ShellCodeX Breach Report
Creams Cafe Data Breach
creamscafe.com
Verified breach
Accounts exposed
159,652
Breach date
01 May 2025
Added to tracker
23 Jul 2025
Data classes
4
What happened
In May 2025, 160k records of customer data was allegedly obtained from Creams Cafe, "the UK's favourite dessert parlour". The data included email and physical addresses, names and phone numbers. Creams Cafe did not respond to repeated attempts to disclose the incident, however multiple impacted HIBP subscribers confirmed the legitimacy and accuracy of the data.
Exposed data
Email addresses
Names
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing Creams Cafe โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP