GoldSilver

Have I Been PwnedConfirmed breachAdded December 27, 2018Occurred October 21, 2018242,715 accountsgoldsilver.comAll GoldSilver breaches →

What was exposed

Bank account numbersEmail addressesIP addressesNamesPartial credit card dataPassport numbersPhone numbersPhysical addressesPurchasesSecurity questions and answersSocial security numbers

What to do if you were affected

Change your password for this account, and anywhere you reused it. Turn on two-factor authentication.
Watch your card and bank statements for unfamiliar charges, and consider requesting a new card number.
Place a fraud alert or credit freeze with the major credit bureaus to block new accounts opened in your name.
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
Watch for text-message phishing and SIM-swap attempts on your phone number.
Be wary of targeted scams that use your personal details to sound convincing.

Details

In October 2018, the bullion education and dealer services site GoldSilver suffered a data breach that exposed 243k unique email addresses spanning customers and mailing list subscribers. An extensive amount of personal information on customers was obtained including names, addresses, phone numbers, purchases and passwords and answers to security questions stored as MD5 hashes. In a small number of cases, passport, social security numbers and partial credit card data was also exposed. The data breach and source code belonging to GoldSilver was publicly posted on a dark web service where it remained months later. When notified about the incident, GoldSilver advised that "all affected customers have been directly notified".

Frequently asked questions

What is the GoldSilver data breach?

When did the data breach happen?

This data breach occurred around October 2018.

How many accounts were affected?

Around 242,715 accounts were affected.

What information was exposed?

Exposed data included Bank account numbers, Email addresses, IP addresses, Names, Partial credit card data, Passport numbers, Phone numbers and Physical addresses.

What should I do if I was affected?

Change your password for this account, and anywhere you reused it. Turn on two-factor authentication. Watch your card and bank statements for unfamiliar charges, and consider requesting a new card number. Place a fraud alert or credit freeze with the major credit bureaus to block new accounts opened in your name. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Watch for text-message phishing and SIM-swap attempts on your phone number. Be wary of targeted scams that use your personal details to sound convincing.

View on source ↗

Related breaches