ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

SuperDraft Data Breach

superdraft.io
Limited exposure
Verified breach Passwords exposed
Accounts exposed 300,187
Breach date 27 Oct 2024
Added to tracker 12 Jan 2025
Data classes 7

What happened

In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, purchases, latitudes and longitudes, dates of birth and bcrypt password hashes.

Exposed data

Dates of birth Email addresses Geographic locations Latitude and longitude pairs Passwords Purchases Usernames

Recommended actions

  • Change your SuperDraft password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing SuperDraft — attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP