Avvo

What Happened

In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum and used in an extortion scam (it's possible the exposure dates back earlier than that). The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords. Multiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified with common Avvo and HIBP subscribers.

Compromised Data

Email addresses
Passwords

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    4.1 million

  • Breach Occurred:

    December 2019

  • Added to HIBP:

    15 Apr 2022

Recommended Actions

Change Your Password

If you haven't changed your Avvo password since 2019, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura