Recent Data Leaks
Live
← Back to timeline

Data breaches in 2025

60 tracked incidents from 2025

Thursday, May 21, 2026
BreachHave I Been PwnedMay 21, 2026

Dragonica Lunaris

In December 2025, the European Dragonica private server Dragonica Lunaris suffered a data breach. The incident exposed 126k email addresses, usernames, dates of birth and bcrypt password hashes. The service operator confirmed the breach and advised it has...

126,293 accounts affectedOccurred 2025
Tuesday, March 31, 2026
BreachHave I Been PwnedMarch 31, 2026

Cuties AI

In March 2026, the NSFW AI companion platform Cuties AI suffered a data breach that was subsequently published to a public hacking forum . The incident exposed 144k unique email addresses along with display names, avatars, prompts and descriptions used to...

144,250 accounts affectedOccurred 2025
Wednesday, February 25, 2026
BreachHave I Been PwnedFebruary 25, 2026

Canadian Tire

In October 2025, retailer Canadian Tire was the victim of a data breach that exposed almost 42M records. The data contained 38M unique email addresses along with names, phone numbers and physical addresses. Passwords were stored as PBKDF2 hashes and for a...

38,306,562 accounts affectedOccurred 2025
Tuesday, February 17, 2026
BreachHave I Been PwnedFebruary 17, 2026

Canada Goose

In February 2026, a data breach allegedly containing data relating to Canada Goose customers was published publicly . The data contained 920k records with 582k unique email addresses and included names, phone numbers, IP addresses, physical addresses and...

581,877 accounts affectedOccurred 2025
Monday, February 16, 2026
BreachHave I Been PwnedFebruary 16, 2026

University of Pennsylvania

In October 2025, the University of Pennsylvania was the victim of a data breach followed by a ransom demand , largely affecting its donor database. After the incident, the attackers sent inflammatory emails to some victims. The data was later published online...

623,750 accounts affectedOccurred 2025
BreachHave I Been PwnedFebruary 16, 2026

APOIA.se

In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum . In January 2026, the company confirmed it had suffered a data breach. The incident exposed 451k unique email addresses along with names and physical...

450,764 accounts affectedOccurred 2025
Friday, February 6, 2026
BreachHave I Been PwnedFebruary 6, 2026

Substack

In October 2025, the publishing platform Substack suffered a data breach that was subsequently circulated more widely in February 2026. The breach exposed 663k account holder records containing email addresses along with publicly visible profile information...

663,121 accounts affectedOccurred 2025
Tuesday, January 27, 2026
BreachHave I Been PwnedJanuary 27, 2026

SoundCloud

In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform . The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data...

29,815,722 accounts affectedOccurred 2025
Wednesday, January 21, 2026
BreachHave I Been PwnedJanuary 21, 2026

Under Armour

In November 2025, the Everest ransomware group claimed Under Armour as a victim and attempted to extort a ransom , alleging they had obtained access to 343GB of data. In January 2026, customer data from the incident was published publicly on a popular hacking...

72,742,892 accounts affectedOccurred 2025
Monday, January 19, 2026
BreachHave I Been PwnedJanuary 19, 2026

Raaga

In December 2025, data allegedly breached from the Indian streaming music service "Raaga" was posted for sale to a popular hacking forum . The data contained 10M unique email addresses along with names, genders, ages (in some cases, full date of birth),...

10,225,145 accounts affectedOccurred 2025
Sunday, January 18, 2026
BreachHave I Been PwnedJanuary 18, 2026

Pass'Sport

In December 2025, data from France's Pass'Sport program was posted to a popular hacking forum . Initially misattributed to CAF (the French family allowance fund), the data contained 6.5M unique email addresses affecting 3.5M households. The data also included...

6,366,133 accounts affectedOccurred 2025
Saturday, January 10, 2026
BreachHave I Been PwnedJanuary 10, 2026

BreachForums (2025)

In October 2025, a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies . In the months leading up to the takedown, the site itself suffered a data...

672,247 accounts affectedOccurred 2025
Tuesday, January 6, 2026
BreachHave I Been PwnedJanuary 6, 2026

WhiteDate

In December 2025, the dating website "for a Europid vision" WhiteDate suffered a data breach that was subsequently leaked online , initially exposing 6.1k unique email addresses. The leaked data included extensive personal information such as physical...

20,363 accounts affectedOccurred 2025
Saturday, December 27, 2025
BreachHave I Been PwnedDecember 27, 2025

WIRED

In December 2025, 2.3M records of WIRED magazine users allegedly obtained from parent company Condé Nast were published online . The most recent data dated back to the previous September and exposed email addresses and display names, as well as, for a small...

2,364,431 accounts affectedOccurred 2025
Thursday, December 18, 2025
BreachHave I Been PwnedDecember 18, 2025

AUTOSUR

In March 2025, the French vehicle inspection company AUTOSUR suffered a data breach exposing over 10M customer records, though only 487k unique email addresses were present. The compromised data included names, phone numbers, physical addresses, and vehicle...

487,226 accounts affectedOccurred 2025
Monday, December 1, 2025
BreachHave I Been PwnedDecember 1, 2025

Zilvia.net

In November 2025, data breached from the Zilvia.net Nissan 240SX Silvia and Z Fairlady car forum was leaked. The breach exposed 288k unique email addresses along with usernames, IP addresses and salted MD5 password hashes sourced from the vBulletin based...

287,863 accounts affectedOccurred 2025
Sunday, November 23, 2025
BreachHave I Been PwnedNovember 23, 2025

CodeStepByStep

In November 2025, the online coding practice tool CodeStepByStep suffered a data breach that exposed 17k records which were subsequently published online . The following month, a further corpus of data was released bringing the total to 103k. The impacted...

103,077 accounts affectedOccurred 2025
BreachHave I Been PwnedNovember 23, 2025

ADDA

In March 2025, data allegedly breached from the ADDA housing societies service was posted to a public hacking forum . The data contained over 1.8M unique email addresses along with names, phone numbers and MD5 password hashes.

1,829,314 accounts affectedOccurred 2025
Thursday, November 20, 2025
BreachHave I Been PwnedNovember 20, 2025

International Kiteboarding Organization

In November 2025, the International Kiteboarding Organization suffered a data breach that exposed 340k user records . The data was subsequently listed for sale on a hacking forum and included email addresses, names, usernames and in many cases, the user's...

340,349 accounts affectedOccurred 2025
BreachHave I Been PwnedNovember 20, 2025

Beckett Collectibles

In November 2025, Beckett Collectibles experienced a data breach accompanied by website content defacement . The stolen data was later advertised for sale on a prominent hacking forum, with portions subsequently released publicly. The publicly circulating...

1,041,238 accounts affectedOccurred 2025
BreachHave I Been PwnedNovember 20, 2025

Eurofiber

In November 2025, Eurofiber France disclosed a data breach of its ticket management platform . Data containing 10k unique email addresses and a smaller number of names and phone numbers was subsequently leaked. A threat actor claiming responsibility for the...

10,003 accounts affectedOccurred 2025
Thursday, November 13, 2025
BreachHave I Been PwnedNovember 13, 2025

Operation Endgame 3.0

Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague . The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all...

2,046,030 accounts affectedOccurred 2025
Saturday, November 8, 2025
BreachHave I Been PwnedNovember 8, 2025

TISZA Világ

In late October 2025, data breached from the Hungarian political party TISZA was published online before being extensively redistributed . Stemming from a compromise of the TISZA Világ service earlier in the month, the breach exposed 200k records of personal...

198,520 accounts affectedOccurred 2025
Thursday, November 6, 2025
BreachHave I Been PwnedNovember 6, 2025

Synthient Credential Stuffing Threat Data

During 2025, the threat-intelligence firm Synthient aggregated 2 billion unique email addresses disclosed in credential-stuffing lists found across multiple malicious internet sources . Comprised of email addresses and passwords from previous data breaches,...

1,957,476,021 accounts affectedOccurred 2025
Monday, October 27, 2025
BreachHave I Been PwnedOctober 27, 2025

MyVidster (2025)

In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum . Separate to the 2015 breach, this incident exposed usernames, email addresses and in a small number of cases, profile photos.

3,864,364 accounts affectedOccurred 2025
Tuesday, October 21, 2025
BreachHave I Been PwnedOctober 21, 2025

Synthient Stealer Log Threat Data

During 2025, Synthient aggregated billions of records of "threat data" from various internet sources . The data contained 183M unique email addresses alongside the websites they were entered into and the passwords used. After normalising and deduplicating the...

182,962,095 accounts affectedOccurred 2025
Thursday, October 16, 2025
BreachHave I Been PwnedOctober 16, 2025

Prosper

In September 2025, Prosper announced that it had detected unauthorised access to their systems, which resulted in the exposure of customer and applicant information . The data breach impacted 17.6M unique email addresses, along with other customer...

17,605,276 accounts affectedOccurred 2025
Wednesday, October 15, 2025
BreachHave I Been PwnedOctober 15, 2025

Hello Cake

In July 2025, the sexual healthcare product maker Hello Cake suffered a data breach . The data was subsequently posted on a public hacking forum and included 23k unique email addresses along with names, phone numbers, physical addresses, dates of birth and...

22,907 accounts affectedOccurred 2025
Saturday, October 11, 2025
BreachHave I Been PwnedOctober 11, 2025

Vietnam Airlines

In October 2025, data stolen from the Salesforce instances of multiple companies by a hacking group calling itself "Scattered LAPSUS$ Hunters" was publicly released . Among the affected organisations was Vietnam Airlines, which had 7.3M unique customer email...

7,316,915 accounts affectedOccurred 2025
Tuesday, October 7, 2025
BreachHave I Been PwnedOctober 7, 2025

Adpost

In February 2025, data obtained from an earlier Adpost breach surfaced. The dataset contained 3.3M records including email addresses, usernames, and display names. Adpost later published a disclosure notice and advised they'd forced a credential refresh,...

3,339,512 accounts affectedOccurred 2025
Saturday, October 4, 2025
BreachHave I Been PwnedOctober 4, 2025

Artists&Clients

In August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k . The data was subsequently leaked publicly and included 95k unique email addresses alongside...

95,351 accounts affectedOccurred 2025
Wednesday, September 24, 2025
BreachHave I Been PwnedSeptember 24, 2025

Bouygues Telecom

In August 2025, the French telecommunications company Bouygues Telecom detected a cyber attack against their services . The incident resulted in a data breach that exposed almost 6.4M customer records, including 5.7M unique email addresses. The breach also...

5,685,771 accounts affectedOccurred 2025
Tuesday, September 16, 2025
BreachHave I Been PwnedSeptember 16, 2025

Miljödata

In August 2025, the Swedish system supplier Miljödata was the victim of a ransomware attack . Following the attack, data was subsequently published on the dark web and included 870k unique email addresses across various compromised files. Data also included...

870,108 accounts affectedOccurred 2025
Monday, September 1, 2025
BreachHave I Been PwnedSeptember 1, 2025

Giglio

In August 2025, over 1M unique email addresses appeared in a breach allegedly obtained from Italian fashion designer Giglio. The data also included names, phone numbers and physical addresses. Giglio did not respond to repeated attempts to disclose the...

1,026,468 accounts affectedOccurred 2025
Wednesday, August 27, 2025
BreachHave I Been PwnedAugust 27, 2025

TheSqua.re

In June 2025, 107k unique customer email addresses were allegedly obtained from TheSqua.re, the "easiest way to find your next serviced apartment". The data also included names, phone numbers and cities which were subsequently posted to a popular hacking...

107,041 accounts affectedOccurred 2025
Monday, August 18, 2025
BreachHave I Been PwnedAugust 18, 2025

Allianz Life

In July 2025, Allianz Life was the victim of a cyber attack which resulted in millions of records later being leaked online . Allianz attributed the attack to "a social engineering technique" which targeted data on Salesforce and resulted in the exposure of...

