ShellCodeX Breach Report
ixigo Data Breach
ixigo.com
Verified breach
Passwords exposed
Accounts exposed
17,204,697
Breach date
03 Jan 2019
Added to tracker
17 Mar 2019
Data classes
10
What happened
In January 2019, the travel and hotel booking site ixigo suffered a data breach. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers, connections to Facebook profiles and passwords stored as MD5 hashes.
Exposed data
Auth tokens
Device information
Email addresses
Genders
Names
Passwords
Phone numbers
Salutations
Social media profiles
Usernames
Recommended actions
- Change your ixigo password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing ixigo โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP