ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

ixigo Data Breach

ixigo.com
Major exposure
Verified breach Passwords exposed
Accounts exposed 17,204,697
Breach date 03 Jan 2019
Added to tracker 17 Mar 2019
Data classes 10

What happened

In January 2019, the travel and hotel booking site ixigo suffered a data breach. The data appeared for sale on a dark web marketplace the following month and included over 17M unique email addresses alongside names, genders, phone numbers, connections to Facebook profiles and passwords stored as MD5 hashes.

Exposed data

Auth tokens Device information Email addresses Genders Names Passwords Phone numbers Salutations Social media profiles Usernames

Recommended actions

  • Change your ixigo password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing ixigo โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP