Spoutible

What Happened

In January 2024, Spoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information. The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes. The incident also exposed 2FA secrets and backup codes along with password reset tokens.

Compromised Data

Email addresses

Genders

IP addresses

Names

Passwords

Phone numbers

Usernames

Recommended Actions

Change Your Password

If you haven't changed your password on this service since the breach, do so immediately.

Enable Two-Factor Authentication

If 2FA is supported, add an extra layer of security to your account.

Check Other Accounts

If you used the same password elsewhere, change those too.

Monitor for Suspicious Activity

Watch for unusual login attempts, spam and phishing emails.

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Breach Overview

Affected Accounts:

207.1 thousand
Breach Occurred:

January 2024
Added to HIBP:

5 Feb 2024

Recommended Actions

Change Your Password

If you haven't changed your Spoutible password since 2024, do so immediately.

Enable Two-Factor Authentication

Add an extra layer of security to your account.

Check Other Accounts

If you used the same password elsewhere, change those too.

Monitor for Suspicious Activity

Watch for unusual login attempts or messages from your account.

Use 1Password to generate and store strong, unique passwords for all your accounts.

Try 1Password

Spoutible

What Happened

Compromised Data

Recommended Actions

Change Your Password

Enable Two-Factor Authentication

Check Other Accounts

Monitor for Suspicious Activity

Breach Overview

207.1 thousand

January 2024

5 Feb 2024

Recommended Actions

Change Your Password

Enable Two-Factor Authentication

Check Other Accounts

Monitor for Suspicious Activity

Services

Information