Breach Intelligence

2,852

Total breached databases

Difinition.co.kr 2022

Difinition.co.kr 2022

Sometime in 2022, Difinition (difinition.co.kr), a South Korean digital education platform providing learning management services for students and teachers, allegedly suffered a data breach exposing its Elasticsearch infrastructure. Reports suggest approximately 25 user records were affected, with the data including email addresses, usernames, phone numbers, birth dates, genders, geographic locations, and site activity logs.
  • Data: Email Addresses Phone Numbers Geographic Locations Usernames Genders Site Activity Birthdates
  • Records: 25
  • Lines: 94,571
  • Size: 3.29 MB
  • Passwords: No

Paragon Cheats 2021

In May 2021, the Grand Theft Auto Online cheats website Paragon Cheats allegedly suffered a data breach that led to the shutdown of the service. Reports suggest approximately 188,000 customer records were exposed, including email addresses, usernames, IP addresses, and site activity logs.
  • Data: Email Addresses Usernames IP Addresses Site Activity
  • Records: 188,328
  • Lines: 32
  • Size: 218.48 MB
  • Passwords: No
Stayful 2016

Stayful 2016

In approximately January 2016, the US hotel booking website Stayful allegedly suffered a data breach impacting approximately 184,000 users. Reports suggest the exposed data included email addresses, full names, usernames, phone numbers, geographic locations, genders, Facebook IDs, and passwords stored as salted SHA-256 hashes.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Usernames Government IDs Genders Site Activity Social Profiles
  • Records: 180,595
  • Lines: 18,318,629
  • Size: 452.8 MB
  • Passwords: SHA-256 Salted
  • Cracked: 20%
Indonesia Vaccine Database 2022

Indonesia Vaccine Database 2022

Sometime before 2022, an Indonesian COVID-19 vaccination database was allegedly exposed. Reports suggest the records originate from a government vaccination administration system. It has been reported that approximately 690,000 individuals were affected. The exposed data allegedly includes full names, national ID numbers, phone numbers, genders, birthdates, and geographic location details. No passwords were included.
  • Date: 2022
  • Country: Indonesia
  • Category: Government
  • Data: Names Phone Numbers Geographic Locations Government IDs Genders Birthdates
  • Records: 690,000
  • Lines: 16,560,279
  • Size: 1.21 GB
  • Passwords: No
Bithotel.io 2022

Bithotel.io 2022

In 2022, Bit Hotel (bithotel.io), a social pixel-art gaming metaverse built on the BNB Chain where users can hang out and compete for rewards, allegedly suffered a data breach. Reports suggest the incident exposed approximately 15,000 user records, including email addresses, usernames, bcrypt password hashes, and account creation timestamps.
  • Date: 2022
  • Domain: bithotel.io
  • Threat Actor: FTW
  • Category: Gaming
  • Data: Email Addresses Passwords Usernames Site Activity
  • Records: 15,500
  • Lines: 109,513
  • Size: 3.77 MB
  • Passwords: BCrypt
  • Cracked: 0%
APIKBET88 2022

APIKBET88 2022

In approximately 2022, APIKBET88 (apikbet88.com), an Indonesian online sports betting platform, allegedly suffered a data breach. Reports suggest approximately 1,500 user accounts were exposed, including email addresses, usernames, full names, phone numbers, and geographic location data. No passwords were compromised.
  • Data: Email Addresses Names Phone Numbers Geographic Locations Usernames
  • Records: 5,000
  • Lines: 675,099
  • Size: 21.15 MB
  • Passwords: No
Discus.solutions 2023

Discus.solutions 2023

Sometime before 2023, Discus IT Solutions (discus.solutions), an Indian software company providing compliance and management systems for the pharmaceutical industry, allegedly suffered a data breach. Reports suggest approximately 2,157 individuals were exposed, including employees and vendor accounts associated with the company's CAMS platform. Compromised data includes email addresses, encrypted passwords, full names, genders, and account creation dates.
  • Data: Email Addresses Passwords Names Phone Numbers Geographic Locations Genders Site Activity Company Information
  • Records: 2,158
  • Lines: 2,886,047
  • Size: 2.04 GB
  • Passwords: Hashed
  • Cracked: 0%

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.