Dernières news

• Beckett Collectibles - 541,132 breached accounts

  20/11/25 06:41 | Catégorie : Have I Pwned

  In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement. The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly. The publicly circulating data included more than 500k email addresses reportedly belonging to North American customers, along with a smaller subset containing names, usernames, phone numbers and physical addresses.

• Eurofiber - 10,003 breached accounts

  20/11/25 03:44 | Catégorie : Have I Pwned

  In November 2025, Eurofiber France disclosed a data breach of its ticket management platform. Data containing 10k unique email addresses and a smaller number of names and phone numbers was subsequently leaked. A threat actor claiming responsibility for the breach alleges to have additional, more sensitive data including screenshots, VPN configuration files, credentials, source code, certificates, archives, and SQL backup files.

• Vultr - 187,872 breached accounts

  20/11/25 02:22 | Catégorie : Have I Pwned

  In March 2023, the "AI-first global cloud platform" Vultr disclosed a security incident at a third-party vendor. Dating back to the previous year, the incident was attributed to the ActiveCampaign email marketing service provider and resulted in the exposure of 188k unique email addresses. A small number of records also included name, IP address and country of origin. No Vultr systems or additional customer data were impacted. Vultr subsequently self-submitted the impacted data to HIBP.

• Operation Endgame 3.0 - 2,046,030 breached accounts

  13/11/25 11:23 | Catégorie : Have I Pwned

  Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities took down these three large cybercrime enablers and provided 2 million impacted email addresses and 7.4 million passwords to HIBP.

• TISZA Világ - 198,520 breached accounts

  08/11/25 10:45 | Catégorie : Have I Pwned

  In November 2025, data breached from the Hungarian political party TISZA was extensively redistributed online. Stemming from a compromise of the TISZA Világ service the previous month, the breach exposed 200k records of personal data including email addresses along with names, phone numbers and physical addresses.

• Synthient Credential Stuffing Threat Data - 1,957,476,021 breached accounts

  06/11/25 05:58 | Catégorie : Have I Pwned

  During 2025, the threat-intelligence firm Synthient aggregated 2 billion unique email addresses disclosed in credential-stuffing lists found across multiple malicious internet sources. Comprised of email addresses and passwords from previous data breaches, these lists are used by attackers to compromise other, unrelated accounts of victims who have reused their passwords. The data also included 1.3 billion unique passwords, which are now searchable in Pwned Passwords.

• MyVidster (2025) - 3,864,364 breached accounts

  27/10/25 03:40 | Catégorie : Have I Pwned

  In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum. Separate to the 2015 breach, this incident exposed usernames, email addresses and in a small number of cases, profile photos.

• Synthient Stealer Log Threat Data - 182,962,095 breached accounts

  21/10/25 21:14 | Catégorie : Have I Pwned

  During 2025, Synthient aggregated billions of records of "threat data" from various internet sources. The data contained 183M unique email addresses alongside the websites they were entered into and the passwords used. After normalising and deduplicating the data, 183 million unique email addresses remained, each linked to the website where the credentials were captured, and the password used. This dataset is now searchable in HIBP by email address, password, domain, and the site on which the credentials were entered.

• Prosper - 17,605,276 breached accounts

  16/10/25 02:03 | Catégorie : Have I Pwned

  In September 2025, Prosper announced that it had detected unauthorised access to their systems, which resulted in the exposure of customer and applicant information. The data breach impacted 17.6M unique email addresses, along with other customer information, including US Social Security numbers. Prosper advised that they did not find any evidence of unauthorised access to customer accounts and funds, and that their customer-facing operations were uninterrupted. Further information about the incident is contained in Prosper's FAQs.

• Hello Cake - 22,907 breached accounts

  15/10/25 05:16 | Catégorie : Have I Pwned

  In July 2025, the sexual healthcare product maker Hello Cake suffered a data breach. The data was subsequently posted on a public hacking forum and included 23k unique email addresses along with names, phone numbers, physical addresses, dates of birth and purchases.