ShellCodeX Breach Report
Qakbot Data Breach
Verified breach
Sensitive
Malware sourced
Passwords exposed
Accounts exposed
6,431,319
Breach date
29 Aug 2023
Added to tracker
29 Aug 2023
Data classes
2
What happened
In August 2023, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. After the takedown, 6.43M email addresses were provided to HIBP to help notify victims of the malware.
Exposed data
Email addresses
Passwords
Recommended actions
- Change your Qakbot password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Qakbot โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP