ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Digimon Data Breach

digimon.co.in
Significant exposure
Verified breach Spam list
Accounts exposed 7,687,679
Breach date 05 Sep 2016
Added to tracker 28 Sep 2018
Data classes 4

What happened

In September 2016, over 16GB of logs from a service indicated to be digimon.co.in were obtained, most likely from an unprotected Mongo DB instance. The service ceased running shortly afterwards and no information remains about the precise nature of it. Based on enquiries made via Twitter, it appears to have been a mail service possibly based on PowerMTA and used for delivering spam. The logs contained information including 7.7M unique email recipients (names and addresses), mail server IP addresses, email subjects and tracking information including mail opens and clicks.

Exposed data

Email addresses Email messages IP addresses Names

Recommended actions

  • Watch for targeted phishing emails referencing Digimon โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP