ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Scentbird Data Breach

scentbird.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 5,814,988
Breach date 22 Jun 2020
Added to tracker 30 Jul 2020
Data classes 6

What happened

In June 2020, the online fragrance service Scentbird suffered a data breach that exposed the personal information of over 5.8 million customers. Personal information including names, email addresses, genders, dates of birth, passwords stored as bcrypt hashes and indicators of password strength were all exposed. The data was provided to HIBP by breachbase.pw.

Exposed data

Dates of birth Email addresses Genders Names Password strengths Passwords

Recommended actions

  • Change your Scentbird password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Scentbird — attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP