ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

StreetEasy Data Breach

streeteasy.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 988,230
Breach date 28 Jun 2016
Added to tracker 06 Oct 2019
Data classes 4

What happened

In approximately June 2016, the real estate website StreetEasy suffered a data breach. In total, 988k unique email addresses were included in the breach alongside names, usernames and SHA-1 hashes of passwords, all of which appeared for sale on a dark web marketplace in February 2019.

Exposed data

Email addresses Names Passwords Usernames

Recommended actions

  • Change your StreetEasy password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing StreetEasy โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP