New breach: In March, 1.8M records allegedly obtained from the ADDA housing societies service was posted to a public hacking forum. Data included email, name, phone and MD5 password hash. 67% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: ADDA Data Breach
In March 2025, data allegedly breached from the ADDA housing societies service was posted to a public hacking forum. The data contained over 1.8M u...
New breach: The International Kiteboarding Organization had 340k records breached this month. Data included email address, name, username and geolocation. 70% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: International Kiteboarding Organization Data Breach
In November 2025, the International Kiteboarding Organization suffered a data breach that exposed 340k user records. The data was subsequently list...
New breach: Beckett Collectibles experienced a breach and website content defacement this month. A portion of the data leaked publicly, including more than 500k alleged North American email addresses. 84% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: Beckett Collectibles Data Breach
In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement. The stolen data was later advertised fo...
New breach: Eurofiber France had 10k unique email addresses breached last week in an attack on its ticket management platform. Some records also included name and phone number. 33% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: Eurofiber Data Breach
In November 2025, Eurofiber France disclosed a data breach of its ticket management platform. Data containing 10k unique email addresses and a smal...
New breach: Vultr had 188k email addresses breached via a security incident at a third-party in 2022. Some records also contained name, IP and country. 44% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: Vultr Data Breach
In March 2023, the "AI-first global cloud platform" Vultr disclosed a security incident at a third-party vendor. Dating back to the previous year, ...
New breach: The 3rd wave of Operation Endgame targeting infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and botnet Elysium resulted in authorities providing 2M email addresses and 7.4M passwords to HIBP. 34% were already in @Have I Been Pwned. More:
Have I Been Pwned
Have I Been Pwned: Operation Endgame 3.0 Data Breach
Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions target...
New sensitive breach: Hungarian political party TISZA suffered a breach of its TISZA Vilรกg platform last month, exposing 200k records, later published online. Data included email, name, phone & physical address. 41% were already in @Have I Been Pwned. More:
Have I Been Pwned
Have I Been Pwned: TISZA Világ Data Breach
In late October 2025, data breached from the Hungarian political party TISZA was published online before being extensively redistributed. Stemming ...
New credential stuffing data: Synthient aggregated billions of threat data records from social media, forums, Tor and Telegram. Data included 2B unique email addresses and 1.3B unique passwords. 76% of emails were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: Synthient Credential Stuffing Threat Data Breach
During 2025, the threat-intelligence firm Synthient aggregated 2 billion unique email addresses disclosed in credential-stuffing lists found across...
New breach: Last week, MyVidster had almost 4M user records posted to a public hacking forum. Data included email address, username and in some cases, profile photo. 38% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: MyVidster (2025) Data Breach
In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum. Separate to the 2015 breach, this incident exposed use...
New stealer logs: Synthient aggregated billions of threat data records from social media, forums, Tor and Telegram. The stealer log data alone included 183M unique email addresses. 91% were already in @Have I Been Pwned. Read more:
Have I Been Pwned
Have I Been Pwned: Synthient Stealer Log Threat Data Breach
During 2025, Synthient aggregated billions of records of "threat data" from various internet sources. The data contained 183M unique email addresse...