Data dump suggests that Evite data breach affected 100M accounts

News by Bradley Barth

A new addition to the data breach reference website "Have I Been Pwned?" seemingly reveals that more than 100 million accounts were compromised in this year's data breach of the event-planning service Evite.

A new addition to the data breach reference website "Have I Been Pwned?" seemingly reveals that more than 100 million accounts were compromised in this year’s data breach of the event-planning service Evite.

"Have I Been Pwned?" founder Troy Hunt added a database of 100,985,047 affected accounts to his site on 14 July, and in doing so offered new insights into the scope of the breach, which Evite disclosed last April. On his site, Hunt says the data was provided to him by a source who asked credit be given to JimScott.Sec@protonmail.com.

A 15 July report by BleepingComputer states that it was originally believed that only around 10 million users were impacted by the breach. This estimate was derived from an Evite database that was observed being sold on a dark web marketplace.

In its April breach disclosure, Evite said the incident began on 22 February, 2019 when an unauthorised party acquired an inactive data storage file containing dated user information from 2013 and years prior. Names, usernames, email addresses, passwords, dates of birth, phone numbers, and mailing addresses were potentially affected in the incident.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews