Recent Data Leaks
Live
← Back to timeline

Data breaches in 2014

41 tracked incidents from 2014

Sunday, February 2, 2025
BreachHave I Been PwnedFebruary 2, 2025

9Lives

In October 2014, the (now defunct) Belgian gaming news forum 9Lives suffered a data breach that was later redistributed as part of a larger corpus of data . The breach exposed 109k unique email addresses along with usernames and salted MD5 password hashes.

109,515 accounts affectedOccurred 2014
Tuesday, July 11, 2023
BreachHave I Been PwnedJuly 11, 2023

Vermillion

In August 2014, the Roblox hacking forum Vermillion suffered a data breach that exposed over 8k subscriber records. The breach of the MyBB forum exposed email and IP addresses, usernames, dates of birth and salted password hashes.

8,106 accounts affectedOccurred 2014
Thursday, August 18, 2022
BreachHave I Been PwnedAugust 18, 2022

Banorte

In August 2022, millions of records from Mexican bank "Banorte" were publicly dumped on a popular hacking forum including 2.1M unique email addresses, physical addresses, names, phone numbers, RFC (tax) numbers, genders and bank balances. Banorte have stated...

2,107,000 accounts affectedOccurred 2014
Saturday, January 25, 2020
BreachHave I Been PwnedJanuary 25, 2020

Tout

In approximately September 2014, the now defunct social networking service Tout suffered a data breach. The breach subsequently appeared years later and included 653k unique email addresses, names, IP addresses, the location of the user, their bio and...

652,683 accounts affectedOccurred 2014
Sunday, April 22, 2018
BreachHave I Been PwnedApril 22, 2018

ILikeCheats

In October 2014, the game cheats website known as ILikeCheats suffered a data breach that exposed 189k accounts. The vBulletin based forum leaked usernames, IP and email addresses and weak MD5 hashes of passwords. The data was provided with support from...

188,847 accounts affectedOccurred 2014
Sunday, April 1, 2018
BreachHave I Been PwnedApril 1, 2018

HiAPK

In approximately 2014, it's alleged that the Chinese Android store known as HIAPK suffered a data breach that impacted 13.8 million unique subscribers. Whilst there is evidence that the data is legitimate, due to the difficulty of emphatically verifying the...

13,873,674 accounts affectedOccurred 2014
Wednesday, November 15, 2017
BreachHave I Been PwnedNovember 15, 2017

PoliceOne

In February 2017, the law enforcement website PoliceOne confirmed they'd suffered a data breach . The breach contained over 700k accounts which appeared for sale by a data broker and included email and IP addresses, usernames and salted MD5 password hashes....

709,926 accounts affectedOccurred 2014
Thursday, November 9, 2017
BreachHave I Been PwnedNovember 9, 2017

Coupon Mom / Armor Games

In 2014, a file allegedly containing data hacked from Coupon Mom was created and included 11 million email addresses and plain text passwords. On further investigation, the file was also found to contain data indicating it had been sourced from Armor Games ....

11,010,525 accounts affectedOccurred 2014
BreachHave I Been PwnedNovember 9, 2017

CafeMom

In 2014, the social network for mothers CafeMom suffered a data breach. The data surfaced alongside a number of other historical breaches including Kickstarter, Bitly and Disqus and contained 2.6 million email addresses and plain text passwords.

2,628,148 accounts affectedOccurred 2014
Friday, October 13, 2017
BreachHave I Been PwnedOctober 13, 2017

diet.com

In August 2014, the diet and nutrition website diet.com suffered a data breach resulting in the exposure of 1.4 million unique user records dating back as far as 2004. The data contained email and IP addresses, usernames, plain text passwords and dietary...

1,383,759 accounts affectedOccurred 2014
Friday, October 6, 2017
BreachHave I Been PwnedOctober 6, 2017

Kickstarter

In February 2014, the crowdfunding platform Kickstarter announced they'd suffered a data breach . The breach contained almost 5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.

5,176,463 accounts affectedOccurred 2014
BreachHave I Been PwnedOctober 6, 2017

Bitly

In May 2014, the link management company Bitly announced they'd suffered a data breach . The breach contained over 9.3 million unique email addresses, usernames and hashed passwords, most using SHA1 with a small number using bcrypt.

9,313,136 accounts affectedOccurred 2014
Thursday, October 5, 2017
BreachHave I Been PwnedOctober 5, 2017

ReverbNation

In January 2014, the online service for assisting musicians to build their careers ReverbNation suffered a data breach which wasn't identified until September the following year . The breach contained over 7 million accounts with unique email addresses and...

7,040,725 accounts affectedOccurred 2014
Friday, August 18, 2017
BreachHave I Been PwnedAugust 18, 2017

Bin Weevils

In September 2014, the online game Bin Weevils suffered a data breach . Whilst originally stating that only usernames and passwords had been exposed, a subsequent story on DataBreaches.net indicated that a more extensive set of personal attributes were...

