone Numbers Physical Locations

Imported:
Records Imported: 6,151,415
Number of lines: 6,151,436
Size: 865.9 MB
Passwords: Hashed
Cracked:

JobStreet 2012

In October 2017, the Malaysian website lowyat.net ran a story on a massive set of breached data affecting millions of Malaysians after someone posted it for sale on their forums. The data spanned multiple separate breaches including the JobStreet jobs website which contained almost 4 million unique email addresses. The dates in the breach indicate the incident occurred in March 2012. The data later appeared freely downloadable on a Tor hidden service and contained extensive information on job seekers including names, genders, birth dates, phone numbers, physical addresses and passwords.

Date: Mar 7, 2012
Domain: jobstreet.com
Country: Malaysia
Category: Professional & Corporate
Records Announced: 3,883,455
Sources:
- dehashed.com
- haveibeenpwned.com

Data: Birthdates Email Addresses Genders Geographic Locations Government IDs Marital Statuses Names Nationalities Passwords Phone Numbers Physical Locations Usernames

Imported:
Records Imported: 16,305,053
Number of lines: 16,305,054
Size: 3.95 GB
Passwords: Unknown

Woman And Home 2016

This leak was shared the 18th of September 2016 on RaidForums by the user WhiteSec, alleging he compromised the site.

Date: 2016
Domain: womanandhome.com
Category: Healthcare
Records Announced: 46,113

Data: Email Addresses IP Addresses Passwords Usernames

Imported:
Records Imported: 46,113
Number of lines: 46,113
Size: 3.55 MB
Passwords: vBulletin
Cracked:

Breach Intelligence

2,844

Sport 2000 2024

YouPorn 2012

Ticketfly (Partial) 2018

JobStreet 2012

Woman And Home 2016