ShellCodeX Breach Report
MDPI Data Breach
mdpi.com
Verified breach
Accounts exposed
845,012
Breach date
30 Aug 2016
Added to tracker
25 Mar 2018
Data classes
4
What happened
In August 2016, the Swiss scholarly open access publisher known as MDPI had 17.5GB of data obtained from an unprotected Mongo DB instance. The data contained email exchanges between MDPI and their authors and reviewers which included 845k unique email addresses. MDPI have confirmed that the system has since been protected and that no data of a sensitive nature was impacted. As such, they concluded that notification to their subscribers was not necessary due to the fact that all their authors and reviewers are available online on their website.
Exposed data
Email addresses
Email messages
IP addresses
Names
Recommended actions
- Watch for targeted phishing emails referencing MDPI โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP