A BestCombo/GGBestC credential stuffing list contains about 1.56 million plaintext email and password records advertised for popular gaming and streaming services. The data appears to be an aggregated combolist, not evidence of a direct breach at the named platforms.
A Tout leak indexed by leaksear.ch contains 797,968 records tied to the defunct short-video social network. The data includes emails, usernames, names, IP addresses, profile data, and bcrypt password hashes.
A Tigo dataset indexed by leaksear.ch contains 10.3 million records tied to the video chat and dating platform. The exposed data includes emails, usernames, IP addresses, names, phone numbers, device data, profile photos, and activity metadata.
Dave's 2020 Waydev-linked breach is indexed by leaksear.ch at 7,387,232 records, including contact details, birth dates, encrypted SSNs, and bcrypt password hashes. Public reporting tied the incident to a former third-party provider and a hacker-forum dump.
A Bonobos leak indexed by leaksear.ch contains 1.85 million customer account records tied to the retailer’s 2020 e-commerce backup exposure. The data includes contact details, IP addresses, usernames, and salted SHA-512 password hashes.
A Click.org dataset indexed by leaksear.ch exposes 89,889 account records, including emails, usernames, IP addresses, phone numbers, postal addresses, plaintext passwords, and MD5-hashed passwords. Security teams should treat the credentials and contact data as exposed and review Click.org-linked accounts and integrations.
A Clf09.com (草榴社區) forum leak indexed by leaksear.ch contains roughly 2.5 million records with usernames, email addresses, and hashed passwords. Public records list a Clf09.com leak entry from August 2022, but the intrusion method and official disclosure remain unconfirmed.
A Business Gazeta dataset indexed by leaksear.ch contains 155,663 records tied to account and contact data. The exposed fields include emails, usernames, hashed passwords, names, phone numbers, dates of birth, and IP addresses.
A leaksear.ch index of the CDEK breach contains 7,445 records tied to the Russian courier service, with email addresses and names searchable. Public breach trackers describe the wider March 2022 incident as an unverified leak of CDEK customer contact data attributed to the IT Army collective.