Dernières news

• Robinsons Malls - 195,597 breached accounts

  25/06/25 14:22 | Catégorie : Have I Pwned

  In June 2024, the Philippines' largest shopping-mall operators Robinsons Malls suffered a data breach stemming from their mobile app. The incident exposed 195k unique email addresses along with names, phone numbers, dates of birth, genders and the user's city and province.

• Have Fun Teaching - 27,126 breached accounts

  25/06/25 06:54 | Catégorie : Have I Pwned

  In August 2021, the teaching resources website Have Fun Teaching suffered a data breach that leaked 80k WooCommerce transactions which were later posted to a popular hacking forum. The data contained 27k unique email addresses along with physical and IP addresses, names, payment methods and the item purchased. Have Fun Teaching is aware of the incident.

• Ualabee - 472,296 breached accounts

  13/06/25 06:24 | Catégorie : Have I Pwned

  In May 2025, the South American mobility services platform Ualabee had hundreds of thousands of records scraped from an interface on their platform. The data included 472k unique email addresses along with names, profile photos, dates of birth and phone numbers.

• WiredBucks - 918,529 breached accounts

  10/06/25 07:56 | Catégorie : Have I Pwned

  In May 2022, the now defunct social media influencer platform WiredBucks suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed over 900k email and IP addresses alongside names, usernames, earnings via the platform, physical addresses and passwords stored as plain text.

• Disk Union - 690,667 breached accounts

  07/06/25 07:08 | Catégorie : Have I Pwned

  In June 2022, the Japanese record chain store Disk Union suffered a data breach. The incident exposed 690k unique email addresses along with names, post codes, phone numbers and plain text passwords.

• ColoCrossing - 7,183 breached accounts

  03/06/25 05:09 | Catégorie : Have I Pwned

  In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were exposed in the incident along with names and MD5-Crypt password hashes.

• Free - 13,926,173 breached accounts

  27/05/25 07:03 | Catégorie : Have I Pwned

  In October 2024, French ISP "Free" suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical addresses, phone numbers, genders, dates of birth and for many records, IBAN bank account numbers. Free advised that the numbers were "not enough to make a direct debit from a bank".

• Operation Endgame 2.0 - 15,436,844 breached accounts

  23/05/25 20:47 | Catégorie : Have I Pwned

  In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier, with the latest action resulting in 15.3M victim email addresses being provided to HIBP by law enforcement. A further 43.8M victim passwords were also provided for HIBP's Pwned Passwords service.

• Fédération Francaise de Rugby - 281,977 breached accounts

  22/05/25 22:28 | Catégorie : Have I Pwned

  In June 2023, the Fédération Francaise de Rugby (French Rugby Federation) suffered a data breach and attempted ransom. The breach exposed 282k unique email addresses along with names, dates of birth and phone numbers. The Federation subsequently published a disclosure notice and stated that the attack primarily affected email servers.

• OnRPG - 1,047,640 breached accounts

  08/05/25 06:29 | Catégorie : Have I Pwned

  In July 2016, the now defunct free online games list website OnRPG suffered a data breach that was later redistributed as part of a larger corpus of data. The incident exposed just over 1M email and IP addresses alongside usernames and passwords stored as salted MD5 hashes.