Check if you have an email address or password that has been compromised in a data breach. Created and maintained by
@troyhunt.com.
Have I Been Pwned
Loading...
New stealer log corpus: A collection of hundreds of millions of stealer log records containing 56M unique email addresses has been added. The data also contained 124M unique passwords added to Pwned Passwords. 86% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/June2...
New breach: The Atlas Menu GTA V and CS2 cheat service had 64k accounts breached yesterday. Data includes email and IP addresses, usernames, passwords stored as bcrypt hashes and support tickets. 49% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/Atlas...
New breach: Baker Distributing had 103k unique email addresses allegedly exposed after appearing on the ShinyHunters "pay or leak" site. The data was mostly corporate contact info including names, addresses and phones. 50% were already in @haveibeenpwned.com: haveibeenpwned.com/Breach/Baker...
New breach: Edmunds was listed by ShinyHunters as allegedly breached in Jan, with the data later published online. It contained 178k unique email addresses, usernames, IP addresses, phone numbers and passwords. 91% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Edmunds
New breach: DentaQuest was targeted by a ShinyHunters extortion campaign that saw 2.6M unique email addresses published last weekend. Data also included name, phone, address and for some records, Medicaid ID. 66% were already in @haveibeenpwned.com . More: haveibeenpwned.com/Breach/Denta...
New breach: Charter Communications was named in a ShinyHunters "pay or leak" extortion campaign last week after which 4.9M unique email addresses along with name, phone number and physical address were published. 68% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Charter
New breach: BCD Travel was targeted in a ShinyHunters extortion campaign that published 396k email addresses this week. Other data included name, address, phone, job title and support tickets. 28% were already in @haveibeenpwned.com. Read more: haveibeenpwned.com/Breach/BCDTr...
New breach: Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign in March. Data included 137k unique email addresses along with name, phone number, physical address and support tickets. 76% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Infin...
New breach: The University of Nottingham was targeted in a ShinyHunters extortion campaign exposing 455k email addresses this week. Data included name, address, phone, ethnicity, disability & academic enrolment info. 47% were already in @haveibeenpwned.com haveibeenpwned.com/Breach/Unive...
New breach: Berkadia was targeted by a ShinyHunters "pay or leak" extortion campaign in March. They subsequently published over 300k unique email addresses allegedly taken from the company's Salesforce instance. 76% were already in @haveibeenpwned.com. More: haveibeenpwned.com/Breach/Berka...
Have I Been Pwned
In May 2026, the GTA V and CS2 cheat service Atlas Menu suffered a data breach. An attacker claimed to have gained access to all Atlas systems and published the service's database to a public GitHub r...
In January 2026, the automotive research and car-shopping platform Edmunds suffered a data breach claimed by the ShinyHunters hacking group. The exposed data was subsequently published publicly and in...
In May 2026, the dental benefits administrator DentaQuest was the target of a ShinyHunters "pay or leak" extortion campaign that resulted in the group publicly publishing hundreds of gigabytes of data...
In May 2026, the telecommunications company Charter Communications (the parent company behind the consumer broadband and cable brand Spectrum) was named by the ShinyHunters group in a "pay or leak" ex...
In June 2026, a collection of accumulated stealer logs from various sources was added to HIBP. The corpus comprised 56M unique email addresses across 144M stealer log records. The data also contained ...
In March 2026, the commercial real estate finance company Berkadia was the target of a ShinyHunters "pay or leak" extortion campaign. The group subsequently published data they alleged was taken from ...
haveibeenpwned.com
In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site. In early June, the group publicly published data they ...
In March 2026, the student information system Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign. The group subsequently published data they alleged was taken from Infinit...
In June 2026, the University of Nottingham was the target of a cyber attack, later linked to a ShinyHunters "pay or leak" extortion campaign. Tens of gigabytes of data were subsequently published onli...
haveibeenpwned.com
In May 2026, the corporate travel management company BCD Travel was claimed as a victim of the ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from BCD was subsequently publishe...
