ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

QuestionPro Data Breach

questionpro.com
Major exposure
Verified breach
Accounts exposed 22,229,637
Breach date 21 May 2022
Added to tracker 05 Aug 2022
Data classes 4

What happened

In May 2022, the survey website QuestionPro was the target of an extortion attempt relating to an alleged data breach. Over 100GB of data containing 22M unique email addresses (some of which appear to be generated by the platform), are alleged to have been extracted from the service along with IP addresses, browser user agents and results relating to surveys. QuestionPro would not confirm whether a breach had occurred (although they did confirm they were the target of an extortion attempt), so the data was initially flagged as "unverified". Subsequent verification by impacted HIBP subscribers later led to the removal of the unverified flag.

Exposed data

Browser user agent details Email addresses IP addresses Survey results

Recommended actions

  • Watch for targeted phishing emails referencing QuestionPro โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP