Breached Data From 26 Companies Is Up For Sale: Are You Affected?

January 17th · 4 min read

On January 1, 2020, a data broker began selling 368.8 million stolen user records collected from twenty-six companies on a hacker forum.

When attackers breach a company and steal their databases, they often work with data breach brokers. These are individuals who market and sell the stolen data on their behalf. They create posts on hacker forums and dark web marketplaces to profit from the stolen data.

26breach

BleepingComputer reports that in their conversation with the data broker, data stolen from Teespring is being sold for $3,800-$4,000, MyON for $2,00, and Chqbook for $1,800. Pricing for the other databases has not yet been determined. Here is a full list of companies whose breached data is up for sale and the number of records included for each.

CompanyNumber of Records Breached
Accuradio.com 2.2 million
Anyvan.com4.1 million
Bigbasket.com20 million
Cermati.com 2.9 million
Chqbook.com 1 million
Clickindia.com 8 million
Eventials.com1.4 million
Everything5pounds.com2.9 million
Fotolog.com33 million
Geekie.com.br8.1 million
Hybris.com (SAP.com)4 million
Juspay.in100 million
Knockcrm.com 6 million
Mindful.org 1.7 million
ModaOperandi.com1.2 million
MyON.com13 million
Netlog.com (Twoo.com)53 million
Pizap.com 60 million
Reddoorz.com 5.8 million
Reverbnation.com 7.8 million
Singlesnet.com16 million
Sitepoint.com1 million
Teespring.com 8.2 million
Wahoofitness.com1.7 million
Wedmegood.com 1.3 million
Wongnai.com 4.3 million

What Should I Do If I Use One Of These Sites?

If you used one of these sites, it’s important that you take action right away to protect yourself. While these lists have not yet been sold, they are already in the hands of hackers and a data breach broker. This means that your information is already available for others to use.

Change Your Password. If you have an account on one of these sites, immediately change your password to one that you have never used before and one that you do not use on another website. If you used the same password on other websites, you should also change your passwords on those sites as well. If you aren’t sure how to create a strong, but memorable password, check out our guide How to Create a Strong Password That You Will Remember to learn how.

Determine Exactly What Information Was Breached. To learn exactly what information was breached, contact the company with whom you had an account. They can let you know what information was involved in the breach, any “next steps” you should take, as well as any offers they have to help you protect your data.

Fully Understand What to Do When Your Information is Breached. Depending on the type of information that was breached, you may need to take different steps. If you aren’t sure what steps you should take, our guide I've Been Breached: A Step By Step Guide to Protecting Your Data offers a great starting point.

Sign up for Data Breach Monitoring.__ When your information is involved in one breach, the likelihood of your information being involved in another breach increases. In order to stay ahead of this and other data breaches, you should use data breach monitoring to alert you of future breaches.

Clean up your browser and prevent future scams

Protect yourself from identity theft & other scams, begin with a free scan.

Be the first to know!

Subscribe to our exclusive mailing list and get the freshest stories from the Guardio team