New breach: SuperDraft had 300k records breached in October. Data included email address, username, transactions, lat and long, DoB and bcrypt password hashes. 62% were already in @Have I Been Pwned. Read more:
X (formerly Twitter)
Troy Hunt (@troyhunt) on X
Data breach at @superdraftdfs. Kudos for properly explaining what a bcrypt hash is and not calling it “encryption”!
New breach: Jewellery store GLAMIRA had 875k email addresses breached in late 2023. Data also included name, phone number and purchases. 68% were already in @Have I Been Pwned. Read more: https://www.reddit.com/r/EngagementRings/comments/1adqinl/comment/koqzq4g/
New breach: More than 90M rows of French citizen data with 28M unique email addresses was found publicly facing in Sep. Data included name, IP, physical address and partial card data. 70% were already in @Have I Been Pwned. Read more: https://cybernews.com/security/french-records-exposed-by-mysterious-data-hoarder/
New breach: Young Living Essential Oils had 1.1M unique email addresses breached and advertised on a hacking forum this month. Data included name, country and DoB. 78% were already in @Have I Been Pwned. Read more:
X (formerly Twitter)
Hackmanac (@H4ckmanac) on X
🚨Data Breach Alert - Young Living Essential Oils A potential data breach involving Young Living Essential Oils has been detected on a hacking f...
New breach: German gift store schenkYOU had 237k records breached earlier this year including email address, name, DoB and salted SHA-256 password hash. 54% were already in @Have I Been Pwned. Read more:
Daily Dark Web
Alleged Data Breach at SchenkYou: A Threat Actor Claims to Sell 6 Million Records on Dark Web - Daily Dark Web
Alleged Data Breach at SchenkYou: A Threat Actor Claims to Sell 6 Million Records on Dark Web Discover the latest security threats and database lea...
New breach: BitView had 63k unique email addresses breached last week. Data also included IP, username, bcrypt password hash, private messages and video comments. 27% were already in @Have I Been Pwned. Read more: https://www.bitview.net/blog#157
New breach: Hopamedia had 24M unique email addresses exposed in a breach dating back to 2020. Data also includes name, country, phone number and the number's telecommunications carrier. 66% were already in @Have I Been Pwned. Read more:
X (formerly Twitter)
Troy Hunt (@troyhunt) on X
I'm in the process of verifying a data breach attributed to "Hopamedia" and thought I'd tweet out and ask for help as I've *no* idea what that serv...
New breach: MC2 Data had 2.1M customer records exposed via an unprotected database in August. Marketed under different brands, the data included email address, name and salted SHA-25 password. 60% were already in @Have I Been Pwned. Read more: https://cybernews.com/security/us-mc2-background-check-data-leak/
New breach: Senegalese payment platform Yonéma had 36k unique email addresses breached and posted publicly last month. Data included name, phone and encrypted password and DoB. 52% were already in @Have I Been Pwned. Read more:
X (formerly Twitter)
darkweb-deepwebfeed (@cyberfeeddigest) on X
💥 **#IntelBroker Strikes Again: #Yonéma Database Breached!** The bank/payment messaging platform Yonéma ([yonema[.]com]allegedly hacked by ...
New breach: German electricity provider Tibber had 50k records breached last month. Data included name, email, geolocation and total purchases value. 56% were already in @Have I Been Pwned. Read more:
Security
Electricity provider Tibber hacked, 50,000 German customers affected
Tibber confirms that hackers have infiltrated and obtained customer data. This data is now being sold on the darknet.