A new addition to the data breach reference website “Have I Been Pwned?” seemingly reveals that more than 100 million accounts were compromised in this year’s data breach of the event-planning service Evite.
“Have I Been Pwned?” founder Troy Hunt added a database of 100,985,047 affected accounts to his site on July 14, and in doing so offered new insights into the scope of the breach, which Evite disclosed last April. On his site, Hunt says the data was provided to him by a source who asked credit be given to JimScott.Sec@protonmail.com.
A July 15 report by BleepingComputer states that it was originally believed that only around 10 million users were impacted by the breach. This estimate was derived from an Evite database that was observed being sold on a dark web marketplace.
In its April breach disclosure, Evite said the incident began started on February 22, 2019 when an unauthorized party acquired an inactive data storage file containing dated user information from 2013 and years prior. Names, usernames, email addresses, passwords, dates of birth, phone numbers, and mailing addresses were potentially affected in the incident.