ShellCodeX Breach Report
SaverSpy Data Breach
Verified breach
Sensitive
Spam list
Accounts exposed
2,457,420
Breach date
18 Sep 2018
Added to tracker
25 Sep 2018
Data classes
4
What happened
In September 2018, security researcher Bob Diachenko discovered a massive collection of personal details exposed in an unprotected Mongo DB instance. The data appears to have been used in marketing campaigns (possibly for spam purposes) but had little identifying data about it other than a description of "Yahoo_090618_ SaverSpy". The data set provided to HIBP had almost 2.5M unique email addresses (all of which were from Yahoo!) alongside names, genders and physical addresses.
Exposed data
Email addresses
Genders
Names
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing SaverSpy โ attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP