ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Appartoo Data Breach

appartoo.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 49,681
Breach date 25 Mar 2017
Added to tracker 02 May 2019
Data classes 12

What happened

In March 2017, the French Flatsharing site known as Appartoo suffered a data breach. The incident exposed an extensive amount of personal information on almost 50k members including email addresses, genders, ages, private messages sent between users of the service and passwords stored as SHA-256 hashes. Appartoo advised that all subscribers were notified of the incident in early 2017.

Exposed data

Ages Auth tokens Email addresses Employment statuses Genders IP addresses Marital statuses Names Passwords Physical addresses Private messages Social media profiles

Recommended actions

  • Change your Appartoo password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Appartoo โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP