ShellCodeX Breach Report
MyFHA Data Breach
myfha.net
Verified breach
Passwords exposed
Accounts exposed
972,629
Breach date
18 Feb 2015
Added to tracker
09 Aug 2018
Data classes
9
What happened
In approximately February 2015, the home financing website MyFHA suffered a data breach which disclosed the personal information of nearly 1 million people. The data included extensive personal information relating to home financing including personal contact info, credit statuses, household incomes, loan amounts and notes on personal circumstances, often referring to legal issues, divorces and health conditions. Multiple parties contacted HIBP with the data after which MyFHA was alerted in mid-July and acknowledged the legitimacy of the breach then took the site offline.
Exposed data
Credit status information
Email addresses
Income levels
IP addresses
Loan information
Names
Passwords
Personal descriptions
Physical addresses
Recommended actions
- Change your MyFHA password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing MyFHA โ attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP