ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

SurveyLama Data Breach

surveylama.com
Significant exposure
Verified breach Passwords exposed
Accounts exposed 4,426,879
Breach date 01 Feb 2024
Added to tracker 02 Apr 2024
Data classes 7

What happened

In February 2024, the paid survey website SurveyLama suffered a data breach that exposed 4.4M customer email addresses. The incident also exposed names, physical and IP addresses, phone numbers, dates of birth and passwords stored as either salted SHA-1, bcrypt or argon2 hashes. When contacted about the incident, SurveyLama advised that they had already "notified the users by email".

Exposed data

Dates of birth Email addresses IP addresses Names Passwords Phone numbers Physical addresses

Recommended actions

  • Change your SurveyLama password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing SurveyLama โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP