ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

FaceUP Data Breach

faceup.dk
Limited exposure
Verified breach Passwords exposed
Accounts exposed 87,633
Breach date 01 Jan 2013
Added to tracker 13 Jan 2019
Data classes 7

What happened

In 2013, the Danish social media site FaceUP suffered a data breach. The incident exposed 87k unique email addresses alongside genders, dates of birth, names, phone numbers and passwords stored as unsalted MD5 hashes. When notified of the incident, FaceUP advised they had identified a SQL injection vulnerability at the time and forced password resets on impacted customers.

Exposed data

Dates of birth Email addresses Genders Names Passwords Phone numbers Usernames

Recommended actions

  • Change your FaceUP password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing FaceUP — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP