The Loozap leak indexed by leaksear.ch contains 6,895,067 records tied to the online classifieds platform, with a breach date recorded as March 1, 2026 (leaksear.ch metadata). Public company and profile materials describe Loozap/Listings360 as a classifieds and eCommerce marketplace for buying and selling goods and services across African markets (ch.linkedin.com, www.abnewswire.com).
What happened
Public breach-tracking sources show a Loozap leak circulating in 2026, but they do not agree on the scale. DataBreach lists a Loozap breach dated March 1, 2026 with 34,250 rows, while LeakRadar lists a file named loozap.com.tar.gz.zip indexed on March 1, 2026 with a much larger count; Brinztech separately described an alleged 10GB Loozap database leak (databreach.com, leakradar.io, www.brinztech.com).
Because the public reports conflict, the leaksear.ch article uses the indexed leaksear.ch count for this source and treats the external reports as context rather than confirmation of a single definitive total (leaksear.ch metadata). The supplied metadata and loaded public sources do not confirm the initial intrusion method, and there is no substantiated public evidence in these sources identifying the cause as ransomware, scraping, misconfigured storage or exploitation of a specific vulnerability.
Brinztech reported that the alleged data dump was in SQL INSERT statement form, which is consistent with a database dump claim, but that report also framed the incident as an allegation rather than a company-confirmed disclosure (www.brinztech.com).
What data was exposed
The leaksear.ch index lists the following searchable fields for this source: address, country, date of birth, email address, hashed password, IP address, name, phone number and username (leaksear.ch metadata).
Additional stored fields in the indexed records include account and profile metadata, registration and login timestamps, verification-related tokens or codes, language and time zone settings, location coordinates, profile images, social profile fields, biography details, school and work fields, wallet or balance-related application fields, and salts (leaksear.ch metadata). These additional fields are stored on records but are not listed as direct search pivots on leaksear.ch.
Why this matters
The combination of names, emails, phone numbers, addresses and dates of birth can support convincing phishing, social engineering and identity-verification abuse. Hashed passwords and salts raise credential risk if users reused weak passwords on Loozap or elsewhere, while usernames and emails can be used for credential stuffing attempts against other services. IP addresses, country values and profile-related fields also give attackers more context for localized scams or impersonation attempts.
Check your exposure
Vetted researchers and incident-response teams can request access or sign in if they already have access to check this dataset. Searchable pivots for this leak include address, country, date of birth, email, hashed password, ip address, name, phone, and username.