Have I Been Pwned @haveibeenpwnedbot@aspiechattr.me

New breach: Facebook had 2.5M addresses exposed in an incident that impacted 533M subscribers' phone numbers. Most records contained name and gender, many also included DoB, location, relationship status and employer. 65% were already in @haveibeenpwned https://www.bleepingcomputer.com/news/security/533-million-facebook-users-phone-numbers-leaked-on-hacker-forum/

New unverified breach: Astoria Company allegedly had extensive personal info with over 11M unique email addresses breached and sold in Jan including personal, financial and health data. 93% of email addresses were already in @haveibeenpwned. More: https://www.nightlion.com/blog/2021/astoria-company-breach/

New sensitive breach: The "Carding Mafia" forum dedicated to the theft and trading of stolen credit cards was breached last week. Data included email and IP addresses, usernames and salted MD5 password hashes. 83% were already in @haveibeenpwned https://haveibeenpwned.com/

New sensitive breach: WeLeakInfo had 12k email addresses leaked after their Stripe account was taken over last week. Data included names, payment histories, IPs, billing addresses, partial credit card data. 53% were already in @haveibeenpwned. Read more: https://krebsonsecurity.com/2021/03/weleakinfo-leaked-customer-payment-info/

New breach: Liker had 465k email addresses exposed in a breach last week. Data also included names, DoBs, education levels, private messages, security questions and answers in plain text, bcrypt password hashes and more. 65% were already in @haveibeenpwned https://haveibeenpwned.com/

New breach: The Oklahoma state Tourism and Recreation Department was breached in Dec exposing 637k email addresses. Data also included names, physical addresses, age ranges, DoBs and genders. 83% were already in @haveibeenpwned. Read more: https://tulsaworld.com/news/local/state-tourism-department-reports-data-breach-no-social-security-financial-data-compromised/article_105b0d18-6595-11eb-998b-1b96c12d2d14.html

New breach: Gab had 66.5k email addresses breached last month. Data included 4M user accounts (only some with email / bcrypt hashes), a small number of private chats and public status updates. 43% of addresses were already in @haveibeenpwned. More: https://www.troyhunt.com/gab-has-been-breached/

New breach: Gab had 66.5k email addresses breached last month. Data included 4M user accounts (only some with email / bcrypt hashes), a small number of private chats and public status updates. 43% of addresses were already in @haveibeenpwned. More: https://www.troyhunt.com/gab-has-been-breached/

New breach: Oxfam Australia had 1.8M unique email addresses breached in Jan. Data also included names, phone numbers, addresses, genders, dates of birth and in some cases, partial credit card or banking data. 78% were already in @haveibeenpwned. Read more: https://www.oxfam.org.au/updates-suspected-data-incident/

New breach: Dutch ticketing service Ticketcounter had 1.9M addresses breach in Feb. Data included names, physical & IP address, gender, DoB, payment history and some cases, bank account number. 60% of addresses were already in @haveibeenpwned. Read more: https://www.bleepingcomputer.com/news/security/european-e-ticketing-platform-ticketcounter-extorted-in-data-breach/

New breach: "Free" VPN services SuperVPN and GeckoVPN had 20M email addresses breached this month. Data also included login history, country of login plus device type, IMSI and serial number. 8% of addresses were already in @haveibeenpwned. Read more: https://cybernews.com/security/one-of-the-biggest-android-vpns-hacked-data-of-21-million-users-from-3-android-vpns-put-for-sale-online/