Operation Endgame 2.0
What was exposed
Email addressesPasswords
What to do if you were affected
- Change your password for this account, and anywhere you reused it. Turn on two-factor authentication.
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
Details
In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier , with the latest action resulting in 15.3M victim email addresses being provided to HIBP by law enforcement. A further 43.8M victim passwords were also provided for HIBP's Pwned Passwords service .
Frequently asked questions
What is the Operation Endgame 2.0 data breach?
In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier , with the...
When did the data breach happen?
This data breach occurred around May 2025.
How many accounts were affected?
Around 15,436,844 accounts were affected.
What information was exposed?
Exposed data included Email addresses and Passwords.
What should I do if I was affected?
Change your password for this account, and anywhere you reused it. Turn on two-factor authentication. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
Related breaches