1,287,073 accounts affectedOccurred 2014
Saturday, July 1, 2017
BreachHave I Been PwnedJuly 1, 2017

Powerbot

In approximately September 2014, the RuneScape bot website Powerbot suffered a data breach resulting in the exposure of over half a million unique user records. The data contained email and IP addresses, usernames and salted MD5 hashes of passwords. The site...

503,501 accounts affectedOccurred 2014
Sunday, March 12, 2017
BreachHave I Been PwnedMarch 12, 2017

BTC-E

In October 2014, the Bitcoin exchange BTC-E was hacked and 568k accounts were exposed. The data included email and IP addresses, wallet balances and hashed passwords.

568,340 accounts affectedOccurred 2014
Tuesday, December 27, 2016
BreachHave I Been PwnedDecember 27, 2016

Bot of Legends

In November 2014, the forum for Bot of Legends suffered a data breach. The IP.Board forum contained 238k accounts including usernames, email and IP addresses and passwords stored as salted MD5 hashes.

238,373 accounts affectedOccurred 2014
Tuesday, November 1, 2016
BreachHave I Been PwnedNovember 1, 2016

Rambler

In late 2016, a data dump of almost 100M accounts from Rambler, sometimes referred to as "The Russian Yahoo", was discovered being traded online . The data set provided to Have I Been Pwned included 91M unique usernames (which also form part of Rambler email...

91,436,280 accounts affectedOccurred 2014
Thursday, July 21, 2016
BreachHave I Been PwnedJuly 21, 2016

Warframe

In November 2014, the online game Warframe was hacked and 819k unique email addresses were exposed. Allegedly due to a SQL injection flaw in Drupal, the attack exposed usernames, email addresses and data in a "pass" column which adheres to the salted SHA12...

819,478 accounts affectedOccurred 2014
Saturday, March 12, 2016
BreachHave I Been PwnedMarch 12, 2016

Avast

In May 2014, the Avast anti-virus forum was hacked and 423k member records were exposed. The Simple Machines Based forum included usernames, emails and password hashes.

422,959 accounts affectedOccurred 2014
Wednesday, March 9, 2016
BreachHave I Been PwnedMarch 9, 2016

Team SoloMid

In December 2014, the electronic sports organisation known as Team SoloMid was hacked and 442k members accounts were leaked. The accounts included email and IP addresses, usernames and salted hashes of passwords.

442,166 accounts affectedOccurred 2014
BreachHave I Been PwnedMarch 9, 2016

Malwarebytes

In November 2014, the Malwarebytes forum was hacked and 111k member records were exposed. The IP.Board forum included email and IP addresses, birth dates and passwords stored as salted hashes using a weak implementation enabling many to be rapidly cracked.

111,623 accounts affectedOccurred 2014
BreachHave I Been PwnedMarch 9, 2016

Sumo Torrent

In June 2014, the torrent site Sumo Torrent was hacked and 285k member records were exposed. The data included IP addresses, email addresses and passwords stored as weak MD5 hashes.

285,191 accounts affectedOccurred 2014
Sunday, March 6, 2016
BreachHave I Been PwnedMarch 6, 2016

Acne.org

In November 2014, the acne website acne.org suffered a data breach that exposed over 430k forum members' accounts. The data was being actively traded on underground forums and included email addresses, birth dates and passwords.

432,943 accounts affectedOccurred 2014
Tuesday, November 3, 2015
BreachHave I Been PwnedNovember 3, 2015

Black Hat World

In June 2014, the search engine optimisation forum Black Hat World had three quarters of a million accounts breached from their system. The breach included various personally identifiable attributes which were publicly released in a MySQL database script.

777,387 accounts affectedOccurred 2014
Friday, June 5, 2015
BreachHave I Been PwnedJune 5, 2015

NextGenUpdate

Early in 2014, the video game website NextGenUpdate reportedly suffered a data breach that disclosed almost 1.2 million accounts. Amongst the data breach was usernames, email addresses, IP addresses and salted and hashed passwords.

1,194,597 accounts affectedOccurred 2014
Saturday, April 4, 2015
BreachHave I Been PwnedApril 4, 2015

Quantum Booter

In March 2014, the booter service Quantum Booter (also referred to as Quantum Stresser) suffered a breach which lead to the disclosure of their internal database. The leaked data included private discussions relating to malicious activity Quantum Booter users...

48,592 accounts affectedOccurred 2014
Saturday, March 28, 2015
BreachHave I Been PwnedMarch 28, 2015

ThisHabbo Forum

In 2014, the ThisHabbo forum (a fan site for Habbo.com, a Finnish social networking site) appeared among a list of compromised sites which has subsequently been removed from the internet. Whilst the actual date of the exploit is not clear, the breached data...

612,414 accounts affectedOccurred 2014
Sunday, January 4, 2015
BreachHave I Been PwnedJanuary 4, 2015

Domino's

In June 2014, Domino's Pizza in France and Belgium was hacked by a group going by the name "Rex Mundi" and their customer data held to ransom. Domino's refused to pay the ransom and six months later, the attackers released the data along with troves of other...

648,231 accounts affectedOccurred 2014
Friday, September 12, 2014
BreachHave I Been PwnedSeptember 12, 2014

Yandex Dump

In September 2014, news broke of a massive leak of accounts from Yandex , the Russian search engine giants who also provides email services. The purported million "breached" accounts were disclosed at the same time as nearly 5M mail.ru accounts with both...

1,186,564 accounts affectedOccurred 2014
BreachHave I Been PwnedSeptember 12, 2014

mail.ru Dump

In September 2014, several large dumps of user accounts appeared on the Russian Bitcoin Security Forum including one with nearly 5M email addresses and passwords, predominantly on the mail.ru domain. Whilst unlikely to be the result of a direct attack against...

16,630,988 accounts affectedOccurred 2014
Wednesday, September 10, 2014
BreachHave I Been PwnedSeptember 10, 2014

Bitcoin Security Forum Gmail Dump

In September 2014, a large dump of nearly 5M usernames and passwords was posted to a Russian Bitcoin forum . Whilst commonly reported as 5M "Gmail passwords", the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear,...

4,789,599 accounts affectedOccurred 2014
Sunday, August 10, 2014
BreachHave I Been PwnedAugust 10, 2014

Pokémon Creed

In August 2014, the Pokémon RPG website Pokémon Creed was hacked after a dispute with rival site, Pokémon Dusk . In a post on Facebook , "Cruz Dusk" announced the hack then pasted the dumped MySQL database on pkmndusk.in . The breached data included over 116k...

116,465 accounts affectedOccurred 2014
Tuesday, July 22, 2014
BreachHave I Been PwnedJuly 22, 2014

Insanelyi

In July 2014, the iOS forum Insanelyi was hacked by an attacker known as Kim Jong-Cracks . A popular source of information for users of jailbroken iOS devices running Cydia, the Insanelyi breach disclosed over 104k users' emails addresses, user names and...

104,097 accounts affectedOccurred 2014
Sunday, July 6, 2014
BreachHave I Been PwnedJuly 6, 2014

Verified

In January 2014, one of the largest communities of Eastern Europe cybercriminals known as "Verified" was hacked . The breach exposed nearly 17k users of the vBulletin forum including their personal messages and other potentially personally identifiable...

16,919 accounts affectedOccurred 2014
Tuesday, June 10, 2014
BreachHave I Been PwnedJune 10, 2014

Manga Traders

In June 2014, the Manga trading website Mangatraders.com had the usernames and passwords of over 900k users leaked on the internet (approximately 855k of the emails were unique). The passwords were weakly hashed with a single iteration of MD5 leaving them...

855,249 accounts affectedOccurred 2014
Sunday, June 1, 2014
BreachHave I Been PwnedJune 1, 2014

Cannabis.com

In February 2014, the vBulletin forum for the Marijuana site cannabis.com was breached and leaked publicly . Whilst there has been no public attribution of the breach, the leaked data included over 227k accounts and nearly 10k private messages between users...

227,746 accounts affectedOccurred 2014
Sunday, May 11, 2014
BreachHave I Been PwnedMay 11, 2014

Business Acumen Magazine

In April 2014, the Australian "Business Acumen Magazine" website was hacked by an attacker known as 1337MiR . The breach resulted in over 26,000 accounts being exposed including usernames, email addresses and password stored with a weak cryptographic hashing...

26,596 accounts affectedOccurred 2014
Tuesday, May 6, 2014
BreachHave I Been PwnedMay 6, 2014

Fridae

In May 2014, over 25,000 user accounts were breached from the Asian lesbian, gay, bisexual and transgender website known as "Fridae". The attack which was announced on Twitter appears to have been orchestrated by Deletesec who claim that "Digital weapons...

35,368 accounts affectedOccurred 2014
Tuesday, April 8, 2014
BreachHave I Been PwnedApril 8, 2014

BigMoneyJobs

In April 2014, the job site bigmoneyjobs.com was hacked by an attacker known as "ProbablyOnion" . The attack resulted in the exposure of over 36,000 user accounts including email addresses, usernames and passwords which were stored in plain text. The attack...

36,789 accounts affectedOccurred 2014
Sunday, March 30, 2014
BreachHave I Been PwnedMarch 30, 2014

Boxee

In March 2014, the home theatre PC software maker Boxee had their forums compromised in an attack. The attackers obtained the entire vBulletin MySQL database and promptly posted it for download on the Boxee forum itself. The data included 160k users, password...

158,093 accounts affectedOccurred 2014