Exactis Data Breach

What Happened

In June 2018, the marketing firm Exactis inadvertently publicly leaked 340 million records of personal data. Security researcher Vinny Troia of Night Lion Security discovered the leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data. The data was collected as part of Exactis' service as a "compiler and aggregator of premium business & consumer data" which they then sell for profiling and marketing purposes. A small subset of the exposed fields were provided to Have I Been Pwned and contained 132 million unique email addresses.

Compromised Data

Credit status information
Dates of birth
Education levels
Email addresses
Ethnicities
Family structure
Financial investments
Genders
Home ownership statuses
Income levels
IP addresses
Marital statuses
Names
Net worths
Occupations
Personal interests
Phone numbers
Physical addresses
Religions
Spoken languages

Recommended Actions

Sponsored
Guardio

Get Guardio for real-time protection after a breach. Guardio blocks AI-generated scam sites, fake login pages, and malicious pages designed to exploit leaked information. Built by cybersecurity specialists who track new threats 24/7, Guardio gives you immediate, expert-level protection plus clear steps to help you secure your accounts instantly.

Try Guardio
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password

Breach Overview

  • Affected Accounts:

    131.6 million

  • Breach Occurred:

    June 2018

  • Added to HIBP:

    25 Jul 2018

Recommended Actions

Change Your Password

If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.

Enable Two-Factor Authentication

Wherever 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
Guardio

Get Guardio for real-time protection after a breach. Guardio blocks AI-generated scam sites, fake login pages, and malicious pages designed to exploit leaked information. Built by cybersecurity specialists who track new threats 24/7, Guardio gives you immediate, expert-level protection plus clear steps to help you secure your accounts instantly.

Try Guardio