| Website | https://XposedOrNot.com |
| Blog | https://blog.xposedornot.com/ |
| GitHub | https://github.com/DevaOnBreaches |
| Website | https://plus.xposedornot.com/ |
@XposedOrNot += SongTrivia2 Data Breach
The SongTrivia2 #databreach occurred in April 2026 when the platform was compromised, with data later published on a public hacking forum exposing 291K unique email addresses and associated account information.
Exposed data: Email addresses, Names, Usernames, Passwords (bcrypt hashes)
Potential risks: Account takeover, Credential stuffing, Phishing, Targeted scams, Privacy breaches
@XposedOrNot += Cuties AI Data Breach
The Cuties AI #databreach occurred in March 2026 when the NSFW AI companion platform was compromised, with data later published on a public hacking forum exposing 153K unique email addresses and associated user content.
Exposed data: Email addresses, Display names, Avatars, Prompts and descriptions, URLs to generated content
Potential risks: Phishing, Targeted scams, and privacy breaches
@nihkeys Actual use cases are large and beneficial. However in this case and based on the style, it maybe attributed as such.
Unless and until a full forensic report is published with verifiable evidences , I do not think anything else matters.
@XposedOrNot += Success Data Breach
The Success #databreach occurred in March 2026 and exposed 142K unique email addresses along with associated personal and order information, with the system also abused to send offensive newsletters.
Exposed data: Email addresses, Names, IP addresses, Phone numbers, Passwords (bcrypt hashes), Physical addresses, Payment methods
Potential risks: Phishing, Identity theft, Account takeover, Credential stuffing, Financial fraud, Targeted scams, Privacy breaches
@XposedOrNot += Infinite Campus Data Breach
The Infinite Campus #databreach occurred in March 2026 and exposed 137K records from the education technology platform, including sensitive personal and account information.
Exposed data: Email addresses, Phone numbers, Names, Physical addresses, Usernames, Dates of birth, Genders, Geographic locations, Passwords
Potential risks: Identity theft, Account takeover, Credential stuffing, Phishing, Targeted scams, Privacy breaches
@XposedOrNot += CFGI Data Breach
The CFGI #databreach occurred in March 2026 and exposed over 800K records, including more than 40K financial documents and internal corporate data, with 250K unique email addresses impacted.
Exposed data: Email addresses, Names, Phone numbers, Physical addresses, Usernames, Geographic locations, Financial documents, Internal corporate data
Potential risks: Identity theft, Financial fraud, Phishing, Targeted scams, Privacy breaches
Hims & Hers confirms #databreach of third-party support system (Feb 4–7) via social engineering. Hackers stole customer tickets incl. names, emails + other personal data (medical records not affected).
Drift Protocol hacked for ~$280M after attacker seized Security Council admin control via pre-signed txs + multisig manipulation (no smart contract flaw). DPRK-linked tactics suspected.
Duc App (by Duales) exposed 360K+ sensitive files (passports, licenses, selfies, transactions) via a public, unencrypted Amazon storage bucket. #dataleak
Mercor confirms #databreach tied to compromised LiteLLM supply chain attack (malicious PyPI versions live ~40 mins). TeamPCP linked to initial access; Lapsus$ claims 4TB stolen (PII, code, APIs).
https://hackread.com/ai-firm-mercor-breach-hackers-4tb-data/
XposedOrNot
