New breach: Last month 26M unique email addresses were collated from info stealer logs in Telegram channels. Data also included passwords and the websites they were entered into, captured by info stealer malware. 90% were already in Have I Been Pwned. More: troyhunt.com/begging-for-bo…

New breach: Italian gaming site Multiplayer[.]it had over half a million records breached and posted online in April. Data included email address, username and salted MD5 password hashes. 71% were already in Have I Been Pwned. Read more: x.com/darkwebinforme…

New breach: In June, Shoe Zone had over 100k orders breached with 46k unique email addresses. Data also included name, address and partial credit card data (card type and last 4 digits). 93% were already in Have I Been Pwned. Read more: cybernews.com/news/shoezone-…

New breach: 282M unique addresses allegedly scraped from SOCRadar. Their investigation concluded "no data breach involving our customers or SOCRadar's internal systems", and that data was scraped from Telegram channels. 81% were already in Have I Been Pwned socradar.io/socradars-resp…

New breach: Cloud gaming provider Shadow had 543k records breached including email and physical address, name and date of birth. 63% were already in Have I Been Pwned. Read more: bleepingcomputer.com/news/security/…

New unverified breach: National Public Data had a substantial breach in April. However, the origin and accuracy of much of the data is highly questionable, including the 134M exposed email addresses of which 87% were already in Have I Been Pwned. Read more: troyhunt.com/inside-the-3-b…

New breach: French retailer LDLC had 1.26M unique email addresses breached earlier this year. Data included name, phone and physical address. 63% were already in Have I Been Pwned. Read more: groupe-ldlc.com/information-re…

New breach: Master Chris Leong, a "leading Tit Tar practitioner in Malaysia" had 27k unique emails breached this month and posted online. Data included name, DoB, physical address, gender, and more. 71% were already in Have I Been Pwned. Read more: x.com/DarkWebInforme…

New breach: Explore Talent was breached earlier this month exposing 11.4M records, of which 8.9M unique email addresses were provided to HIBP. This is separate to the 2022 breach that exposed 5.4M addresses. 94% were already in Have I Been Pwned. More: maia.crimew.gay/posts/gps-trac…

New breach: GPS tracking service Tracki was breached earlier this month due to multiple vulnerabilities that exposed 372k users. Impacted data included name and email address. 62% were already in Have I Been Pwned. Read more: maia.crimew.gay/posts/gps-trac…

New breach: Traderie had 400k records breached in Sep 2022 including email and IP address, username and link to social media profile. 21% were already in Have I Been Pwned. Read more: techcrunch.com/2023/09/07/tra…

New breach: French sporting equipment manufacturer Sport 2000 announced a breach in April. Data included 3.2M email addresses, names, physical addresses, DoBs, phone numbers and purchases made from stores. 59% were already in Have I Been Pwned. Read more: clubic.com/actualite-5250…

New breach: Online styling service Lookiero had 5M unique email addresses breached and posted to a hacking forum last week. Some records included name, physical address and phone number. 71% were already in Have I Been Pwned. Read more: x.com/DailyDarkWeb/s…

New breach: Portuguese home decor company Market Moveis had 28k unique email addresses breached 1 year ago. The extent of the breach was only the addresses and names. 68% were already in Have I Been Pwned. Read more: portaldaqueixa.com/brands/market-…

New breach: Blooms Today had 15M records with 3.2M email addresses breached in November. Data also included name, physical address, phone and partial credit card data. 89% were already in Have I Been Pwned. Read more: dailydarkweb.net/blooms-today-a…

In Sep 2020, now defunct site Games Box suffered a data breach later redistributed as part of a larger corpus. Data included 1.4M email addresses, username, gender, age and password stored as hash or plain text. 94% were already in Have I Been Pwned. More: cybernews.com/security/billi…

New breach: Instituto Nacional de Deportes de Chile (National Sports Institute) had 1.7M rows with 320k email addresses breached and published last week. Data included name, gender, DoB and bcrypt password hash. 52% were already in Have I Been Pwned. More: doingfedtime.com/1-7-million-us…

New breach: HuntStand had 2.8M records scraped and publicly posted in March. Data included email address and for many records, name, DoB and country. 69% were already in Have I Been Pwned. Read more: dailydarkweb.net/alleged-databa…