ShellCodeX Breach Report
Gaadi Data Breach
gaadi.com
Verified breach
Passwords exposed
Accounts exposed
4,261,179
Breach date
14 May 2015
Added to tracker
01 Jul 2018
Data classes
8
What happened
In May 2015, the Indian motoring website known as Gaadi had 4.3 million records exposed in a data breach. The data contained usernames, email and IP addresses, genders, the city of users as well as passwords stored in both plain text and as MD5 hashes. The site was previously reported as compromised on the Vigilante.pw breached database directory.
Exposed data
Email addresses
Genders
Geographic locations
IP addresses
Names
Passwords
Phone numbers
Usernames
Recommended actions
- Change your Gaadi password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Gaadi — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP