ShellCodeX Breach Report
Locally Data Breach
locally.com
Verified breach
Passwords exposed
Accounts exposed
362,619
Breach date
01 Oct 2022
Added to tracker
10 Jul 2023
Data classes
6
What happened
In October 2022, "The Industry's Leading Online-to-Offline Shopping Solution" Locally suffered a data breach. Whilst Locally acknowledged the breach privately, it's unknown whether impacted customers were subsequently notified of the incident which exposed over 362k names, phone numbers, email and physical addresses, purchases, credit card type and last four digits and bcrypt password hashes.
Exposed data
Email addresses
Partial credit card data
Passwords
Phone numbers
Physical addresses
Purchases
Recommended actions
- Change your Locally password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Locally — attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP