ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Staminus Data Breach

staminus.net
Limited exposure
Verified breach Passwords exposed
Accounts exposed 26,815
Breach date 11 Mar 2016
Added to tracker 05 Oct 2017
Data classes 6

What happened

In March 2016, the DDoS protection service Staminus was "massively hacked" resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data. 27k unique email addresses were found in the data which was subsequently released to the public. Staminus is no longer in operation.

Exposed data

Credit cards Email addresses IP addresses Passwords Support tickets Usernames

Recommended actions

  • Change your Staminus password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Staminus โ€” attackers weaponise breach data quickly.
  • Monitor your bank and card statements closely and consider requesting a card replacement.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP