MALL.cz Data Breach

What Happened

In July 2017, the Czech Republic e-commerce site MALL.cz suffered a data breach after which 735k unique accounts including email addresses, names, phone numbers and passwords were later posted online. Whilst passwords were stored as hashes, a number of different algorithms of varying strength were used over time. All passwords included in the publicly distributed data were in plain text and were likely just those that had been successfully cracked (members with strong passwords don't appear to be included). According to MALL.cz, the breach only impacted accounts created before 2015.

Compromised Data

Email addresses
Names
Passwords
Phone numbers

Recommended Actions

Change Your Password

If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.

Enable Two-Factor Authentication

Wherever 2FA is supported, add an extra layer of security to your account.

Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Guardio

Get Guardio for real-time protection after a breach. Guardio blocks AI-generated scam sites, fake login pages, and malicious pages designed to exploit leaked information. Built by cybersecurity specialists who track new threats 24/7, Guardio gives you immediate, expert-level protection plus clear steps to help you secure your accounts instantly.

Try Guardio

Breach Overview

  • Affected Accounts:

    735.4 thousand

  • Breach Occurred:

    July 2017

  • Added to HIBP:

    4 Sep 2017

Recommended Actions

Change Your Password

If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.

Enable Two-Factor Authentication

Wherever 2FA is supported, add an extra layer of security to your account.

Sponsored
1Password

Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.

Try 1Password
Sponsored
Aura

Get Aura for identity theft and credit protection. Keep your assets safe with fast fraud alerts, instant credit lock, and $1,000,000 identity theft insurance. Speak to a U.S. based fraud specialist 24/7.

Try Aura
Sponsored
Guardio

Get Guardio for real-time protection after a breach. Guardio blocks AI-generated scam sites, fake login pages, and malicious pages designed to exploit leaked information. Built by cybersecurity specialists who track new threats 24/7, Guardio gives you immediate, expert-level protection plus clear steps to help you secure your accounts instantly.

Try Guardio