Breach Intelligence

2,855

Total breached databases

Monsterhack.ru 2018

Monsterhack.ru 2018

In April 2018, the Russian-language forum Monsterhack (monsterhack.ru) allegedly suffered a data breach. Monsterhack was a XenForo-based community focused on hacking and game cheats. Reports suggest the exposed data contained approximately 6,400 user records, including email addresses, usernames, genders, geographic locations, site activity and passwords stored as bcrypt hashes.
  • Data: Email Addresses Passwords Geographic Locations Usernames Genders Site Activity
  • Imported:
  • Records Imported: 6,445
  • Number of lines: 102,359
  • Size: 9.18 MB
  • Passwords: BCrypt
  • Cracked: 19781%
Vendetta-chaos.ru 2013

Vendetta-chaos.ru 2013

In 2013, Vendetta-Chaos (vendetta-chaos.ru), a Russian private server community for the MMORPG Cabal Online, allegedly suffered a data breach. Reports suggest approximately 71 user accounts were exposed, including usernames, email addresses, plaintext passwords, SHA-256 password hashes, IP addresses, and geographic locations.
  • Data: Email Addresses Passwords Geographic Locations Usernames IP Addresses
  • Imported:
  • Records Imported: 71
  • Number of lines: 634,630
  • Size: 105.66 MB
  • Passwords: Plaintext, SHA-256
Formskart.com 2019

Formskart.com 2019

In 2019, Formskart.com allegedly suffered a data breach. Formskart is an Indian online platform for college event registrations and student career programs including MBA GDPI preparation. Reports suggest approximately 487 individuals were affected, with exposed data including email addresses, phone numbers, names, MD5 password hashes, geographic locations, genders, and account creation dates.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Genders Site Activity Birthdates
  • Imported:
  • Records Imported: 811
  • Number of lines: 1,130
  • Size: 178.32 KB
  • Passwords: MD5
  • Cracked: 0%
HTH Studios 2018

HTH Studios 2018

In August 2018, HTH Studios, an adult furry interactive game creator, allegedly suffered a data breach affecting multiple repositories of customer data. Several months later, the information surfaced on a popular hacking forum. Reports suggest approximately 411,000 unique individuals were affected. The exposed data included names, usernames, email and IP addresses, dates of birth, phone numbers, physical addresses, order details, and passwords stored as a mix of bcrypt, phpass, salted SHA-1, and salted MD5 hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Physical Locations Geographic Locations Usernames Order Information IP Addresses Site Activity Birthdates
  • Imported:
  • Records Imported: 585,333
  • Number of lines: 636,765
  • Size: 252.05 MB
  • Passwords: BCrypt, MD5 Salted, PHPass, SHA-1 Salted
  • Cracked: 55%
Kaboom.su 2015

Kaboom.su 2015

Sometime before 2015, the Russian Minecraft server network and gaming community Kaboom.su (kaboom.su) allegedly suffered a data breach. Reports suggest the exposed data covered approximately 102,000 individuals. It has been reported that the compromised information included email addresses, usernames, real names, IP addresses, site activity and social profile details, along with passwords stored as MyBB (Invision Power Board) salted hashes and unrecognised MD5-derived hashes.
  • Data: Email Addresses Passwords Names Usernames IP Addresses Site Activity Social Profiles
  • Imported:
  • Records Imported: 357,524
  • Number of lines: 3,969,101
  • Size: 675.96 MB
  • Passwords: MyBB, Unknown
Turnover-it.com 2020

Turnover-it.com 2020

In December 2020, the recruitment portal TURNOVER-IT.com, which specializes in connecting companies with IT and IS professionals, suffered a data breach. It has been reported that approximately 196,691 users were affected. Among the compromised data were email addresses, hashed passwords, full names, phone numbers, physical addresses, IP addresses, websites, dates of birth, employment history, hobbies, and CVs.
  • Date: Dec 18, 2020
  • Domain: turnover-it.com
  • Country: France
  • Category: Professional & Corporate
  • Records Announced: 196,691
  • Data: Email Addresses Passwords Names Phone Numbers Physical Locations Geographic Locations Usernames Genders IP Addresses Websites Job Information Company Information Birthdates Personal Interests
  • Imported:
  • Records Imported: 266,004
  • Number of lines: 1,998,474
  • Size: 933.21 MB
  • Passwords: Unknown

Thesecretworld.com 2016

In July 2016, the official community forums for The Secret World, a massively multiplayer online RPG developed by Funcom, allegedly suffered a data breach. Reports suggest the exposed data spanned several forum database exports and affected approximately 249 thousand individuals. The compromised information allegedly included email addresses, usernames, vBulletin password hashes with salts, IP addresses, site activity, social profile handles, and websites.
  • Data: Email Addresses Passwords Usernames IP Addresses Site Activity Social Profiles Websites
  • Imported:
  • Records Imported: 911,749
  • Number of lines: 912,194
  • Size: 262.45 MB
  • Passwords: vBulletin
  • Cracked: 83%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.