ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Creams Cafe Data Breach

creamscafe.com
Limited exposure
Verified breach
Accounts exposed 159,652
Breach date 01 May 2025
Added to tracker 23 Jul 2025
Data classes 4

What happened

In May 2025, 160k records of customer data was allegedly obtained from Creams Cafe, "the UK's favourite dessert parlour". The data included email and physical addresses, names and phone numbers. Creams Cafe did not respond to repeated attempts to disclose the incident, however multiple impacted HIBP subscribers confirmed the legitimacy and accuracy of the data.

Exposed data

Email addresses Names Phone numbers Physical addresses

Recommended actions

  • Watch for targeted phishing emails referencing Creams Cafe โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP