JBS LeakDB Threat Engine updates and info
October 9th, 2019
This update brings 13 new databases adding 144,959,638 new lines!
Leak: 52pk.com
Info: In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as 52pk. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains usernames, email addresses and cleartext passwords
Line Count: 18,854,383
Contents: Email address, Password, Username
Leak: Chegg.com
Info: In April 2018, the textbook rental service Chegg suffered a data breach that impacted 40 million subscribers. The exposed data included email addresses, usernames, names and passwords stored as unsalted MD5 hashes.
Line Count: 29,294,479
Contents: Email address, Password, Username, Names
Leak: Baihe.com
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 10,708,489
Contents: Email address, Password, Username, Names
Leak: Desura.com
Info: In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as Desura. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and cleartext passwords
Line Count: 1,146,788
Contents: Email addresses, Passwords
Leak: Gigasize.com
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 1,900,667
Contents: Email addresses, Passwords
Leak: Hacker.co.kr
Info: In early 2010, the popular computer hardware market Hacker.co.kr was breached. Its not known who was the responsible party that leaked the stolen database. Due to its age and the fact that the site no longer exists, its not possible to verify the data.
Line Count: 1,396,794
Contents: Email addresses, Passwords
Leak: Hautelook.com
Info: In mid-2018, the fashion shopping site HauteLook was among a raft of sites that were breached and their data then sold in early-2019. The data included over 28 million unique email addresses alongside names, genders, dates of birth and passwords stored as bcrypt hashes.
Line Count: 15,458,406
Contents: Email addresses, Passwords
Leak: LuminPDF.com
Info: In April 2019, the PDF management service Lumin PDF suffered a data breach. The breach wasn't publicly disclosed until September when 15.5M records of user data appeared for download on a popular hacking forum. The data had been left publicly exposed in a MongoDB instance after which Lumin PDF was allegedly been "contacted multiple times, but ignored all the queries". The exposed data included names, email addresses, genders, spoken language and either a bcrypt password hash or Google auth token.
Line Count: 7,775,056
Contents: Email addresses, Genders, Spoken language, Bcrypt password or Google auth token
Leak: Mop.com
Info: In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as Mop. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and cleartext passwords
Line Count: 2,639,658
Contents: Email addresses, Passwords
Leak: Pconline.com.cn
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 5,386,040
Contents: Email address, Password, Username
Leak: Readnovel.com
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 17,915,838
Contents: Email address, Password, Username
Leak: Shein.com
Info: In June 2018, online fashion retailer SHEIN suffered a data breach. The company discovered the breach 2 months later in August then disclosed the incident another month after that. A total of 39 million unique email addresses were found in the breach alongside MD5 password hashes.
Line Count: 29,240,078
Contents: Email addresses, Passwords
Leak: Weibo.com
Info: In late 2011, a series of data breaches in China affected up to 100 million users, including the social site known as Weibo. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the Chinese breach it has been flagged as "unverified". The data in the breach contains email addresses and cleartext passwords
Line Count: 4,506,267
Contents: Email addresses, Passwords
JBS LeakDB Threat Engine updates and info
September 3rd, 2019
Took some time off working on LeakDB to focus on a couple of bigger projects. Recently had the time to start importing again.
This update brings 8 new databases adding 213,808,253 new lines!
Leak: BlankMediaGames.com
Info: In December 2018, the Town of Salem website produced by BlankMediaGames suffered a data breach. The data contained 7.6M unique user email addresses alongside usernames, IP addresses, purchase histories and passwords stored as phpass hashes.
Line Count: 7,775,056
Contents: Browser user agent details, Email addresses, IP addresses, Passwords, Purchases, Usernames, Website activity
Leak: MyFitnessPal.com
Info: In February 2018, the diet and exercise service MyFitnessPal suffered a data breach. The incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords stored as SHA-1 and bcrypt hashes (the former for earlier accounts, the latter for newer accounts). In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
Line Count: 143,477,600
Contents: Email addresses, IP addresses, Passwords, Usernames
Leak: Animoto.com
Info: In July 2018, the cloud-based video making service Animoto suffered a data breach. The breach exposed 22 million unique email addresses alongside names, dates of birth, country of origin and salted password hashes.
Line Count: 25,402,107
Contents: Dates of birth, Email addresses, Geographic locations, Names, Passwords
Leak: ArmorGames.com
Info: In January 2019, the game portal website website Armor Games suffered a data breach. A total of 10.6 million email addresses were impacted by the breach which also exposed usernames, IP addresses, birthdays of administrator accounts and passwords stored as salted SHA-1 hashes.
Line Count: 10,778,637
Contents: Bios, Dates of birth, Email addresses, Genders, Geographic locations, IP addresses, Passwords, Usernames
Leak: Dubsmash.com
Info: In December 2018, the video messaging service Dubsmash suffered a data breach. The incident exposed 162 million unique email addresses alongside usernames and PBKDF2 password hashes. In 2019, the data appeared listed for sale on a dark web marketplace (along with several other large breaches) and subsequently began circulating more broadly.
Line Count: 16,603,001
Contents: Email addresses, Geographic locations, Names, Passwords, Phone numbers, Spoken languages, Usernames
Leak: ClassicKorea.co.kr
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 473,947
Contents: Email addresses, Passwords, Usernames
Leak: StockX.com
Info: In July 2019, the fashion and sneaker trading platform StockX suffered a data breach which was subsequently sold via a dark webmarketplace. The exposed data included 6.8 million unique email addresses, names, physical addresses, purchases and passwords stored as salted MD5 hashes.
Line Count: 6,846,488
Contents: Email addresses, Names, Passwords, Physical addresses, Purchases, Usernames
Leak: Morele.net
Info: In October 2018, the Polish e-commerce website Morele.net suffered a data breach. The incident exposed almost 2.5 million unique email addresses alongside phone numbers, names and passwords stored as md5crypt hashes.
Line Count: 2,471,417
Contents: Email addresses, Names, Passwords, Phone numbers
JBS LeakDB Threat Engine updates and info
October 12th, 2018
This BIG update brings 14 additional databases to LeakDB.
Leak: 2Games.com
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 3,427,042
Contents: Email addresses, Passwords
Leak: Cheat-master.net
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 2,027,255
Contents: Email addresses, Passwords
Leak: Daniweb.com
Info: 1,131,057
Line Count: In late 2015, the technology and social site DaniWeb suffered a data breach. The attack resulted in the disclosure of 1.1 million accounts including email and IP addresses which were also accompanied by salted MD5 hashes of passwords. However, DaniWeb have advised that "the breached password hashes and salts are incorrect" and that they have since switched to new infrastructure and software.
Contents: Email addresses, IP Addresses, Passwords
Leak: Disqus.com
Info: In October 2017, the blog commenting service Disqus announced they'd suffered a data breach. The breach dated back to July 2012 but wasn't identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.
Line Count: 19,052,293
Contents: Email addresses, Passwords, Usernames
Leak: Fashionfantasygame.com
Info: In late 2016, the fashion gaming website Fashion Fantasy Game suffered a data breach. The incident exposed 2.3 million unique user accounts and corresponding MD5 password hashes with no salt.
Line Count: 2,498,594
Contents: Email addresses, Passwords
Leak: GamerzPlanet.net
Info: In approximately October 2015, the online gaming forum known as Gamerzplanet was hacked and more than 1.2M accounts were exposed. The vBulletin forum included IP addresses and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.
Line Count: 1,215,115
Contents: Email addresses, IP addresses, Passwords, Usernames
Leak: Gamevn.com
Info: This database leak was found being spread on a clearnet 'Hacker’s Forum'. Very little is known about this hack and as such is considered unverified. More information will be added about this leak as it comes available.
Line Count: 1,373,171
Contents: Email addresses, Passwords
Leak: Gamigo.com
Info: In March 2012, the German online game publisher Gamigo was hacked and more than 8 million accounts publicly leaked. The breach included email addresses and passwords stored as weak MD5 hashes with no salt.
Line Count: 8,237,856
Contents: Email addresses, Passwords
Leak: i-Dressup.com
Info: In June 2016, the teen social site known as i-Dressup was hacked and over 2 million user accounts were exposed. At the time the hack was reported, the i-Dressup operators were not contactable and the underlying SQL injection flaw remained open, allegedly exposing a total of 5.5 million accounts. The breach included email addresses and passwords stored in plain text.
Line Count: 2,205,864
Contents: Email addresses, Passwords
Leak: Japan Combo (Compilation)
Info: In 2018, a credential stuffing list containing credentials specifically from Japanese leaks, was discovered. The list contained email addresses and passwords collated from different Japanese data breaches and used to mount account takeover attacks against other services.
Line Count: 14,797,261
Contents: Email addresses, Passwords
Leak: Lotro.com (Lord of The Rings Online)
Info: In August 2013, the interactive video game Lord of the Rings Online suffered a data breach that exposed over 1.1M players' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.
Line Count: 1,353,686
Contents: Dates of birth, Email addresses, IP addresses, Passwords, Usernames, Website activity
Leak: Nexusmods.com
Info: In December 2015, the game modding site Nexus Mods released a statement notifying users that they had been hacked. They subsequently dated the hack as having occurred in July 2013 although there is evidence to suggest the data was being traded months in advance of that. The breach contained usernames, email addresses and passwords stored as a salted hashes.
Line Count: 5,920,210
Contents: Email addresses, Passwords, Usernames
Leak: Pemiblanc (Compilation)
Info: In April 2018, a credential stuffing list containing 111 million email addresses and passwords known as Pemiblanc was discovered on a French server. The list contained email addresses and passwords collated from different data breaches and used to mount account takeover attacks against other services.
Line Count: 482,357,522
Contents: Email addresses, Passwords
Leak: Taringa.net
Info: In September 2017, news broke that Taringa had suffered a data breach exposing 28 million records. Known as "The Latin American Reddit", Taringa's breach disclosure notice indicated the incident dated back to August that year. The exposed data included usernames, email addresses and weak MD5 hashes of passwords.
Line Count: 28,226,325
Contents: Email addresses, Passwords
With these additions, we add 573,823,251 new lines to give us a total of 5,508,014,861 lines in 138 databases.
JBS LeakDB Threat Engine updates and info
July 26th, 2018
This update brings 2 additional databases to LeakDB.
Leak: Ddo.com (Dungeons & Dragons Online)
Info: In April 2013, the interactive video game Dungeons & Dragons Online suffered a data breach that exposed almost 1.6M players' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and password hashes.
Line Count: 1,645,225
Contents: Dates of birth, Email addresses, IP addresses, Passwords, Usernames, Website activity
Leak: Cfire.mail.ru (CrossFire)
Info: In August 2016, the Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.
Line Count: 12,884,304
Contents: Email addresses, Passwords, Usernames
With these additions, we add 14,529,529 new lines to give us a total of 4,934,191,610 lines in 123 databases.
JBS's new website is live!
July 14th, 2018
After more time than really necessary, JBS's main website has finally been updated to a newer and more modern format. Take a look around and let us know what you think!
JBS LeakDB Threat Engine updates and info
July 14th, 2018
With the release of our new site, we have added a couple of new databases to LeakDB.
Leak: CouponMom.com
Info: In 2014, a file allegedly containing data hacked from Coupon Mom was created and included 11 million email addresses and plain text passwords.
Line Count: 11,032,693
Contents: Email addresses, Passwords
Leak: Gfan.com
Info: In October 2016, data surfaced that was allegedly obtained from the Chinese website known as GFAN and contained 22.5M accounts.
Line Count: 22,708,319
Contents: Email addresses, IP addresses, Passwords, Usernames
Leak: Kickstarter
Info: In February 2014, the crowd-funding platform Kickstarter announced they'd suffered a data breach. The breach contained almost 5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.
Line Count: 5,175,133
Contents: Email addresses, Passwords
With these additions, we add 38,916,245 new lines to give us a total of 4,919,662,081 lines in 121 databases.
