ShellCodeX Breach Report
Bonobos Data Breach
bonobos.com
Verified breach
Passwords exposed
Accounts exposed
2,811,929
Breach date
14 Aug 2020
Added to tracker
31 Jan 2021
Data classes
9
What happened
In August 2020, the clothing store Bonobos suffered a data breach that exposed almost 70GB of data containing 2.8 million unique email addresses. The breach also exposed names, physical and IP addresses, phone numbers, order histories and passwords stored as salted SHA-512 hashes, including historical passwords. The breach also exposed partial credit card data including card type, the name on the card, expiry date and the last 4 digits of the card. The data was provided to HIBP by dehashed.com.
Exposed data
Email addresses
Historical passwords
IP addresses
Names
Partial credit card data
Passwords
Phone numbers
Physical addresses
Purchases
Recommended actions
- Change your Bonobos password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Bonobos โ attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP