All breaches
Gravatar data breach114M accounts compromised on 2020-10-03
Verified
Gravatar (gravatar.com) was the source of a data breach dated 2020-10-03, exposing 113,990,759 accounts. The details below are mirrored from Have I Been Pwned and reflect the source's account of the incident at the time of publication.
Incident Report
| Target Organization | Gravatar |
|---|---|
| Source Name | Gravatar |
| Domain | gravatar.com |
| Breach Date | 2020-10-03 |
| Added to HIBP | 2021-12-05 |
| Last Modified | 2021-12-08 |
| Accounts Compromised | 113,990,759(114M) |
| Data Exposed | Email addressesNamesUsernames |
| Status | Verified by HIBP |
Description
In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars . 167 million names, usernames and MD5 hashes of email addresses used to reference users' avatars were subsequently scraped and distributed within the hacking community. 114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data. Following the impacted email addresses being searchable in HIBP, Gravatar release an FAQ detailing the incident.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.