ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

The Halloween Spot Data Breach

thehalloweenspot.com
Limited exposure
Verified breach
Accounts exposed 10,653
Breach date 27 Sep 2019
Added to tracker 16 Mar 2020
Data classes 6

What happened

In September 2019, the Halloween costume store The Halloween Spot suffered a data breach. Originally misattributed to fancy dress store Smiffys, the breach contained 13GB of data with over 10k unique email addresses alongside names, physical and IP addresses, phone numbers and order histories. The Halloween Spot advised customers the breach was traced back to "an old shipping information database".

Exposed data

Email addresses IP addresses Names Phone numbers Physical addresses Purchases

Recommended actions

  • Watch for targeted phishing emails referencing The Halloween Spot โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP