ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

TheGradCafe Data Breach

thegradcafe.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 310,975
Breach date 26 Feb 2023
Added to tracker 24 Mar 2023
Data classes 9

What happened

In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.

Exposed data

Email addresses Genders Geographic locations IP addresses Names Passwords Phone numbers Physical addresses Usernames

Recommended actions

  • Change your TheGradCafe password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing TheGradCafe — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP