ShellCodeX Breach Report
SuperDraft Data Breach
superdraft.io
Verified breach
Passwords exposed
Accounts exposed
300,187
Breach date
27 Oct 2024
Added to tracker
12 Jan 2025
Data classes
7
What happened
In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.
Exposed data
Dates of birth
Email addresses
Geographic locations
Latitude and longitude pairs
Passwords
Purchases
Usernames
Recommended actions
- Change your SuperDraft password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing SuperDraft — attackers weaponise breach data quickly.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP