ShellCodeX Breach Report
Staminus Data Breach
staminus.net
Verified breach
Passwords exposed
Accounts exposed
26,815
Breach date
11 Mar 2016
Added to tracker
05 Oct 2017
Data classes
6
What happened
In March 2016, the DDoS protection service Staminus was "massively hacked" resulting in an outage of more than 20 hours and the disclosure of customer credentials (with unsalted MD5 hashes), support tickets, credit card numbers and other sensitive data. 27k unique email addresses were found in the data which was subsequently released to the public. Staminus is no longer in operation.
Exposed data
Credit cards
Email addresses
IP addresses
Passwords
Support tickets
Usernames
Recommended actions
- Change your Staminus password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Staminus โ attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP