New breach: Samsung Germany had 216k unique email addresses exposed due to a compromise of their logistics provider, Spectos. Data included name, physical address, purchases and shipping tracking numbers. 49% were already in @Have I Been Pwned. Read more:

InfoStealers

Samsung Tickets Data Leak: Infostealers Strike Again in Massive Free Dump

Another colossal breach fueled by infostealer malware, and this time, it’s Samsung in the crosshairs.

New breach: Indonesian restaurant website Qraved had almost 1M email addresses breached in 2021. Data also included name, phone, DoB and MD5 password hash. 83% were already in @Have I Been Pwned. Read more: https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/

New breach: French electronics retailer Boulanger had 967k email addresses breached in September. Data also included name, physical address, phone number and lat and long. 65% were already in @Have I Been Pwned. Read more:

Popular French retailers confirm hackers stole customer data

Targets of the cyberattacks include electronics and home appliances store Boulanger and the retailer Cultura.

New breach: German Doner Kebab had 162k unique email addresses publicly posted to a hacking forum last week. Data also included name, phone and physical addrress. 74% were already in @Have I Been Pwned. Read more:

X (formerly Twitter)

Dark Web Informer (@DarkWebInformer) on X

🚨Alleged database leak of German Doner Kebab (GDK) Data reportedly includes: Customer names, dates of birth, email addresses, mobile phone numb...

New breach: Troy Hunt's Mailchimp account was successfully phished and a subscriber list for his personal blog was exported. Data included 16k email and IP addresses, plus derived lat long and time zone. 75% were already in @Have I Been Pwned. Read more:

Troy Hunt

A Sneaky Phish Just Grabbed my Mailchimp Mailing List

You know when you're really jet lagged and really tired and the cogs in your head are just moving that little bit too slow? That's me right now, an...

New sensitive breach: Spyware maker SpyX had almost 2M email addresses breached in June. The data also included IP address, country and what appears to be plain text iCloud credentials. 40% were already in @Have I Been Pwned. Read more:

TechCrunch

Exclusive: Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users

Another consumer-grade spyware operation was hacked in June 2024, which exposed thousands of Apple Account credentials.

New sensitive breach: Lexipol had 672k email addresses breached last month by self-proclaimed "Puppygirl Hacker Polycule". Data included name, phone and MD5 or SHA-256 password hashes. 23% were already in @Have I Been Pwned. Read more:

Them

“Puppygirl Hacker Polycule” Leaks Over 8,500 Privatized Police Files and Training Manuals

"We took matters into our own paws.”

New sensitive breach: Color Dating had 220k unique email addresses breached in 2018. Data also included name, bio, photo and bcrypt password hash. 59% were already in @Have I Been Pwned. Read more: https://cybernews.com/security/billions-passwords-credentials-leaked-mother-of-all-breaches/

New breach: The flat earth sun, moon & zodiac app by "Flat Earth Dave" had 33k unique email addresses breached in Oct. Data included plain text passwords and users' lat and long (their position on the globe). 73% were already in @Have I Been Pwned. More:

New sensitive breach: Spyware service Spyzie had almost 519k email addresses breached this month. The exploited vulnerability also granted access to captured messages, photos, call logs, and more. 48% were already in @Have I Been Pwned. Read more:

TechCrunch

Spyzie stalkerware is spying on thousands of Android and iPhone users | TechCrunch

Another little-known phone monitoring outfit has quietly amassed half a million customers, whose email addresses are now in Have I Been Pwned.