ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

TrueFire Data Breach

truefire.com
Limited exposure
Verified breach Passwords exposed
Accounts exposed 599,667
Breach date 21 Feb 2020
Added to tracker 02 Aug 2020
Data classes 8

What happened

In February 2020, the guitar tuition website TrueFire suffered a data breach which impacted 600k members. The breach exposed extensive personal information including names, email and physical addresses, account balances and unsalted MD5 password hashes. The data was provided to HIBP by dehashed.com.

Exposed data

Account balances Dates of birth Email addresses Names Passwords Phone numbers Physical addresses Usernames

Recommended actions

  • Change your TrueFire password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing TrueFire โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP