CyberAlerts

Color Dating - 220,503 breached accounts

Description: In September 2018, the dating app to match people with different ethnicities Color Dating suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 220k unique email addresses along with bios, names, profile photos and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to "ANK (Veles)".

Source: HaveIBeenPwnedLatestBreaches

March 3rd, 2025 (about 2 months ago)

Flat Earth Sun, Moon and Zodiac App - 33,294 breached accounts

Description: In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders.

Source: HaveIBeenPwnedLatestBreaches

March 2nd, 2025 (about 2 months ago)

Spyzie - 518,643 breached accounts

Description: In February 2025, the spyware service Spyzie suffered a data breach along with sibling spyware services, Spyic and Cocospy. The Spyzie breach alone exposed almost 519k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]".

Source: HaveIBeenPwnedLatestBreaches

February 28th, 2025 (about 2 months ago)

Belgium probes if Chinese hackers breached its intelligence service

Description: The Belgian federal prosecutor's office is investigating whether Chinese hackers were behind a breach of the country's State Security Service (VSSE). [...]

Source: BleepingComputer

February 27th, 2025 (about 2 months ago)

Suspected Desorden hacker arrested for breaching 90 organizations

Description: A suspected cyber criminal believed to have extorted companies under the name "DESORDEN Group" or "ALTDOS" has been arrested in Thailand for leaking the stolen data of over 90 organizations worldwide. [...]

Source: BleepingComputer

February 27th, 2025 (about 2 months ago)

Cyber Toufan Operations Claims to have Breached Data Car

Description: Cyber Toufan Operations Claims to have Breached Data Car

Source: DarkWebInformer

February 27th, 2025 (about 2 months ago)

Orange Romania - 556,557 breached accounts

Description: In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone number]@as1.romtelecom.net), phone numbers, subscription details, partial credit card data (type, last 4 digits, expiration date and issuing bank). The breach also exposed an extensive number of internal documents.

Source: HaveIBeenPwnedLatestBreaches

February 27th, 2025 (about 2 months ago)

Water Utility Co. Still Paying the Breach Price a Year Later

Description: The UK's Southern Water has been forced to shell out millions due to a Black Basta cyberattack, and it has come to light that the total could include a ransom payment.

Source: Dark Reading

February 26th, 2025 (about 2 months ago)

Lazarus hacked Bybit via a breached Safe{Wallet} developer machine

Description: Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer's device at the multisig wallet platform Safe{Wallet}. [...]

Source: BleepingComputer

February 26th, 2025 (about 2 months ago)

EncryptHub breaches 618 orgs to deploy infostealers, ransomware

Description: A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access to corporate networks. [...]

Source: BleepingComputer

February 26th, 2025 (about 2 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Color Dating - 220,503 breached accounts Description: In September 2018, the dating app to match people with different ethnicities Color Dating suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 220k unique email addresses along with bios, names, profile photos and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to "ANK (Veles)". Source: HaveIBeenPwnedLatestBreaches March 3rd, 2025 (about 2 months ago)
	Flat Earth Sun, Moon and Zodiac App - 33,294 breached accounts Description: In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users. The data included 33k unique email addresses along with usernames, latitudes and longitudes (their position on the globe) and passwords stored in plain text. A small number of profiles also contained names, dates of birth and genders. Source: HaveIBeenPwnedLatestBreaches March 2nd, 2025 (about 2 months ago)
	Spyzie - 518,643 breached accounts Description: In February 2025, the spyware service Spyzie suffered a data breach along with sibling spyware services, Spyic and Cocospy. The Spyzie breach alone exposed almost 519k customer email addresses which were provided to HIBP, and reportedly also enabled unauthorised access to captured messages, photos, call logs, and more. The data was provided to HIBP by a source who requested it be attributed to "[email protected]". Source: HaveIBeenPwnedLatestBreaches February 28th, 2025 (about 2 months ago)
	Belgium probes if Chinese hackers breached its intelligence service Description: The Belgian federal prosecutor's office is investigating whether Chinese hackers were behind a breach of the country's State Security Service (VSSE). [...] Source: BleepingComputer February 27th, 2025 (about 2 months ago)
	Suspected Desorden hacker arrested for breaching 90 organizations Description: A suspected cyber criminal believed to have extorted companies under the name "DESORDEN Group" or "ALTDOS" has been arrested in Thailand for leaking the stolen data of over 90 organizations worldwide. [...] Source: BleepingComputer February 27th, 2025 (about 2 months ago)
	Cyber Toufan Operations Claims to have Breached Data Car Description: Cyber Toufan Operations Claims to have Breached Data Car Source: DarkWebInformer February 27th, 2025 (about 2 months ago)
	Orange Romania - 556,557 breached accounts Description: In February 2025, the Romanian arm of telecommunications company Orange suffered a data breach which was subsequently published to a popular hacking forum. The data included 556k email addresses (of which hundreds of thousands were in the form of [phone number]@as1.romtelecom.net), phone numbers, subscription details, partial credit card data (type, last 4 digits, expiration date and issuing bank). The breach also exposed an extensive number of internal documents. Source: HaveIBeenPwnedLatestBreaches February 27th, 2025 (about 2 months ago)
	Water Utility Co. Still Paying the Breach Price a Year Later Description: The UK's Southern Water has been forced to shell out millions due to a Black Basta cyberattack, and it has come to light that the total could include a ransom payment. Source: Dark Reading February 26th, 2025 (about 2 months ago)
	Lazarus hacked Bybit via a breached Safe{Wallet} developer machine Description: Forensic investigators have found that North Korean Lazarus hackers stole $1.5 billion from Bybit after hacking a developer's device at the multisig wallet platform Safe{Wallet}. [...] Source: BleepingComputer February 26th, 2025 (about 2 months ago)
	EncryptHub breaches 618 orgs to deploy infostealers, ransomware Description: A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and social engineering attacks to gain access to corporate networks. [...] Source: BleepingComputer February 26th, 2025 (about 2 months ago)