ShellCodeX Breach Report
ColoCrossing Data Breach
colocrossing.com
Verified breach
Passwords exposed
Accounts exposed
7,183
Breach date
24 May 2025
Added to tracker
03 Jun 2025
Data classes
3
What happened
In May 2025, hosting provider ColoCrossing identified a data breach that impacted customers of their ColoCloud virtual server product. ColoCrossing advised the incident was isolated to their cloud/VPS platform and stemmed from a single sign-on vulnerability. 7k email addresses were exposed in the incident along with names and MD5-Crypt password hashes.
Exposed data
Email addresses
Names
Passwords
Recommended actions
- Change your ColoCrossing password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing ColoCrossing โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP