ShellCodeX Breach Report
TheGradCafe Data Breach
thegradcafe.com
Verified breach
Passwords exposed
Accounts exposed
310,975
Breach date
26 Feb 2023
Added to tracker
24 Mar 2023
Data classes
9
What happened
In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames, genders, geographic locations and passwords stored as bcrypt hashes. Some records also included physical address, phone number and date of birth. TheGradCafe did not respond to multiple attempts to disclose the breach.
Exposed data
Email addresses
Genders
Geographic locations
IP addresses
Names
Passwords
Phone numbers
Physical addresses
Usernames
Recommended actions
- Change your TheGradCafe password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing TheGradCafe — attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP