ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

NapsGear Data Breach

napsgear.org
Limited exposure
Verified breach Sensitive Passwords exposed
Accounts exposed 287,071
Breach date 21 Oct 2015
Added to tracker 10 Sep 2018
Data classes 8

What happened

In October 2015, the anabolic steroids retailer NapsGear suffered a data breach. An extensive amount of personal information on 287k customers was exposed including email addresses, names, addresses, phone numbers, purchase histories and salted MD5 password hashes.

Exposed data

Dates of birth Email addresses Genders Names Passwords Phone numbers Physical addresses Purchases

Recommended actions

  • Change your NapsGear password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing NapsGear — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP