Public breachBreachXposedOrNot· 1 Aug 2021

DatPiff

Domain: datpiff.com

What happened

DatPiff, a mixtape hosting service, suffered a data breach that was publicly revealed in 2021. The breach exposed 7.5 million member records, including email addresses, usernames, passwords, and security questions. The passwords, hashed using the outdated and insecure MD5 algorithm, were later dehashed and made available in plain text. The breach is believed to have occurred via a website vulnerability scanner that allowed threat actors access to an old server with database backup.

Breach facts

Records exposed: 7,623,353
Sensitive: No
Industry: Music
Data exposed: UsernamesEmail addressesPasswordsSecurity questions and answers

Check my email →← All breaches

This page summarises publicly reported breach metadata for awareness. For account recovery or incident response, use the official guidance from the affected service.

Breach data provided by XposedOrNot.