ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

DaFont Data Breach

dafont.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 637,340
Breach date 16 May 2017
Added to tracker 18 May 2017
Data classes 3

What happened

In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.

Exposed data

Email addresses Passwords Usernames

Recommended actions

  • Change your DaFont password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing DaFont โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP