20,516,347
Records Exposed
Sep 2020
Date of Breach
Database
Breach Type
Sep 2024
Added to Database
About This Breach
In September 2020, ShopBack, a website that provides cashback rewards, experienced a data breach that exposed over 20 million records. The compromised data included emails, names, phone numbers, physical addresses, social media IDs and access tokens, and passwords stored using salted SHA-1 hashes. The breach also exposed bank account details for some users, which included bank names, account numbers, and account holder names. This breach highlights the importance of employing stronger password hashing mechanisms to safeguard user data.
Compromised Data Types
Country
Singapore
Language
English
Password Storage
SHA1
Category
Financial
Indexed On
Sep 10, 2024
Breach Type
Database
What Should You Do?
Get Full Breach Details with LeakedSource Pro
Sign up for a LeakedSource Pro account to see exactly what data was exposed in this breach and get real-time notifications when your information appears in new breaches.
Sign Up for Pro- Change your password immediately on ShopBack and any other site where you used the same password. Use a unique, strong password for each account.
- Watch for phishing emails targeting your inbox. Attackers may use your exposed email address to send convincing scam messages.
- Be alert to smishing attacks (SMS phishing). Scammers may text you pretending to be banks or service providers.
- Enable two-factor authentication (2FA) on all important accounts to add an extra layer of security.
- Use a password manager to generate and store unique, strong passwords for every account.
Were You Affected by This Breach?
Enter your email below to instantly check if your data was compromised in the ShopBack breach and 12,000+ other known breaches.
