Hi Guys,

Please see below the details of three recent massive data breaches. Have you ever used any of these services?

Sundry Files – 274,461 breached accounts
In January 2022, the now defunct file upload service Sundry Files suffered a data breach that exposed 274k unique email addresses. The data also included usernames, IP addresses and passwords stored as salted SHA-256 hashes.

Leaked Reality – 114,907 breached accounts
In January 2022, the now defunct uncensored video website Leaked Reality suffered a data breach that exposed 115k unique email addresses. The data also included usernames, IP addresses and passwords stored as either MD5 or phpass hashes.

TheGradCafe – 310,975 breached accounts
In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.

Please take the following actions if you have ever used one of these services

  • Change your password immediately, and make sure your new password is strong and unique. Use a combination of upper and lowercase letters, numbers, and symbols. Avoid using the same password for multiple accounts.
  • Enable two-factor authentication (2FA) for your accounts wherever possible. Doing this will add an extra layer of security by requiring a secondary authentication method, such as a code sent to your phone and your password.
  • Use a reputable password manager tool to store your passwords securely. This can help you generate and remember strong, unique passwords for all your accounts.
  • Check if your email address has been involved in a data breach using a tool such as Incognito’s Email Hack Check. If your email address has been compromised, take action to secure your accounts and change any passwords that may have been affected.
  • Monitor your accounts and financial statements regularly for any suspicious activity. If you notice any unauthorized access or transactions, report them to your bank or financial institution immediately.
  • Contact them immediately and demand compensation for any losses or damages resulting from the data breach. You should also ask them about any identity theft protection services they offer.

Please let me know if you need any help in relation to this.

All the best,
Max Roberts,
Incognito Privacy Care Team