Threat intel

What's happening in cyber, in plain English

We pull from NCSC, CISA, Have I Been Pwned and the NVD every six hours, then summarise each item into what it is, who it affects, and what you can do about it.

SeverityAll Critical High Medium Low Info

KindAll Alert Data breach Vulnerability Advisory Report

SourceAll CISA — Known Exploited Vulnerabilities (1583)NVD — high/critical CVEs (rolling 7d) (1233)Have I Been Pwned — public breach catalog (973)Microsoft MSRC — security update guide (99)Cisco PSIRT — security advisories (52)CISA — cybersecurity advisories (40)FCA — UK unauthorised firms & scam warnings (36)NCSC — news & alerts (15)NCSC — weekly threat report (0)ICO — UK data-breach trends (manual) (0)Action Fraud — UK fraud and cybercrime alerts (0)

LowBreachHave I Been Pwned — public breach catalog· 10 Feb 2026· summary pending
Toy Battles — 1K accounts
In February 2026, the online gaming community Toy Battles suffered a data breach. The incident exposed 1k unique email addresses alongside usernames, IP addresses and chat logs. Following the breach, Toy Battles self-submitted the data to Have I Been Pwned.
LowBreachHave I Been Pwned — public breach catalog· 10 Feb 2026· summary pending
Association Nationale des Premiers Secours — 6K accounts
In January 2026, a data breach impacting the French non-profit Association Nationale des Premiers Secours (ANPS) was posted to a hacking forum . The breach exposed 5.6k unique email addresses along with names, dates of birth and places of birth. ANPS self-subm
LowBreachHave I Been Pwned — public breach catalog· 18 Dec 2025· summary pending
The Botting Network — 96K accounts
In August 2012, the forum for making money with botting "The Botting Network" suffered a data breach that exposed 96k user records . The now defunct vBulletin forum leaked 96k email addresses, usernames, dates of birth and salted MD5 password hashes.
LowBreachHave I Been Pwned — public breach catalog· 20 Nov 2025· summary pending
Eurofiber — 10K accounts
In November 2025, Eurofiber France disclosed a data breach of its ticket management platform . Data containing 10k unique email addresses and a smaller number of names and phone numbers was subsequently leaked. A threat actor claiming responsibility for the br
LowBreachHave I Been Pwned — public breach catalog· 4 Oct 2025· summary pending
Artists&Clients — 95K accounts
In August 2025, the "marketplace that connects artists to prospective clients" Artists&Clients, suffered a data breach and subsequent ransom demand of US$50k . The data was subsequently leaked publicly and included 95k unique email addresses alongside username
LowBreachHave I Been Pwned — public breach catalog· 31 Jul 2025· summary pending
Pi-hole — 30K accounts
In July 2025, a vulnerability in the GiveWP WordPress plugin exposed the names and email addresses of approximately 30k donors to the Pi-hole network-wide ad blocking project . Pi-hole subsequently self-submitted the list of impacted donors to HIBP.
LowBreachHave I Been Pwned — public breach catalog· 15 Jul 2025· summary pending
MaReads — 74K accounts
In June 2025, MaReads, the website for readers and writers of Thai-language fiction and comics suffered a data breach that exposed 74k records. The breach included usernames, email addresses, phone numbers and dates of birth. MaReads is aware of the breach.
LowBreachHave I Been Pwned — public breach catalog· 25 Jun 2025· summary pending
Have Fun Teaching — 27K accounts
In August 2021, the teaching resources website Have Fun Teaching suffered a data breach that leaked 80k WooCommerce transactions which were later posted to a popular hacking forum. The data contained 27k unique email addresses along with physical and IP addres
LowBreachHave I Been Pwned — public breach catalog· 3 Jun 2025· summary pending
ColoCrossing — 7K accounts
In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product . ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability.
LowBreachHave I Been Pwned — public breach catalog· 1 May 2025· summary pending
TehetségKapu — 54K accounts
In March 2025, almost 55k records were breached from the Hungarian education office website TehetségKapu . The data was subsequently published to a popular hacking forum and included email addresses, names and usernames.
LowBreachHave I Been Pwned — public breach catalog· 25 Mar 2025· summary pending
Troy Hunt's Mailchimp List — 17K accounts
In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog . The exported list contained 16k email addresses and other data
LowBreachHave I Been Pwned — public breach catalog· 2 Mar 2025· summary pending
Flat Earth Sun, Moon and Zodiac App — 33K accounts
In October 2024, the flat earth sun, moon and zodiac app created by Flat Earth Dave was found to be leaking extensive personal information of its users . The data included 33k unique email addresses along with usernames, latitudes and longitudes (their positio
LowBreachHave I Been Pwned — public breach catalog· 10 Feb 2025· summary pending
Adopt Me Trading Values — 86K accounts
In July 2022, the Adopt Me Trading Values website for assessing the value of pet trades within the "Adopt Me!" Roblox game suffered a data breach that was later redistributed as part of a larger corpus of data . The breach exposed 86k unique email addresses al
LowBreachHave I Been Pwned — public breach catalog· 6 Feb 2025· summary pending
Hakko Corporation — 10K accounts
In March 2019, the Japanese solder-related business Hakko Corporation suffered a data breach . The incident exposed almost 10k customer records including email and physical addresses, phone numbers, names, usernames, genders, dates of birth and plain text pass
LowBreachHave I Been Pwned — public breach catalog· 4 Feb 2025· summary pending
PoinCampus — 89K accounts
In November 2024, the South Korean education platform PoinCampus suffered a data breach which was later published to a popular hacking forum . The data included 89k unique email addresses, names and a small number of phone numbers and dates of birth.
LowBreachHave I Been Pwned — public breach catalog· 22 Jan 2025· summary pending
Frame & Optic — 16K accounts
In January 2025, the eyewear seller Frame & Optic suffered a data breach . The incident exposed almost 16k unique email addresses along with names, phone numbers and geolocation data including country, state and postcode.
LowBreachHave I Been Pwned — public breach catalog· 16 Jan 2025· summary pending
Le Coq Sportif Columbia — 80K accounts
In January 2025, a data breach from the Columbian website for Le Coq Sportif was posted to a popular hacking forum . The data included almost 80k unique email addresses with the breach dating back to May 2023. Impacted data included physical and IP addresses,
LowBreachHave I Been Pwned — public breach catalog· 19 Dec 2024· summary pending
BitView — 63K accounts
In December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records . Attributed to a backup taken by a previous administrator earlier in the year, the breach exposed email and IP addresses, bcrypt password hashes, us
LowBreachHave I Been Pwned — public breach catalog· 14 Dec 2024· summary pending
Yonéma — 36K accounts
In November 2024, data from the Senegalese payment platform Yonéma was posted to a popular hacking forum . The data included 36k unique email addresses alongside phone numbers, names and what appears to be encrypted passwords and dates of birth.
LowBreachHave I Been Pwned — public breach catalog· 14 Dec 2024· summary pending
Tibber — 50K accounts
In November 2024, the German electricity provider Tibber suffered a data breach that exposed the personal information of 50k customers . The data included names, email addresses, geographic locations (city and postcode) and total spend on purchases.
LowBreachHave I Been Pwned — public breach catalog· 26 Oct 2024· summary pending
The Club Penguin Experience — 6K accounts
In October 2024, The Club Penguin Experience (TCPE) suffered a data breach . The incident exposed over 6k subscribers' email addresses alongside usernames, age groups, passwords stored as bcrypt hashes and in some cases, plain text password hints. TCPE sent pr
LowBreachHave I Been Pwned — public breach catalog· 5 Oct 2024· summary pending
Switch — 5K accounts
In October 2024, the Hungarian IT headhunting service Switch inadvertently exposed thousands of customer records via a public GitHub repository . The exposed data contained job applications with names, email addresses and in some cases, commentary on the appli
LowBreachHave I Been Pwned — public breach catalog· 1 Sept 2024· summary pending
Market Moveis — 28K accounts
In August 2023, the Portuguese home decor company Market Moveis suffered a data breach that impacted 28k records. The exposed records were limited to names and email addresses.
LowBreachHave I Been Pwned — public breach catalog· 13 Aug 2024· summary pending
Chris Leong — 27K accounts
In August 2024, the website of Master Chris Leong "a leading Tit Tar practitioner in Malaysia" suffered a data breach . The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many cas
LowBreachHave I Been Pwned — public breach catalog· 5 Aug 2024· summary pending
Shoe Zone — 46K accounts
In June 2024, the UK footwear chain Shoe Zone disclosed a data breach that was subsequently posted for sale on a popular hacking forum . The data included over 100k orders containing names, addresses, partial credit card numbers (card type and last 4 digits),
LowBreachHave I Been Pwned — public breach catalog· 10 Jul 2024· summary pending
The Heritage Foundation — 72K accounts
In July 2024, hacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal . The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the c
LowBreachHave I Been Pwned — public breach catalog· 7 Jul 2024· summary pending
Husky Owners — 17K accounts
In July 2024, the Husky Owners forum website was defaced and linked to a breach of user data containing 16k records. The exposed data included usernames, email addresses, dates of birth and time zones.
LowBreachHave I Been Pwned — public breach catalog· 6 Jul 2024· summary pending
FNTECH — 10K accounts
In July 2024, the events management platform FNTECH suffered a data breach that exposed 10k unique email addresses. The data contained registrants from various events, including participants of the Roblox Developer Conference registration list . The data also
LowBreachHave I Been Pwned — public breach catalog· 9 May 2024· summary pending
Tappware — 95K accounts
In April 2024, a substantial volume of data was taken from the Bangladeshi IT services provider Tappware and published to a popular hacking forum . Comprising of 95k unique email addresses, the data also included extensive labour information on local citizens
LowBreachHave I Been Pwned — public breach catalog· 22 Apr 2024· summary pending
T2 — 95K accounts
In April 2024, 95k records from the T2 tea store were posted to a popular hacking forum . Data included email and physical addresses, names, phone numbers, dates of birth, purchases and passwords stored as scrypt hashes.

Sources are pulled directly from each provider's public feed and never modified. AI summaries are produced for plain-English readability and are clearly labelled — always follow the source link for the authoritative advisory.