Back to overview
Doxbin logo
doxbin.com
Doxbin
Confidence HighJan 24, 2025doxbin.com

Doxbin Scrape Data Breach Exposes 435,000 Email Addresses

PatternExternal actor · Social · Confidentiality impact

On January 24, 2025, a data breach involving the 'doxing' service Doxbin resulted in the scraping of approximately 435,000 email addresses. The data was provided to Have I Been Pwned by a source attributed to 'oathnet.ru'. This incident poses risks of phishing attacks, identity theft, and other security concerns for affected individuals.

Signal date
Jan 24, 2025
Updated
Jul 1, 2026
Confidence
High
Sources
1 source

Signal context

First seen: Jan 24, 2025

Last updated: Jul 1, 2026

Status: Public signal

Key points

  • 435,784 email addresses were scraped from Doxbin on January 24, 2025.
  • Doxbin is a service where personal information of third parties is often disclosed.
  • The data was provided to Have I Been Pwned by a source named 'oathnet.ru'.

Signal analysis

Beta

It helps compare this signal with other published signals without treating the labels as final determinations.

Affected organization
Doxbin logo
Doxbin

Likely country: 🇮🇹 Italy

inferred from source domains

    Threat source
    Social activity

    Watch phishing, executive impersonation and account-takeover exposure.

    • Source type: outside the affected organization
    Business impact
    Potential fraud or account takeover risk

    Impact area: Confidentiality

    Likely asset: User or customer data

    Trend context
    4 signals with similar action pattern
    • 1 signal in the same sector
    • 86 signals with the same likely impact area
    • 1 signal linked to this organization/domain
    Mentioned entities
    DoxbinData DisclosureEmail Addresses On JanuaryDoxbinHave I Been Pwned

    External sources

    Related signals

    Grouped by why the signal is relevant.

    xsolis.com logoXsolisJun 26, 2026
    Same action patternSame impact area

    Healthcare AI Company Xsolis Suffers Data Breach Impacting 1.4 Million Individuals

    Healthcare AI company Xsolis disclosed a data breach affecting nearly 1.4 million individuals. The incident stemmed from a targeted phishing attack on January 20, 2026, which gave attackers unauthorized access to files containing sensitive patient information. The compromised data potentially includes names, dates of birth, Social Security numbers, health insurance details, and medical treatment records. Xsolis confirmed the incident has been contained and is notifying affected individuals, offering free credit monitoring.

    dinum.fr logoDinumJun 12, 2026
    Same action patternSame impact area

    French government messaging platform Tchap breached via compromised user account

    DINUM, the French government's digital affairs directorate, warned that hackers breached Tchap, France's encrypted messaging platform for public sector workers, using a compromised user account. The incident was detected by ANSSI, after which the affected account was blocked and an investigation launched into what conversations and data may have been accessed. DINUM has notified France's data protection authority, CNIL, due to the potential exposure of personal data. A threat actor claimed responsibility, alleging they used social engineering to access an education-related account and scrape messages, account information, and files, including 13.5GB of data from the French tax authority and other civil servants.

    tchap.gouv.fr logoTchapJun 12, 2026
    Same action patternSame impact area

    French Government Messaging Service Tchap Breached via Hijacked Account

    Tchap, the French government's encrypted messaging platform, suffered a data breach after a user account was compromised through social engineering. Attackers reportedly scraped 13.5GB of data, including 560,000 messages and information on over 73,000 accounts, such as email addresses, organization details, meeting links, and account and device metadata, from the French tax authority and other civil servants. DINUM, the digital affairs directorate of the French government, issued a warning about the incident. The breach was disclosed on June 12, 2026.

    microsoft.com logoMicrosoftJun 25, 2026
    Same action pattern

    Malicious 'Edgecution' Extension Exploits Microsoft Edge Native Messaging for Ransomware Deployment

    Security researchers reported on June 25, 2026, the discovery of a new malware campaign dubbed 'Edgecution,' which utilizes a malicious Microsoft Edge extension to deploy ransomware and a Python-based backdoor. The extension abuses the Native Messaging API to escape the browser sandbox and establish a persistent system-level executor. Attackers are reportedly using Microsoft Teams for social engineering, directing victims to fake 'Outlook Updates Management Console' websites to trick them into installing the malicious extension. This campaign is believed to be operated by an Initial Access Broker (IAB) linked to the 'Payout Kings' ransomware operation.

    aflac.com logoAflacJun 30, 2026
    Same impact area

    Aflac Life Insurance Japan Suffers Cybersecurity Breach Exposing Policyholder Data

    Aflac Life Insurance Japan disclosed unauthorized access to its systems between June 15 and June 25, 2026. The breach affected files containing policy details, personal information, and bank account information of approximately 4.38 million customers. The company has suspended affected systems and is investigating the incident with third-party cybersecurity experts.

    polymarket.com logoPolymarketJun 29, 2026
    Same impact area

    Polymarket Confirms Supply Chain Attack, $3 Million Stolen

    Polymarket, a cryptocurrency-based prediction market, confirmed a supply chain attack. A breach of a third-party frontend vendor led to malicious JavaScript being injected into its website. Attackers tricked users into approving fraudulent transactions, resulting in approximately $3 million being stolen from fewer than 15 accounts. The backend systems remained unaffected.