SirHurt - 90,655 breached accounts
https://haveibeenpwned.com/PwnedWebsites#SirHurt
In April 2021, the the Roblox cheats website SirHurt suffered a data breach (https://wearedevs.net/forum/t/20397) that exposed over 90k customer records. The exposed data included email and IP addresses, usernames and passwords stored as MD5 hashes.
https://haveibeenpwned.com/PwnedWebsites#SirHurt
In April 2021, the the Roblox cheats website SirHurt suffered a data breach (https://wearedevs.net/forum/t/20397) that exposed over 90k customer records. The exposed data included email and IP addresses, usernames and passwords stored as MD5 hashes.
Have I Been Pwned
Have I Been Pwned: Who's Been Pwned
Every breached website added to Have I Been Pwned appears here on the Who’s Been Pwned page. As of today, there are 974 breached sites listed.
Ransomware Hackers Steal Personal Data of 500,000 Students and Staff in Chicago
https://www.oodaloop.com/cyber/2022/05/23/ransomware-hackers-steal-personal-data-of-500000-students-and-staff-in-chicago/
https://www.oodaloop.com/cyber/2022/05/23/ransomware-hackers-steal-personal-data-of-500000-students-and-staff-in-chicago/
OODAloop
Ransomware Hackers Steal Personal Data of 500,000 Students and Staff in Chicago
According to Chicago Public Schools, more than half a million students and staff had their personal information leaked in a ransomware attack that
Wendy's - 52,485 breached accounts
https://haveibeenpwned.com/PwnedWebsites#Wendys
In March 2018, Wendy's in the Philippines suffered a data breach (https://www.rappler.com/technology/202040-wendys-philippines-data-breach/) which impacted over 52k customers and job applicants. The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes.
https://haveibeenpwned.com/PwnedWebsites#Wendys
In March 2018, Wendy's in the Philippines suffered a data breach (https://www.rappler.com/technology/202040-wendys-philippines-data-breach/) which impacted over 52k customers and job applicants. The breach exposed extensive personal information including names, email and IP addresses, physical addresses, phone numbers and passwords stored as MD5 hashes.
Have I Been Pwned
Have I Been Pwned: Who's Been Pwned
Every breached website added to Have I Been Pwned appears here on the Who’s Been Pwned page. As of today, there are 974 breached sites listed.
Amart Furniture - 108,940 breached accounts
https://haveibeenpwned.com/PwnedWebsites#AmartFurniture
In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack (https://www.ozbargain.com.au/node/701231). Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.
https://haveibeenpwned.com/PwnedWebsites#AmartFurniture
In May 2022, the Australian retailer Amart Furniture advised that their warranty claims database hosted on Amazon Web Services had been the target of a cyber attack (https://www.ozbargain.com.au/node/701231). Over 100k records containing email and physical address, names, phone numbers and passwords stored as bcrypt hashes were exposed and shared online by the attacker.
Have I Been Pwned
Have I Been Pwned: Who's Been Pwned
Every breached website added to Have I Been Pwned appears here on the Who’s Been Pwned page. As of today, there are 974 breached sites listed.
Preen.Me - 236,105 breached accounts
https://haveibeenpwned.com/PwnedWebsites#PreenMe
In May 2020, social media marketing company Preen.Me was the target of a ransom attack that resulted in hundreds of thousands of records being publicly posted (https://www.riskbasedsecurity.com/2020/06/24/personal-data-of-350000-social-media-influencers-and-users-compromised-following-preen-me-hack/). Over 236k unique email addresses were exposed in the attack alongside names, usernames and links to social media profiles.
https://haveibeenpwned.com/PwnedWebsites#PreenMe
In May 2020, social media marketing company Preen.Me was the target of a ransom attack that resulted in hundreds of thousands of records being publicly posted (https://www.riskbasedsecurity.com/2020/06/24/personal-data-of-350000-social-media-influencers-and-users-compromised-following-preen-me-hack/). Over 236k unique email addresses were exposed in the attack alongside names, usernames and links to social media profiles.
Have I Been Pwned
Have I Been Pwned: Who's Been Pwned
Every breached website added to Have I Been Pwned appears here on the Who’s Been Pwned page. As of today, there are 974 breached sites listed.