1,115,061 accounts affectedOccurred 2025
Wednesday, August 13, 2025
BreachHave I Been PwnedAugust 13, 2025

Data Troll Stealer Logs

In June 2025, headlines erupted over a "16 billion password" breach . In reality, the dataset was a compilation of publicly accessible stealer logs, mostly repurposed from older leaks, with only a small portion of genuinely new material. HIBP received 2.7B...

109,532,219 accounts affectedOccurred 2025
Thursday, July 31, 2025
BreachHave I Been PwnedJuly 31, 2025

Pi-hole

In July 2025, a vulnerability in the GiveWP WordPress plugin exposed the names and email addresses of approximately 30k donors to the Pi-hole network-wide ad blocking project . Pi-hole subsequently self-submitted the list of impacted donors to HIBP.

29,926 accounts affectedOccurred 2025
Wednesday, July 23, 2025
BreachHave I Been PwnedJuly 23, 2025

Creams Cafe

In May 2025, 160k records of customer data was allegedly obtained from Creams Cafe, "the UK's favourite dessert parlour". The data included email and physical addresses, names and phone numbers. Creams Cafe did not respond to repeated attempts to disclose the...

159,652 accounts affectedOccurred 2025
Tuesday, July 15, 2025
BreachHave I Been PwnedJuly 15, 2025

MaReads

In June 2025, MaReads, the website for readers and writers of Thai-language fiction and comics suffered a data breach that exposed 74k records. The breach included usernames, email addresses, phone numbers and dates of birth. MaReads is aware of the breach.

74,453 accounts affectedOccurred 2025
Sunday, July 13, 2025
BreachHave I Been PwnedJuly 13, 2025

Omnicuris

In June 2025, the Indian CME platform Omnicuris suffered a data breach that exposed approximately 200k records of healthcare professionals. The data included names, email addresses, phone numbers, geographic locations and other data attributes relating to...

215,298 accounts affectedOccurred 2025
Thursday, July 3, 2025
BreachHave I Been PwnedJuly 3, 2025

Catwatchful

In June 2025, spyware maker Catwatchful suffered a data breach that exposed over 60k customer records . The breach was due to a SQL injection vulnerability that enabled email addresses and plain text passwords to be extracted from the system.

61,641 accounts affectedOccurred 2025
Friday, June 13, 2025
BreachHave I Been PwnedJune 13, 2025

Ualabee

In May 2025, the South American mobility services platform Ualabee had hundreds of thousands of records scraped from an interface on their platform . The data included 472k unique email addresses along with names, profile photos, dates of birth and phone...

472,296 accounts affectedOccurred 2025
Tuesday, June 3, 2025
BreachHave I Been PwnedJune 3, 2025

ColoCrossing

In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product . ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability....

7,183 accounts affectedOccurred 2025
Friday, May 23, 2025
BreachHave I Been PwnedMay 23, 2025

Operation Endgame 2.0

In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of "Operation Endgame". This followed the first Operation Endgame exercise a year earlier , with the...

15,436,844 accounts affectedOccurred 2025
Thursday, May 1, 2025
BreachHave I Been PwnedMay 1, 2025

TehetségKapu

In March 2025, almost 55k records were breached from the Hungarian education office website TehetségKapu . The data was subsequently published to a popular hacking forum and included email addresses, names and usernames.

54,357 accounts affectedOccurred 2025
Sunday, April 13, 2025
BreachHave I Been PwnedApril 13, 2025

Samsung Germany Customer Tickets

In March 2025, data from Samsung Germany was compromised in a data breach of their logistics provider, Spectos . Allegedly due to credentials being obtained by malware running on a Spectos employee's machine, the breach included 216k unique email addresses...

216,333 accounts affectedOccurred 2025
Sunday, March 30, 2025
BreachHave I Been PwnedMarch 30, 2025

German Doner Kebab

In March 2025, data allegedly sourced from German Doner Kebab was published on a popular hacking forum . The data included 162k unique email addresses alongside names, phone numbers and physical addresses. German Doner Kebab subsequently sent a disclosure...

162,373 accounts affectedOccurred 2025
Tuesday, March 25, 2025
BreachHave I Been PwnedMarch 25, 2025

Troy Hunt's Mailchimp List

In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog . The exported list contained 16k email addresses and other...

16,627 accounts affectedOccurred 2025
Wednesday, March 19, 2025
BreachHave I Been PwnedMarch 19, 2025

Lexipol

In February 2025, the public safety policy management systems company Lexipol suffered a data breach . Attributed to the self-proclaimed "Puppygirl Hacker Polycule", the breach exposed an extensive number of documents and user records which were subsequently...

672,546 accounts affectedOccurred 2025
Thursday, February 27, 2025
BreachHave I Been PwnedFebruary 27, 2025

Orange Romania

In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum . The data included 556k email addresses (of which hundreds of thousands were in the form of [phone...

556,557 accounts affectedOccurred 2025
Tuesday, February 25, 2025
BreachHave I Been PwnedFebruary 25, 2025

ALIEN TXTBASE Stealer Logs

In February 2025, 23 billion rows of stealer logs were obtained from a Telegram channel known as ALIEN TXTBASE . The data contained 284M unique email addresses alongside the websites they were entered into and the passwords used. This data is now searchable...

284,132,969 accounts affectedOccurred 2025
Thursday, February 20, 2025
BreachHave I Been PwnedFebruary 20, 2025

Spyic

In February 2025, the spyware service Spyic suffered a data breach along with sibling spyware service, Cocospy . The Spyic breach alone exposed almost 876k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access...

875,999 accounts affectedOccurred 2025
BreachHave I Been PwnedFebruary 20, 2025

Cocospy

In February 2025, the spyware service Cocospy suffered a data breach along with sibling spyware service, Spyic . The Cocospy breach alone exposed almost 1.8M customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access...

1,798,059 accounts affectedOccurred 2025
Tuesday, February 11, 2025
BreachHave I Been PwnedFebruary 11, 2025

LandAirSea

In January 2025, the GPS tracking service LandAirSea suffered a data breach that exposed 337k unique customer email addresses alongside names, usernames and password hashes. The breach also exposed partial credit card data (card type, last 4 digits and...

337,373 accounts affectedOccurred 2025
Thursday, February 6, 2025
BreachHave I Been PwnedFebruary 6, 2025

Thermomix Recipe World Forum

In January 2025, the Rezeptwelt (German for "recipe world") forum for Thermomix owners suffered a data breach . The incident exposed 3.1M registered users' details including names, email and physical addresses, phone numbers, dates of birth and bios (usually...

3,123,439 accounts affectedOccurred 2025
Tuesday, January 28, 2025
BreachHave I Been PwnedJanuary 28, 2025

Doxbin Scrape

In January 2025, 435k email addresses were scraped from the "doxing" service Doxbin . Posts to the service are usually intended to disclose the personal information of non-consensually third parties.

435,784 accounts affectedOccurred 2025
Wednesday, January 22, 2025
BreachHave I Been PwnedJanuary 22, 2025

Frame & Optic

In January 2025, the eyewear seller Frame & Optic suffered a data breach . The incident exposed almost 16k unique email addresses along with names, phone numbers and geolocation data including country, state and postcode.

15,678 accounts affectedOccurred 2025
Monday, January 13, 2025
BreachHave I Been PwnedJanuary 13, 2025

Stealer Logs, Jan 2025

In January 2025, stealer logs with 71M email addresses were added to HIBP . Consisting of email address, password and the website the credentials were entered against, this breach marks the launch of a new HIBP feature enabling the retrieval of the specific...

71,039,833 accounts affectedOccurred 2025
BreachHave I Been PwnedJanuary 13, 2025

Scholastic

In January 2025, a data breach of the publishing company Scholastic surfaced . The breach contained 4.2M unique email addresses with many of the records also including name, phone number and physical address.

4,247,768 accounts affectedOccurred 2025