Breach Intelligence

3,151

Total breached databases

Likely in early 2015, the video game website GameTuts suffered a data breach and over 2 million user accounts were exposed. The site later shut down in July 2016 but was identified as having been hosted on a vBulletin forum. The exposed data included usernames, email and IP addresses and salted MD5 hashes.
  • Data: Email Addresses IP Addresses Passwords Usernames
  • Records: 2,244,550
  • Lines: 2,244,706
  • Size: 926.37 MB
  • Passwords: vBulletin
  • Cracked: 50%
In September 2021, the Instituto de Obra Social de las Fuerzas Armadas (IOSFA), an Argentinian government organization, reportedly experienced a data breach affecting its database. The incident allegedly compromised records for approximately 45 million Argentinians. Among the leaked data were names, national identification numbers, dates of birth, and geographic locations.
  • Date: Sep 2021
  • Domain: iosfa.gob.ar
  • Country: Argentina
  • Category: Government
  • Data: Names Phone Numbers Physical Locations Government IDs Birthdates Genders Disabilities Relationship Statuses
  • Records: 1,193,316
  • Lines: 1,193,391
  • Size: 262.16 MB
  • Passwords: No
In August 2016, the Epic Games forum suffered a data breach, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure of 252k accounts including usernames, email addresses and salted MD5 hashes of passwords.
  • Data: Email Addresses Passwords Usernames
  • Records: 277,944
  • Lines: 278,042
  • Size: 453.35 MB
  • Passwords: vBulletin
  • Cracked: 33%
In December 2014, the prominent online community for artists ConceptArt.org, primarily focused on art, design, and digital illustration, suffered a data breach that exposed user information. The exposed data included email addresses, usernames, and passwords stored as salted MD5 hashes.
  • Data: Email Addresses IP Addresses Passwords Usernames
  • Records: 441,945
  • Lines: 442,098
  • Size: 374.37 MB
  • Passwords: vBulletin
  • Cracked: 0%
In December 2022, the Crypto & NFT taxes service CoinTracker reported a data breach that impacted over 1.5M of their customers. The company later attributed the breach to a compromise SendGrid in an attack that targeted multiple customers of the email provider. The breach exposed email addresses and partially redacted phone numbers, with CoinTracker advising that the later did not originate from their service.
  • Data: Email Addresses Phone Numbers
  • Records: 1,557,169
  • Lines: 1,557,169
  • Size: 221.67 MB
  • Passwords: No
In February 2019, the email address validation service verifications.io suffered a data breach. Discovered by Bob Diachenko and Vinny Troia, the breach was due to the data being stored in a MongoDB instance left publicly facing without a password and resulted in 763 million unique email addresses being exposed. Many records within the data also included additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders. No passwords were included in the data. The Verifications.io website went offline during the disclosure process, although an archived copy remains viewable.
  • Data: Birthdates Company Information Email Addresses Genders Geographic Locations IP Addresses Job Information Names Phone Numbers Physical Locations
  • Records: 808,536,946
  • Lines: 808,539,849
  • Size: 159.51 GB
  • Passwords: No
In mid-2019, Deezer, a music streaming service, allegedly suffered a data breach that impacted more than 240 million customers. The incident reportedly exposed 229 million unique email addresses, along with IP addresses, names, usernames, genders, dates of birth, and geographic locations of users.
  • Data: Birthdates Email Addresses Genders Geographic Locations IP Addresses Languages Names Usernames
  • Records: 317,776,279
  • Lines: 317,776,280
  • Size: 73.11 GB
  • Passwords: No

Frequently Asked Questions

A data breach is unauthorized access to data (often involving account takeover, malware, or misconfigured infrastructure). A data leak is exposure of data due to mistakes like public cloud storage, open databases, or accidental publishing. A database dump is a packaged dataset that may come from a breach, leak, scraping, or aggregation.

Change passwords for any affected accounts immediately, prioritizing email, banking, and any account that shares the same password. Enable multi-factor authentication wherever possible. Monitor your accounts for suspicious activity and consider placing a fraud alert or credit freeze if financial data was exposed.

Start with containment and verification: confirm what data was exposed, identify the entry point, rotate credentials (especially SSO, VPN, email), and enforce MFA. Then investigate affected systems, notify stakeholders as required, and harden controls to prevent recurrence. A structured incident response plan helps keep the work measurable and compliant.

Dark web monitoring helps you spot exposure signals early — before stolen data is widely reused for account takeover or targeted attacks. Monitoring complements vulnerability management by revealing when attackers already have leverage. Pair it with continuous attack surface monitoring and strong Asset Discovery to reduce blind spots.

Not always. Some datasets are old, incomplete, or derived from third parties. However, any exposure increases risk because credentials and personal data can be reused indefinitely. Treat it as a priority signal: rotate credentials, enforce MFA, review suspicious logins, and audit the systems that could have produced the data.

SynScan helps you connect the dots between attack surface exposure, vulnerabilities, and breach signals so you can prioritize remediation and reduce the chance of repeat incidents.