ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

Vakinha Data Breach

vakinha.com.br
Significant exposure
Verified breach Passwords exposed
Accounts exposed 4,775,203
Breach date 22 Jun 2020
Added to tracker 01 Aug 2020
Data classes 6

What happened

In June 2020, the Brazilian fund raising service Vakinha suffered a data breach which impacted almost 4.8 million members. The exposed data included email addresses, names, phone numbers, geographic locations and passwords stored as bcrypt hashes, all of which was subsequently shared extensively throughout online hacking communities. The data was provided to HIBP by dehashed.com.

Exposed data

Dates of birth Email addresses IP addresses Names Passwords Phone numbers

Recommended actions

  • Change your Vakinha password immediately, and update it anywhere you reused the same password.
  • Enable two-factor authentication on the affected account and on your critical services (email, banking).
  • Watch for targeted phishing emails referencing Vakinha — attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk — consider credit monitoring or a credit freeze.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP