ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Cross Fire Data Breach

cfire.mail.ru
Major exposure
Verified breach Passwords exposed
Accounts exposed 12,865,609
Breach date 08 Aug 2016
Added to tracker 28 Dec 2016
Data classes 3

What happened

In August 2016, the Russian gaming forum known as Cross Fire (or cfire.mail.ru) was hacked along with a number of other forums on the Russian mail provider, mail.ru. The vBulletin forum contained 12.8 million accounts including usernames, email addresses and passwords stored as salted MD5 hashes.

Exposed data

Email addresses Passwords Usernames

Recommended actions

  • Change your Cross Fire password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Cross Fire โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP