Data breaches in 2020
98 tracked incidents from 2020

Famm
In late 2020, the Japanese family photos website Famm suffered a data breach that subsequently exposed 1.3M customer records , including 535k unique email addresses. Impacted data also included names, dates of birth, genders and passwords stored as SHA-256...

Eskimi
In late 2020, the AdTech platform Eskimi suffered a data breach that exposed 26M records with 1.2M unique email addresses . The data included usernames, dates of birth, genders and passwords stored as unsalted MD5 hashes.

Teespring
In April 2020, the custom printed apparel website Teespring suffered a data breach that exposed 8.2 million customer records . The data included email addresses, names, geographic locations and social media IDs.

yotepresto.com
In June 2020, the Mexican lending platform yotepresto.com suffered a data breach . Over 1.4 million customers were impacted by the breach which disclosed email and IP addresses, usernames and passwords stored as bcrypt hashes. The data was provided to HIBP by...

Filmai.in
In approximately 2019 or 2020, the Lithuanian movie streaming service Filmai.in suffered a data breach exposing 645k email addresses, usernames and plain text passwords.

People's Energy
In December 2020, the UK power company People's Energy suffered a data breach . The breach exposed almost 7GB of files containing 359k unique email addresses along with names, phones numbers, physical addresses and dates of birth. The incident also included...

NetGalley
In December 2020, the book promotion site NetGalley suffered a data breach . The incident exposed 1.4 million unique email addresses alongside names, usernames, physical and IP addresses, phone numbers, dates of birth and passwords stored as salted SHA-1...

MeetMindful
In early 2020, the online dating service MeetMindful suffered a data breach that exposed 1.4 million unique customer email addresses. Included in the data was an extensive array of personal information used to find romantic matches including physical...

Bonobos
In August 2020, the clothing store Bonobos suffered a data breach that exposed almost 70GB of data containing 2.8 million unique email addresses. The breach also exposed names, physical and IP addresses, phone numbers, order histories and passwords stored as...

Mashable
In approximately mid-2020, Mashable suffered a data breach that subsequently turned up publicly in November 2020. The data included 1.4 million unique email addresses along with names, genders, expired auth tokens, physical locations, links to social media...

Lazada RedMart
In October 2020, news broke of Lazada RedMart data breach containing records as recent as July 2020 and being sold via an online marketplace. In all, the data contained 1.1 million customer email addresses alongside names, phone numbers, physical addresses,...

Unico Campania
In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively circulated . The breach contained 166k user records with email addresses and plain text passwords.

Utah Gun Exchange
In July 2020, the Utah Gun Exchange website suffered a data breach which included several other associated websites. In total, 235k unique email addresses were exposed before being traded online alongside names, usernames, genders, IP addresses and password...

TrueFire
In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The...

집꾸미기
In March 2020, the Korean interior decoration website ???? (Decorating the House) suffered a data breach which impacted almost 1.3 million members. Served via the URL ggumim.co.kr , the exposed data included email addresses, names, usernames and phone...

Vakinha
In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of...

Havenly
In June 2020, the interior design website Havenly suffered a data breach which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all...

Appen
In June 2020, the AI training data company Appen suffered a data breach exposing the details of almost 5.9 million users which were subsequently sold online. Included in the breach were names, email addresses and passwords stored as bcrypt hashes. Some...

Scentbird
In June 2020, the online fragrance service Scentbird suffered a data breach that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of birth, passwords stored as bcrypt hashes...

Chatbooks
In March 2020, the photo print service Chatbooks suffered a data breach which was subsequently put up for sale on a dark web marketplace. The breach contained 15 million user records with 2.5 million unique email addresses alongside names, phone numbers,...

Dunzo
In approximately June 2019, the Indian delivery service Dunzo suffered a data breach . Exposing 3.5 million unique email addresses, the Dunzo breach also included names, phone numbers and IP addresses which were all broadly distributed online via a hacking...






































































