ShellCodeX Breach Report
CashCrate Data Breach
cashcrate.com
Verified breach
Passwords exposed
Accounts exposed
6,844,490
Breach date
17 Nov 2016
Added to tracker
20 Apr 2018
Data classes
4
What happened
In June 2017, news broke that CashCrate had suffered a data breach exposing 6.8 million records. The breach of the cash-for-surveys site dated back to November 2016 and exposed names, physical addresses, email addresses and passwords stored in plain text for older accounts along with weak MD5 hashes for newer ones.
Exposed data
Email addresses
Names
Passwords
Physical addresses
Recommended actions
- Change your CashCrate password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing CashCrate โ attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP