ShellCodeX Breach Report
KnownCircle Data Breach
knowncircle.com
Verified breach
Passwords exposed
Accounts exposed
1,957,600
Breach date
12 Apr 2016
Added to tracker
17 Nov 2018
Data classes
7
What happened
In approximately April 2016, the "marketing automation for agents and professional service providers" company KnownCircle had a large volume of data obtained by an external party. The data belonging to the now defunct service appeared in JSON format and contained gigabytes of data related to the real estate and insurance sectors. The personal data in the breach appears to have primarily been used for marketing purposes, including logs of emails sent and tracking of gift cards. A small number of passwords for KnownCircle staff were also present and were stored as bcrypt hashes.
Exposed data
Email addresses
Email messages
Genders
Names
Passwords
Phone numbers
Physical addresses
Recommended actions
- Change your KnownCircle password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing KnownCircle โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP