ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Smogon Data Breach

smogon.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 386,489
Breach date 10 Sep 2017
Added to tracker 11 Apr 2018
Data classes 6

What happened

In April 2018, the Pokémon website known as Smogon announced they'd suffered a data breach. The breach dated back to September 2017 and affected their XenForo based forum. The exposed data included usernames, email addresses, genders and both bcrypt and MD5 password hashes.

Exposed data

Email addresses Genders Geographic locations Passwords Usernames Website activity

Recommended actions

  • Change your Smogon password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Smogon — attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP