Breach Intelligence

2,967

Total breached databases

The website 1111 Manpower Bank select full - time, part - time, work - study internship and so on for job - seekers and talent - seeking enterprises! It also provides a variety of job search tools to help job seekers understand themselves and give full play to their strengths suffered a data breach that impacted 4045282 users from period to 2014-2018. The breach included full info.
  • Date: 2014
  • Domain: 1111.com.tw
  • Country: Taiwan
  • Category: Professional & Corporate
  • Data: Birthdates Email Addresses Genders Geographic Locations Names Passwords
  • Records: 4,045,286
  • Lines: 4,045,303
  • Size: 422.75 MB
  • Passwords: Plaintext
In May 2022, the proxy provider ProxyScrape suffered a data breach. The breach included Email addresses, IP Addresses (Including Whitelisted & Unwhitelisted IPs), Order history and Logs. In total, 11.3k users were affected. The breach occurred due to a development instance being open to the public. ProxyScrape has since acknowledged the breach and reset all keys used to access proxies.
  • Data: Email Addresses IP Addresses Order Information Site Activity
  • Records: 11,369
  • Lines: 11,372
  • Size: 14.32 MB
  • Passwords: No
The website My English Online (MEO) is an online course based on the MyELT language learning platform, which offers a complete set of interactive activities for you to learn English at any time and at any place suffered a data breach that impacted 1.236.736 users from period to 2013-2017. The breach included full info.
  • Data: It is unclear which categories of data were compromised in the myenglishonline.com.br 2013 breach. This page will be revised as information becomes available.
  • Records: 1,236,739
  • Lines: 1,236,759
  • Size: 487.32 MB
  • Passwords: ?
In 2013 (exact date unknown), the Chinese e-commerce service JD suffered a data breach that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as SHA-1 hashes.
  • Data: Email Addresses Passwords Phone Numbers Usernames
  • Records: 96,830,188
  • Lines: 141,639,666
  • Size: 13.14 GB
  • Passwords: MD5
  • Cracked: 14%
Somewhere around 2014 the database from the forum BitsHacking was breached and leaked on the net, today I have uploaded it to our server. It contains 41 thousand records of users.
  • Data: Email Addresses Passwords Usernames
  • Records: 41,348
  • Lines: 41,348
  • Size: 3.79 MB
  • Passwords: vBulletin
  • Cracked: 82%
In July 2022, the French telecommunications company La Poste Mobile was the target of an attack by the LockBit ransomware which resulted in company data being published publicly. The impacted data included 533k unique email addresses along with names, physical addresses, phone numbers, dates of births, genders and banking information. 10 days after the attack, the La Poste Mobile website remained offline.
  • Data: Bank Account Information Birthdates Email Addresses Genders Names Phone Numbers Physical Locations
  • Records: 479,628
  • Lines: 479,668
  • Size: 91.72 MB
  • Passwords: WordPress
  • Cracked: 0%
In January 2016, the Minecraft community known as Lifeboat was hacked and more than 7 million accounts leaked. Lifeboat knew of the incident for three months before the breach was made public but elected not to advise customers. The leaked data included usernames, email addresses and passwords stored as straight MD5 hashes.
  • Data: Email Addresses Passwords Usernames
  • Records: 11,869,870
  • Lines: 11,870,145
  • Size: 810.36 MB
  • Passwords: MD5
  • Cracked: 99%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.