ShellCodeX Breach Report
Speedio Data Breach
speedio.com.br
Unverified
Accounts exposed
27,501,041
Breach date
24 Dec 2024
Added to tracker
30 Jan 2025
Data classes
4
What happened
In December 2024, data alleged to have been taken from the Brazilian lead generation platform Speedio was posted for sale to a popular hacking forum. The data was allegedly obtained from an unsecured Elasticsearch instance and contained over 62M records of largely public business information including company names, phone numbers and physical addresses, along with 27M unique email addresses, predominantly from public services such as Gmail and Outlook. Speedio did not respond to multiple attempts to disclose the incident, and the origin of the data could not be independently verified.
Exposed data
Company names
Email addresses
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing Speedio โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP