ShellCodeX Breach Report
Xiaomi Data Breach
xiaomi.cn
Unverified
Passwords exposed
Accounts exposed
7,088,010
Breach date
01 Aug 2012
Added to tracker
21 Jul 2019
Data classes
4
What happened
In August 2012, the Xiaomi user forum website suffered a data breach. In all, 7 million email addresses appeared in the breach although a significant portion of them were numeric aliases on the bbs_ml_as_uid.xiaomi.com domain. Usernames, IP addresses and passwords stored as salted MD5 hashes were also exposed. The data was provided with support from dehashed.com. Read more about Chinese data breaches in Have I Been Pwned.
Exposed data
Email addresses
IP addresses
Passwords
Usernames
Recommended actions
- Change your Xiaomi password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Xiaomi โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP