ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

123RF Data Breach

123rf.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 8,661,578
Breach date 22 Mar 2020
Added to tracker 15 Nov 2020
Data classes 7

What happened

In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was provided to HIBP by dehashed.com.

Exposed data

Email addresses IP addresses Names Passwords Phone numbers Physical addresses Usernames

Recommended actions

  • Change your 123RF password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing 123RF โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP