ShellCodeX Breach Report
DaFont Data Breach
dafont.com
Verified breach
Passwords exposed
Accounts exposed
637,340
Breach date
16 May 2017
Added to tracker
18 May 2017
Data classes
3
What happened
In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.
Exposed data
Email addresses
Passwords
Usernames
Recommended actions
- Change your DaFont password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing DaFont โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP