ShellCodeX Breach Report
The Halloween Spot Data Breach
thehalloweenspot.com
Verified breach
Accounts exposed
10,653
Breach date
27 Sep 2019
Added to tracker
16 Mar 2020
Data classes
6
What happened
In September 2019, the Halloween costume store The Halloween Spot suffered a data breach. Originally misattributed to fancy dress store Smiffys, the breach contained 13GB of data with over 10k unique email addresses alongside names, physical and IP addresses, phone numbers and order histories. The Halloween Spot advised customers the breach was traced back to "an old shipping information database".
Exposed data
Email addresses
IP addresses
Names
Phone numbers
Physical addresses
Purchases
Recommended actions
- Watch for targeted phishing emails referencing The Halloween Spot โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP