ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Troy Hunt's Mailchimp List Data Breach

troyhunt.com
Limited exposure
Verified breach
Accounts exposed 16,627
Breach date 25 Mar 2025
Added to tracker 25 Mar 2025
Data classes 4

What happened

In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog. The exported list contained 16k email addresses and other data automatically collected by Mailchimp including IP address and a derived latitude, longitude and time zone.

Exposed data

Email addresses Geographic locations IP addresses Latitude and longitude pairs

Recommended actions

  • Watch for targeted phishing emails referencing Troy Hunt's Mailchimp List โ€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP