ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Operation Endgame 3.0 Data Breach

Significant exposure
Verified breach Malware sourced Passwords exposed
Accounts exposed 2,046,030
Breach date 13 Nov 2025
Added to tracker 13 Nov 2025
Data classes 2

What happened

Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol's headquarters in The Hague. The actions targeted one of the biggest infostealer Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities took down these three large cybercrime enablers and provided 2 million impacted email addresses and 7.4 million passwords to HIBP.

Exposed data

Email addresses Passwords

Recommended actions

  • Change your Operation Endgame 3.0 password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Operation Endgame 3.0 โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP