ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Elance Data Breach

elance.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 1,291,178
Breach date 01 Jan 2009
Added to tracker 18 Feb 2017
Data classes 6

What happened

Sometime in 2009, staffing platform Elance suffered a data breach that impacted 1.3 million accounts. Appearing online 8 years later, the data contained usernames, email addresses, phone numbers and SHA1 hashes of passwords, amongst other personal data.

Exposed data

Email addresses Employers Geographic locations Passwords Phone numbers Usernames

Recommended actions

  • Change your Elance password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Elance — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP