Spoutible
Spoutible
mediumHave I Been Pwned
Disclosed
January 31, 2024
786 days ago
Records
207.1K
Confirmed
Root Cause
Misconfiguration
Industry
Social Media
Description
In January 2024, Spoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information. The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes. The incident also exposed 2FA secrets and backup codes along with password reset tokens.
View sourceExposed Data Types
Exposed Data
PasswordsEmail AddressesPhone NumbersIP AddressesNamesUsernamesGender