As a leading Managed Service Provider (MSP), we understand the critical role that data security plays in the digital landscape. Cybercriminals are constantly on the lookout for vulnerabilities to exploit and gain unauthorized access to sensitive information. One of the most common ways they do this is through data breaches.
Recently Added Breaches
7-Eleven – 185,256 breached accounts
In April 2026, 7-Eleven was the victim of a “pay or leak” extortion campaign by ShinyHunters, with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical addresses, dates of birth and phone numbers. A small number of records also contained additional exposed data fields. The company later advised the breach was limited to “certain 7-Eleven systems used to store franchisee documents”, a statement consistent with the exposed data.
Posted on Sun, 24 May 2026 05:15:22 Z
Dragonica Lunaris – 126,293 breached accounts
In December 2025, the European Dragonica private server Dragonica Lunaris suffered a data breach. The incident exposed 126k email addresses, usernames, dates of birth and bcrypt password hashes. The service operator confirmed the breach and advised it has since been fixed.
Posted on Thu, 21 May 2026 04:41:32 Z
Windows93 / Myspace93 – 46,105 breached accounts
In January 2021, the parody site Windows93 suffered a data breach of the Myspace93 sub-site after a beta application was exploited to download server files. The compromised data was later leaked in June and included 46k Myspace93 accounts containing email and IP addresses, usernames and passwords stored in plain text.
Posted on Thu, 21 May 2026 03:45:15 Z
CTT – 468,124 breached accounts
In April 2026, data allegedly obtained from CTT, Portugal’s national postal service, was posted to a public hacking forum. The data included 468k unique email addresses along with names, phone numbers and parcel tracking numbers which can be used to retrieve the tracking history of the parcel.
Posted on Tue, 19 May 2026 00:28:54 Z
Addi – 34,532,941 breached accounts
In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that “it is possible that your personal information may have been compromised”. The “pay or leak” extortion group ShinyHunters subsequently claimed responsibility and published a large trove of personal data allegedly obtained from Addi. The data included 34M unique email addresses from credit scoring requests, credit bureau records, customer identity records and email validation logs. It also contained government issued IDs (Cédula de Ciudadanía), estimated income, socioeconomic levels, purchases and other credit-related data points.
Posted on Mon, 18 May 2026 20:55:51 Z
Show More
This live feed of the most recent data breaches is sourced from: https://haveibeenpwned.com/
Proactive Email Security: Tools and Best Practices for Businesses
While staying up-to-date with the latest breaches is important, proactive defence measures are equally crucial. To help you fortify your organization’s email security, we recommend utilizing our Email Security Check tool. This tool allows you to check whether any of your business email accounts have been compromised in a data breach.
For comprehensive insights into data breaches and effective email security practices, explore our in-depth guide: Data Breaches: A Guide to Email Detection Tools and Secure Practices. This resource provides valuable knowledge and practical steps to enhance your organization’s email security.
Take the first step towards superior cybersecurity today. As your trusted MSP, we’re here to assist you every step of the way. Contact us to learn how we can tailor cybersecurity solutions to meet your unique business needs.
