ShellCodeX Breach Report
Polish Credentials Data Breach
Verified breach
Passwords exposed
Accounts exposed
1,204,870
Breach date
29 May 2023
Added to tracker
30 May 2023
Data classes
2
What happened
In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum. Likely obtained by malware running on victims' machines, each record included an email address and plain text password alongside the website the credentials were used on. The data included 1.2M unique email addresses.
Exposed data
Email addresses
Passwords
Recommended actions
- Change your Polish Credentials password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Polish Credentials โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP