Critical Data Breaches

In April 2026, education company McGraw Hill confirmed a data breach following an extortion attempt . Attributed to a Salesforce misconfiguration, the company stated the incident exposed "a limited set of data from a webpage hosted by Salesforce on its platform". More than 100GB of data was later pu...

In April 2026, the music trivia platform SongTrivia2 suffered a data breach that was subsequently published to a public hacking forum . The data contained a total of 291k unique email addresses sourced from either Google OAuth logins or accounts created on the site, the latter also containing bcrypt...

In March 2026, the personal development and achievement media brand SUCCESS suffered a data breach . The incident exposed 250k unique email addresses along with names, IP addresses, phone numbers and, for a limited number of staff members, bcrypt password hashes. The data also included orders contai...

In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed . The incident exposed 340k unique email addresses along with usernames and argon2 password hashes.

In June 2015, custom gaming controller maker Scuf Gaming suffered a data breach . The incident exposed 129k unique email addresses along with usernames, display names, IP addresses and password hashes.

In March 2026, the audio production tools company Sound Radix disclosed a data breach that they subsequently self-submitted to HIBP . The incident impacted 293k unique email addresses and names. Sound Radix advised that it is possible that additional data including hashed passwords may have been exp...

In around 2011, the now defunct RuneScape Boards forum (also known as RSBoards) suffered a data breach that was later redistributed as part of a larger corpus of data . The vBulletin-based service exposed 223k unique email addresses along with usernames, IP addresses and salted MD5 password hashes.

In March 2026, the online safety service Aura disclosed a data breach that exposed 900k unique email addresses . The data was primarily associated with a marketing tool from a previously acquired company, with fewer than 20k active Aura customers affected. Exposed data included names, phone numbers,...

In March 2026, the Turkish restaurant chain Baydöner suffered a data breach which was subsequently published to a public hacking forum . The incident exposed over 1.2M unique email addresses along with names, phone numbers, cities of residence and plaintext passwords. A small number of records also ...

In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses. Passwords were stored as PBKDF2 hashes and for a subset of records, dates of birth and partia...

In February 2026, the automotive marketplace CarGurus was the target of a data breach attributed to the threat actor ShinyHunters . Following an attempted extortion, the data was published publicly and contained more than 12M email addresses across multiple files including user account ID mappings, ...

In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly . The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and partial credit card data, specifically card t...

In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum . The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-submitted the data to HIBP and advised the i...

In January 2026, the automated investment platform Betterment confirmed it had suffered a data breach attributed to a social engineering attack . As part of the incident, Betterment customers received fraudulent crypto-related messages promising high returns if funds were sent to an attacker-control...

In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform . The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data included 30M unique email addresses, names, use...

In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom , alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking forum , including 72M email addresses. M...

In December 2025, data allegedly breached from the Indian streaming music service 'Raaga' was posted for sale to a popular hacking forum . The data contained 10M unique email addresses along with names, genders, ages (in some cases, full date of birth), postcodes and passwords stored as unsalted MD5...

In January 2026, data allegedly scraped via an Instagram API was posted to a popular hacking forum . The dataset contained 17M rows of public Instagram information, including usernames, display names, account IDs, and in some cases, geolocation data. Of these records, 6.2M included an associated ema...

In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies . In the months leading up to the takedown, the site itself suffered a data breach that exposed a total of 672k unique ...

In December 2025, the dating website 'for a Europid vision' WhiteDate suffered a data breach that was subsequently leaked online , initially exposing 6.1k unique email addresses. The leaked data included extensive personal information such as physical appearance, income, education and IQ. A more com...

In August 2012, the forum for making money with botting 'The Botting Network' suffered a data breach that exposed 96k user records . The now defunct vBulletin forum leaked 96k email addresses, usernames, dates of birth and salted MD5 password hashes.

In July 2016, the Web Hosting Talk forum suffered a data breach that was subsequently listed for sale . The breach of the vBulletin based forum exposed 515k user records including usernames, email addresses, IP addresses and salted MD5 password hashes.