ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

MC2 Data Data Breach

Significant exposure
Verified breach Passwords exposed
Accounts exposed 2,122,280
Breach date 18 Aug 2024
Added to tracker 15 Dec 2024
Data classes 3

What happened

In August 2024, data aggregator MC2 Data left a database publicly accessible without a password which was subsequently discovered by a security researcher. The breach exposed the personal information of 2.1M subscribers to the service which was marketed under a series of different brand names. The data included email addresses, names and salted SHA-256 password hashes.

Exposed data

Email addresses Names Passwords

Recommended actions

  • Change your MC2 Data password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing MC2 Data โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP