ShellCodeX Breach Report
SongTrivia2 Data Breach
songtrivia2.io
Verified breach
Passwords exposed
Accounts exposed
291,739
Breach date
02 Apr 2026
Added to tracker
04 Apr 2026
Data classes
6
What happened
In April 2026, the music trivia platform SongTrivia2 suffered a data breach that was subsequently published to a public hacking forum. The data contained a total of 291k unique email addresses sourced from either Google OAuth logins or accounts created on the site, the latter also containing bcrypt password hashes. The data also included names, usernames and avatars.
Exposed data
Auth tokens
Avatars
Email addresses
Names
Passwords
Usernames
Recommended actions
- Change your SongTrivia2 password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing SongTrivia2 โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP