ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Qakbot Data Breach

Significant exposure
Verified breach Sensitive Malware sourced Passwords exposed
Accounts exposed 6,431,319
Breach date 29 Aug 2023
Added to tracker 29 Aug 2023
Data classes 2

What happened

In August 2023, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. After the takedown, 6.43M email addresses were provided to HIBP to help notify victims of the malware.

Exposed data

Email addresses Passwords

Recommended actions

  • Change your Qakbot password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Qakbot โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP