Security Blunders

New breach: French e-commerce platform WiziShop suffered a breach in July exposing 18GB of data including names, phones, DoB, physical and IP addresses, SHA-1 password hashes and almost 3 million unique email addresses. 62% were already in @haveibeenpwned https://t.co/LGaAnj1hUA

— Have I Been Pwned (@haveibeenpwned) October 5, 2020

New breach: Experian South Africa had tens of millions of personal records breached last month. Only 1.3M contained email addresses with other including gov issued IDs, names, addresses and employment info. 66% were already in @haveibeenpwned. Read more: https://t.co/6P0pYvu4KK

— Have I Been Pwned (@haveibeenpwned) September 2, 2020

New breach: LiveAuctioneers was hacked in June and 3.4M user accounts exposed. Data included names, email and IP addresses, physical addresses, phones numbers and passwords stored as unsalted MD5 hashes. 79% were already in @haveibeenpwned. Read more: https://t.co/zgbYCjwiUu

— Have I Been Pwned (@haveibeenpwned) August 22, 2020

New breach: The Utah Gun Exchange website was breached in July, exposing 235k email addresses. Also included wetre names, usernames, IP addresses, genders and password hashes. 75% were already in @haveibeenpwned. Read more: https://t.co/oRKObsV9H0

— Have I Been Pwned (@haveibeenpwned) August 19, 2020

New breach: Neapolitan public transport website Unico Campania was hacked this week. 166k user records containing email addresses and passwords were subsequently circulated online. 53% were already in @haveibeenpwned. Read more: https://t.co/PClgZk0D0e

— Have I Been Pwned (@haveibeenpwned) August 19, 2020

New breach: Booking website Sonicbids had 752k accounts breached in December. Data included names, usernames, email addresses and PBKDF2 password hashes. 81% were already in @haveibeenpwned. Read more (PDF): https://t.co/hgGOSGfhLw

— Have I Been Pwned (@haveibeenpwned) August 18, 2020

New breach: Brazilian recruitment website Catho had 1.2M unique email addresses breached in March. Data also included usernames, names and plain text passwords. 67% were already in @haveibeenpwned. Read more: https://t.co/iyWX278evW

— Have I Been Pwned (@haveibeenpwned) August 18, 2020

New breach: Online exam service ProctorU had 444k records breached in June. Data included email and physical addresses, names, phones and bcrypt password hashes. 65% were already in @haveibeenpwned. Read more: https://t.co/zCehbZEcgT

— Have I Been Pwned (@haveibeenpwned) August 6, 2020

New breach: Indonesian credit service Kreditplus had 896k records with 769k emails breached last month. Extensive personal and sensitive info was exposed including religeons, spouses and financial statuses. 50% were already in @haveibeenpwned. Read more: https://t.co/ntNUH9tAId

— Have I Been Pwned (@haveibeenpwned) August 3, 2020