Exactis

What Happened

In June 2018, the marketing firm Exactis inadvertently publicly leaked 340 million records of personal data. Security researcher Vinny Troia of Night Lion Security discovered the leak contained multiple terabytes of personal information spread across hundreds of separate fields including addresses, phone numbers, family structures and extensive profiling data. The data was collected as part of Exactis' service as a "compiler and aggregator of premium business & consumer data" which they then sell for profiling and marketing purposes. A small subset of the exposed fields were provided to Have I Been Pwned and contained 132 million unique email addresses.

Compromised Data

Credit status information
Dates of birth
Education levels
Email addresses
Ethnicities
Family structure
Financial investments
Genders
Home ownership statuses
Income levels
IP addresses
Marital statuses
Names
Net worths
Occupations
Personal interests
Phone numbers
Physical addresses
Religions
Spoken languages

Recommended Actions

Monitor for Suspicious Activity

Watch for unusual login attempts, spam and phishing emails.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Breach Overview

  • Affected Accounts:

    131.6 million

  • Breach Occurred:

    June 2018

  • Added to HIBP:

    25 Jul 2018

Recommended Actions

Change Your Password

If you haven't changed your Exactis password since 2018, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Check Other Accounts

If you used the same password elsewhere, change those too.

Monitor for Suspicious Activity

Watch for unusual login attempts or messages from your account.

1Password

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password