New sensitive breach: Lexipol had 672k email addresses breached last month by self-proclaimed "Puppygirl Hacker Polycule". Data included name, phone and MD5 or SHA-256 password hashes. 23% were already in @Have I Been Pwned. Read more:
Them
β€œPuppygirl Hacker Polycule” Leaks Over 8,500 Privatized Police Files and Training Manuals
"We took matters into our own paws.”
New sensitive breach: Color Dating had 220k unique email addresses breached in 2018. Data also included name, bio, photo and bcrypt password hash. 59% were already in @Have I Been Pwned. Read more: https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/
New breach: The flat earth sun, moon & zodiac app by "Flat Earth Dave" had 33k unique email addresses breached in Oct. Data included plain text passwords and users' lat and long (their position on the globe). 73% were already in @Have I Been Pwned. More:
New sensitive breach: Spyware service Spyzie had almost 519k email addresses breached this month. The exploited vulnerability also granted access to captured messages, photos, call logs, and more. 48% were already in @Have I Been Pwned. Read more:
TechCrunch
Spyzie stalkerware is spying on thousands of Android and iPhone users | TechCrunch
Another little-known phone monitoring outfit has quietly amassed half a million customers, whose email addresses are now in Have I Been Pwned.
New breach: Orange Romania had hundreds of thousands of email addresses breached and published this week. Data included phone number, subscription details and partial credit cards. 17% were already in @Have I Been Pwned. Read more:
BleepingComputer
Orange Group confirms breach after hacker leaks company documents
A hacker claims to have stolen thousands of internal documents with user records and employee data after breaching the systems of Orange Group, a l...
New stealer logs: 23B rows of "ALIEN TXTBASE" logs with 284M unique email addresses have been added to HIBP. New APIs can now search these by email domain and the domain of the website they were captured on. 69% were already in @Have I Been Pwned. Read more:
Troy Hunt
Processing 23 Billion Rows of ALIEN TXTBASE Stealer Logs
I like to start long blog posts with a tl;dr, so here it is: We've ingested a corpus of 1.5TB worth of stealer logs known as "ALIEN TXTBASE" into ...
New sensitive breach: Spyware service Spyic had almost 876k email addresses breached this month. The exploited vulnerability also granted access to captured messages, photos, call logs, and more. 46% were already in @Have I Been Pwned. Read more:
TechCrunch
Exclusive: Stalkerware apps Cocospy and Spyic are exposing phone data of millions of people
A bug in the Android and iPhone monitoring operations allows anyone to access private data exfiltrated from a victim's device.
New sensitive breach: Spyware service Cocospy had almost 1.8M email addresses breached this month. The exploited vulnerability also granted access to captured messages, photos, call logs, and more. 50% were already in @Have I Been Pwned. Read more:
TechCrunch
Exclusive: Stalkerware apps Cocospy and Spyic are exposing phone data of millions of people
A bug in the Android and iPhone monitoring operations allows anyone to access private data exfiltrated from a victim's device.
New breach: Storenvy was breached in 2019. 1.8M rows with cracked password hashes were posted publicly. The source breach included 23M rows with 11M unique email addresses & salted SHA-1 hashes, among other data. 54% were already in @Have I Been Pwned. More:
E-commerce firm StorEnvy hacked; 1.5m plain-text accounts leaked – Hackread – Cybersecurity News, Data Breaches, AI, and More
New sensitive breach: Yesterday, Doxbin was breached by "TOoDA" and 136k email addresses and associated usernames were publicly leaked. 46% were already in @Have I Been Pwned. Read more:
X (formerly Twitter)
vx-underground (@vxunderground) on X
Moments ago Doxbin was compromised. A group named "Tooda" has taken credit for the compromise. In summary, administrative staff from Doxbin got i...