Hi Guys,

Please see below details of three massive data breaches. Have you ever used any of these services?

Minted – 4,418,182 breached accounts

In May 2020, the online marketplace for independent artists Minted suffered a data breach that exposed 4.4M unique customer records subsequently sold on a dark web marketplace. Exposed data also included names, physical addresses, phone numbers and passwords stored as bcrypt hashes. The data was provided to Incognito by HIBP via dehashed.com

Wongnai – 3,924,454 breached accounts

In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service, Wongnai. The breach exposed almost 4M unique customer records from some time during 2020 along with names, phone numbers, links to social media profiles and passwords stored as MD5 hashes. The data was self-submitted to HIBP by Wongnai.The data was provided to Incognito by HIBP via Wongnai.

James – 1,541,284 breached accounts

In June 2020, 14 previously undisclosed data breaches appeared for sale including the Brazilian delivery service, “James”. The breach occurred in March 2020 and exposed 1.5M unique email addresses, customer locations expressed in longitude and latitude and passwords stored as bcrypt hashes.

Please take the following actions if you have ever used one of these services

  • Change your password right away and never use the same password twice (see my article on credential stuffing below)
  • Send an email to them and let them know that you are aware of the breach and ask them to provide you with Identity protection and credit Monitoring services.

Please let me know if you need any help in relation to this.

Max Roberts,
Incognito Privacy Care