ShellCodeX Breach Report
Operation Endgame 3.0 Data Breach
Verified breach
Malware sourced
Passwords exposed
Accounts exposed
2,046,030
Breach date
13 Nov 2025
Added to tracker
13 Nov 2025
Data classes
2
What happened
Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities took down these three large cybercrime enablers and provided 2 million impacted email addresses and 7.4 million passwords to HIBP.
Exposed data
Email addresses
Passwords
Recommended actions
- Change your Operation Endgame 3.0 password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Operation Endgame 3.0 โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP