ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Badoo Data Breach

badoo.com
Massive exposure
Unverified Sensitive Passwords exposed
Accounts exposed 112,005,531
Breach date 01 Jun 2013
Added to tracker 06 Jul 2016
Data classes 6

What happened

In June 2016, a data breach allegedly originating from the social website Badoo was found to be circulating amongst traders. Likely obtained several years earlier, the data contained 112 million unique email addresses with personal data including names, birthdates and passwords stored as MD5 hashes. Whilst there are many indicators suggesting Badoo did indeed suffer a data breach, the legitimacy of the data could not be emphatically proven so this breach has been categorised as "unverified".

Exposed data

Dates of birth Email addresses Genders Names Passwords Usernames

Recommended actions

  • Change your Badoo password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Badoo — attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP