Epik 2021

In September 2021, the domain registrar and web host Epik suffered a significant data breach, allegedly in retaliation for hosting alt-right websites. The breach exposed a huge volume of data not just of Epik customers, but also scraped WHOIS records belonging to individuals and organisations who were not Epik customers. The data included over 15 million unique email addresses (including anonymised versions for domain privacy), names, phone numbers, physical addresses, purchases and passwords stored in various formats.

• Date: Sep 13, 2021
• Domain: epik.com
• Category: Gaming
• Records Announced: 15,003,961
• Numer of lines: 704,291,909
• Size: 177.01 GB
• Data: Email addresses, Names, Phone numbers, Physical addresses, Purchases
• Passwords: Unknown
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com
  • raidforums.com

Cit0day 2020

In November 2020, a collection of more than 23,000 allegedly breached websites known as Cit0day were made available for download on several hacking forums. The data consisted of 226M unique email address alongside password pairs, often represented as both password hashes and the cracked, plain text versions. Independent verification of the data established it contains many legitimate, previously undisclosed breaches

• Date: Nov 4, 2020
• Domain: cit0day.in
• Country: India
• Category: Compilation
• Records Announced: 226,883,414
• Numer of lines: 621,384,868
• Records Imported: 620,702,410
• Size: 28.21 GB
• Data: Email addresses, Passwords
• Passwords: Plain
• Imported:
• Links:
  • haveibeenpwned.com
  • raidforums.com

Digimon 2016

In September 2016, over 16GB of logs from a service indicated to be digimon.co.in were obtained, most likely from an unprotected Mongo DB instance. The service ceased running shortly afterwards and no information remains about the precise nature of it. Based on enquiries made via Twitter, it appears to have been a mail service possibly based on PowerMTA and used for delivering spam. The logs contained information including 7.7M unique email recipients (names and addresses), mail server IP addresses, email subjects and tracking information including mail opens and clicks.

• Date: Sep 5, 2016
• Domain: digimon.co.in
• Category: Spam
• Records Announced: 7,687,679
• Numer of lines: 579,212,392
• Size: 16.26 GB
• Data: Email addresses, Email messages, IP addresses, Names
• Passwords: No
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com

Facebook 2019

In April 2021, a large data set of over 500 million Facebook users was made freely available for download. Encompassing approximately 20% of Facebook's subscribers, the data was allegedly obtained by exploiting a vulnerability Facebook advises they rectified in August 2019. The primary value of the data is the association of phone numbers to identities; whilst each record included phone, only 2.5 million contained an email address. Most records contained names and genders with many also including dates of birth, location, relationship status and employer.

• Date: Aug 2019
• Domain: facebook.com
• Category: Social
• Records Announced: 509,458,528
• Numer of lines: 494,061,315
• Records Imported: 493,174,316
• Size: 76.57 GB
• Data: Dates of birth, Email addresses, Employers, Genders, Geographic locations, Names, Phone numbers, Relationship statuses
• Passwords: No
• Imported:
• Links:
  • breachforums.st
  • haveibeenpwned.com
  • raidforums.com

General Public RedLine Stealer Logs

This is the result of an automated process that gathers generic RedLine Stealer logs shared over different forums, Telegram groups, and other sources.

• Category: Stealers
• Numer of lines: 508,879,559
• Records Imported: 96,480,451
• Size: 37.15 GB
• Data: URLs, User names, Email addresses, Passwords
• Passwords: Plain
• Imported: