Breaches index

Badoo 2013

Sensitive

In June 2016, a data breach reportedly linked to the social website Badoo was discovered circulating among data traders. Believed to have been obtained years earlier, the breach exposed 112 million unique email addresses, along with names, birthdates, and passwords hashed with MD5.

Date: Jun 2013
Domain: badoo.com
Category: Dating
Records Announced: 112,005,531
Sources:

Data: Birthdates Email Addresses Genders Names Passwords Usernames

Imported:
Records Imported: 127,380,552
Number of lines: 127,380,564
Size: 15.23 GB
Passwords: MD5
Cracked: 67%

MGM Grand Hotels 2019

In July 2019, MGM Resorts discovered a data breach of one of their cloud services. The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. The exposed data included email and physical addresses, names, phone numbers and dates of birth and was subsequently shared on a popular hacking forum in February 2020 where it was extensively redistributed.

Date: Jul 25, 2019
Domain: mgmresorts.com
Category: Travel
Records Announced: 142,479,937
Sources:
- haveibeenpwned.com
- zdnet.com

Data: Birthdates Email Addresses Names Phone Numbers Physical Locations

Imported:
Records Imported: 10,613,129
Number of lines: 10,613,267
Size: 923.81 MB
Passwords: No

Chegg 2018

In April 2018, the textbook rental service Chegg suffered a data breach that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes.

Date: Apr 28, 2018
Domain: chegg.com
Country: United States
Category: Education
Records Announced: 39,721,127
Sources:

Data: Email Addresses Names Passwords Usernames

Imported:
Records Imported: 37,417,079
Number of lines: 37,417,079
Size: 7.85 GB
Passwords: MD5
Cracked: 78%

Promo 2020

In July 2020, the self-proclaimed "World's #1 Marketing Video Maker" Promo suffered a data breach which was then shared extensively on a hacking forum. The incident exposed 22 million records containing almost 15 million unique email addresses alongside IP addresses, genders, names and salted SHA-256 password hashes.

Date: Jun 22, 2020
Domain: promo.com
Category: Professional & Corporate
Records Announced: 14,610,585
Sources:
- databreach.com
- haveibeenpwned.com

Data: Email Addresses Genders IP Addresses Names Passwords

Imported:
Records Imported: 22,086,745
Number of lines: 22,086,745
Size: 15.38 GB
Passwords: SHA-256 Salted
Cracked:

CrimeAgency vBulletin Dump 2016

In January 2016, a significant number of unpatched vBulletin forums were compromised by an actor known as "CrimeAgency." A total of approximately 140 forums had data, including usernames, email addresses, and passwords (predominantly stored as salted MD5 hashes), extracted and subsequently distributed.

Date: Jan 2016
Threat Actor: CrimeAgency
Category: Compilations & Combo lists
Records Announced: 942,044
Sources:

Data: Email Addresses Passwords Usernames

Imported:
Records Imported: 569,818
Number of lines: 755,079
Size: 72.46 MB
Passwords: vBulletin
Cracked:

Breach Intelligence

2,844

Badoo 2013

MGM Grand Hotels 2019

Chegg 2018

Promo 2020

CrimeAgency vBulletin Dump 2016