MGM Resorts (2022 Update) - 24,842,001 breached accounts
https://haveibeenpwned.com/PwnedWebsites#MGM2022Update
In July 2019, MGM Resorts discovered a data breach of one of their cloud services (https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/). The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. In May 2022, a superset of the data totalling almost 25M unique email addresses across 142M rows was extensively shared on Telegram (https://www.vpnmentor.com/blog/mgm-leaked-on-telegram/). On analysis, it's highly likely the data stems from the same incident with 142M records having been discovered for sale on a dark web marketplace in mid-2020 (https://www.zdnet.com/article/a-hacker-is-selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/). The exposed data included email and physical addresses, names, phone numbers and dates of birth.
https://haveibeenpwned.com/PwnedWebsites#MGM2022Update
In July 2019, MGM Resorts discovered a data breach of one of their cloud services (https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-guests-posted-on-a-hacking-forum/). The breach included 10.6M guest records with 3.1M unique email addresses stemming back to 2017. In May 2022, a superset of the data totalling almost 25M unique email addresses across 142M rows was extensively shared on Telegram (https://www.vpnmentor.com/blog/mgm-leaked-on-telegram/). On analysis, it's highly likely the data stems from the same incident with 142M records having been discovered for sale on a dark web marketplace in mid-2020 (https://www.zdnet.com/article/a-hacker-is-selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/). The exposed data included email and physical addresses, names, phone numbers and dates of birth.
Have I Been Pwned
Have I Been Pwned: Who's Been Pwned
Every breached website added to Have I Been Pwned appears here on the Who’s Been Pwned page. As of today, there are 974 breached sites listed.
Adecco - 4,284,538 breached accounts
https://haveibeenpwned.com/PwnedWebsites#Adecco
In March 2021, news broke of a massive data breach impacting millions of Adecco customers in South America (https://cybernews.com/security/5-million-adecco-com-users-data-leaked/) which was subsequently sold on a popular hacking forum. The breach exposed over 4M unique email addresses as well as genders, dates of birth, marital statuses, phone numbers and passwords stored as bcrypt hashes.
https://haveibeenpwned.com/PwnedWebsites#Adecco
In March 2021, news broke of a massive data breach impacting millions of Adecco customers in South America (https://cybernews.com/security/5-million-adecco-com-users-data-leaked/) which was subsequently sold on a popular hacking forum. The breach exposed over 4M unique email addresses as well as genders, dates of birth, marital statuses, phone numbers and passwords stored as bcrypt hashes.
Have I Been Pwned
Have I Been Pwned: Who's Been Pwned
Every breached website added to Have I Been Pwned appears here on the Who’s Been Pwned page. As of today, there are 974 breached sites listed.
Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak
https://www.oodaloop.com/briefs/2022/05/31/turkish-airline-exposes-flight-and-crew-info-in-6-5tb-leak/
https://www.oodaloop.com/briefs/2022/05/31/turkish-airline-exposes-flight-and-crew-info-in-6-5tb-leak/
OODAloop
Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak
Low-cost Turkish airline Pegasus Airlines has accidentally leaded the personal information of its flight crew, source code, and flight data due to a
Allianz Life - 1,115,061 breached accounts
In July 2025, Allianz Life was the victim of a cyber attack which resulted in millions of records later being leaked online. Allianz attributed the attack to "a social engineering technique" which targeted data on Salesforce and resulted in the exposure of 1.1M unique email addresses, names, genders, dates of birth, phone numbers and physical addresses.
https://haveibeenpwned.com/Breach/AllianzLife
In July 2025, Allianz Life was the victim of a cyber attack which resulted in millions of records later being leaked online. Allianz attributed the attack to "a social engineering technique" which targeted data on Salesforce and resulted in the exposure of 1.1M unique email addresses, names, genders, dates of birth, phone numbers and physical addresses.
https://haveibeenpwned.com/Breach/AllianzLife
Have I Been Pwned
Have I Been Pwned: Allianz Life Data Breach
In July 2025, Allianz Life was the victim of a cyber attack which resulted in millions of records later being leaked online. Allianz attributed the attack to "a social engineering technique" which targeted data on Salesforce and resulted in the exposure of…
Giglio - 1,026,468 breached accounts
In August 2025, over 1M unique email addresses appeared in a breach allegedly obtained from Italian fashion designer Giglio. The data also included names, phone numbers and physical addresses. Giglio did not respond to repeated attempts to disclose the incident.
https://haveibeenpwned.com/Breach/Giglio
In August 2025, over 1M unique email addresses appeared in a breach allegedly obtained from Italian fashion designer Giglio. The data also included names, phone numbers and physical addresses. Giglio did not respond to repeated attempts to disclose the incident.
https://haveibeenpwned.com/Breach/Giglio
Have I Been Pwned
Have I Been Pwned: Giglio Data Breach
In August 2025, over 1M unique email addresses appeared in a breach allegedly obtained from Italian fashion designer Giglio. The data also included names, phone numbers and physical addresses. Giglio did not respond to repeated attempts to disclose the incident.