Hi Guys,

Please see below details of four massive data breaches. Have you ever used any of these services?

Kreditplus – 768,890 breached accounts

In June 2020, the Indonesian credit service Kreditplus suffered a data breach which exposed 896k records containing 769k unique email addresses. The breach exposed extensive personal information including names, family makeup, information on spouses, income and expenses, religions and employment information. The data was provided to Incognito by HIBP via breachbase.pw

TrueFire – 599,667 breached accounts

In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided to Incognito by HIBP via dehashed.com.

Vakinha – 4,775,203 breached accounts

In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to Incognito by HIBP via dehashed.com.

Havenly – 1,369,180 breached accounts

In June 2020, the interior design website Havenly suffered a data breach which impacted almost 1.4 million members of the service. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as SHA-1 hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to Incognito by HIBP via dehashed.com.

Please take the following actions if you have ever used one of these services

  • Change your password right away and never use the same password twice (see my article on credential stuffing below)
  • Send an email to them and let them know that you are aware of the breach and ask them to provide you with Identity protection and credit Monitoring services.

Please let me know if you need any help in relation to this.

Max Roberts,
Incognito Privacy Care