verified2020-10-03

GravatarGravatar breach

gravatar.com · 113,990,759 records compromised

Records
114M
Breach date
2020-10-03
Domain
gravatar.com
Data classes
3

Description

In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, Gravatar release an FAQ detailing the incident .

Compromised data classes· 3

Email addressesNamesUsernames

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Breach
Earth 2
Breach
500px
Breach
GameSprite
Breach
imgur
Breach
123RF
Breach
Canva
Sourced from Have I Been Pwned. Aggregate metadata only — no PII. Curated by Adam Lundqvist, Founder at SQUR.