Gravatar
What was exposed
Email addressesNamesUsernames
What to do if you were affected
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, Gravatar release an FAQ detailing the incident .
Frequently asked questions
What is the Gravatar data breach?
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars...
When did the data breach happen?
This data breach occurred around October 2020.
How many accounts were affected?
Around 113,990,759 accounts were affected.
What information was exposed?
Exposed data included Email addresses, Names and Usernames.
What should I do if I was affected?
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches