ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

CyberServe Data Breach

cyberserve.co.il
Significant exposure
Verified breach Sensitive Passwords exposed
Accounts exposed 1,107,034
Breach date 29 Oct 2021
Added to tracker 04 Nov 2021
Data classes 19

What happened

In October 2021, the Israeli hosting provider CyberServe was breached and ransomed before having a substantial amount of their customer data leaked publicly by a group known as "Black Shadow". Amongst the data was the LGBTQ dating site Atraf and the Machon Mor medical institute. Due to multiple different sites being compromised, the impacted data is broad and ranges from relationship information to medical data to email addresses and passwords stored in plain text. The data was made available to HIBP with support from May Brooks-Kempler, founder of the Think Safe Cyber community in Israel.

Exposed data

Dates of birth Drinking habits Email addresses Family structure Genders Geographic locations HIV statuses IP addresses Names Passwords Personal health data Phone numbers Physical attributes Private messages Profile photos Religions Sexual orientations Smoking habits Usernames

Recommended actions

  • Change your CyberServe password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing CyberServe — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP