In approximately December 2017, the online photo editing site piZap suffered a data breach. The data was later placed up for sale on a dark web marketplace along with a collection of other data breaches in February 2019. A total of 42 million unique email addresses were included in the breach alongside names, genders and links to Facebook profiles when the social media platform was used to authenticate to piZap. When accounts were created directly on piZap without using Facebook for authentication, passwords stored as SHA-1 hashes were also exposed. The data was provided to HIBP by a source who requested it be attributed to "JimScott.Sec@protonmail.com".
Accounts breached: 41817893
Breached on: December 07, 2017
Exposed data: Email addresses, Genders, Geographic locations, Names, Passwords, Social media profiles, Usernames, and Website activity
Added on: July 16, 2019