ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Storenvy Data Breach

storenvy.com
Major exposure
Verified breach Passwords exposed
Accounts exposed 11,052,071
Breach date 04 Apr 2019
Added to tracker 16 Feb 2025
Data classes 7

What happened

In mid-2019, the e-commerce website Storenvy suffered a data breach that exposed millions of customer records. A portion of the breached records were subsequently posted to a hacking forum with cracked password hashes, whilst the entire corpus of 23M rows was put up for sale. The data contained 11M unique email addresses alongside usernames, IP addresses, the user's city, gender date of birth and original salted SHA-1 password hash.

Exposed data

Dates of birth Email addresses Genders Geographic locations IP addresses Passwords Usernames

Recommended actions

  • Change your Storenvy password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Storenvy — attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP