Scribd
Upload
151 views16 pages

Export Kernworld@

The document is an OSINT report detailing the online presence and data breaches associated with an individual named Mark Kern (Grummz). It lists various platforms where he is registered, including Google, Airbnb, GitHub, and several others, along with specific details about data breaches affecting his accounts. Additionally, it provides insights into the extent of data breaches from multiple services that have impacted user data, including email addresses and passwords.

Uploaded by

scribd.flannels757
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
151 views16 pages

Export Kernworld@

The document is an OSINT report detailing the online presence and data breaches associated with an individual named Mark Kern (Grummz). It lists various platforms where he is registered, including Google, Airbnb, GitHub, and several others, along with specific details about data breaches affecting his accounts. Additionally, it provides insights into the extent of data breaches from multiple services that have impacted user data, including email addresses and passwords.

Uploaded by

scribd.flannels757
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

10/4/24, 6:54 AM [email protected].

pdf

OSINT Industries
Report for: [email protected]
As of 2024-10-03T20:54:05.128Z
Map • Modules • Timeline

Module Responses
GOOGLE
Registered : true
Id : 114618857069686035968
Name : Mark Kern (Grummz)
Last Seen : 2023-04-15T13:06:17

AIRBNB
Registered : true
First Name : Mark

GITHUB
Registered : true
Id : 3936178
Name : Mark Kern
Location : California
Username : Grummz
Profile Url : https://github.com/Grummz
Website : www.em8er.com
Followers : 2
Following : 1
Last Seen : 2024-05-24T17:52:38
Creation Date : 2013-03-21T23:35:53

Registered : true
Id : 3936178
Name : Mark Kern
Username : Grummz
Profile Url : https://gist.github.com/Grummz

NOTION

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 1/16
10/4/24, 6:54 AM [email protected]
Registered : true
Id : 0da288b9-4b05-45cd-90fd-212c37140028
Name : Mark Kern

SKYPE
Registered : true
Id : grummz
Name : Mark Kern
Location : United States
Username : grummz

IMAGESHACK
Registered : true
Username : grummz
Profile Url : https://imageshack.com/user/grummz

FITBIT
Registered : true
Id : 22H9WZ
Name : Mark K.
Profile Url : https://static0.fitbit.com/images/profile/defaultProfile_150.png

LINKEDIN
Registered : true

MYFITNESSPAL
Registered : true

HIBP
Registered : true
Breach : true
Name : 123RF
Website : 123rf.com
Bio : In March 2020, the stock photo site <a
href="https://www.bleepingcomputer.com/news/security/popular-stock-photo-service-hit-by-data-
breach-83m-records-for-sale/" target="_blank" rel="noopener">123RF suffered a data breach</a> which
impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP
and physical addresses, names, phone numbers and passwords stored as MD5 hashes. The data was
provided to HIBP by <a href="https://dehashed.com/" target="_blank"
rel="noopener">dehashed.com</a>.
Creation Date : 2020-03-22T00:00:00

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 2/16
10/4/24, 6:54 AM [email protected]

Registered : true
Breach : true
Name : 2,844 Separate Data Breaches
Bio : In February 2018, <a href="https://www.troyhunt.com/ive-just-added-2844-new-data-breaches-
with-80m-records-to-have-i-been-pwned/" target="_blank" rel="noopener">a massive collection of
almost 3,000 alleged data breaches was found online</a>. Whilst some of the data had previously been
seen in Have I Been Pwned, 2,844 of the files consisting of more than 80 million unique email addresses
had not previously been seen. Each file contained both an email address and plain text password and
were consequently loaded as a single &quot;unverified&quot; data breach.
Creation Date : 2018-02-19T00:00:00

Registered : true
Breach : true
Name : 500px
Website : 500px.com
Bio : In mid-2018, the online photography community <a href="https://support.500px.com/hc/en-
us/articles/360017752493-Security-Issue-February-2019-FAQ" target="_blank" rel="noopener">500px
suffered a data breach</a>. The incident exposed almost 15 million unique email addresses alongside
names, usernames, genders, dates of birth and either an MD5 or bcrypt password hash. In 2019, <a
href="https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/"
target="_blank" rel="noopener">the data appeared listed for sale on a dark web marketplace</a> (along
with several other large breaches) and subsequently began circulating more broadly. The data was
provided to HIBP by a source who requested it to be attributed to
&quot;[email protected]&quot;.
Creation Date : 2018-07-05T00:00:00

Registered : true
Breach : true
Name : Adobe
Website : adobe.com
Bio : In October 2013, 153 million Adobe accounts were breached with each containing an internal ID,
username, email, <em>encrypted</em> password and a password hint in plain text. The password
cryptography was poorly done and many were quickly resolved back to plain text. The unencrypted hints
also <a href="http://www.troyhunt.com/2013/11/adobe-credentials-and-serious.html" target="_blank"
rel="noopener">disclosed much about the passwords</a> adding further to the risk that hundreds of
millions of Adobe customers already faced.
Creation Date : 2013-10-04T00:00:00

Registered : true
Breach : true
Name : BTC-E
Website : btc-e.com
Bio : In October 2014, <a href="https://www.databreaches.net/bitcoin-exchange-btc-e-and-bitcointalk-
forum-breaches/" target="_blank" rel="noopener">the Bitcoin exchange BTC-E was hacked</a> and 568k
accounts were exposed. The data included email and IP addresses, wallet balances and hashed
passwords.
Creation Date : 2014-10-01T00:00:00

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 3/16
10/4/24, 6:54 AM [email protected]

Registered : true
Breach : true
Name : Bitcoin Security Forum Gmail Dump
Website : forum.btcsec.com
Bio : In September 2014, a large dump of nearly 5M usernames and passwords was <a href="https://forum.btcsec.com/index.php?/topic/94
meniai-parol/" target="_blank" rel="noopener">posted to a Russian Bitcoin forum</a>. Whilst commonly reported as 5M &quot;Gmail pass
the dump also contained 123k yandex.ru addresses. Whilst the origin of the breach remains unclear, the breached credentials were <a
href="http://web.archive.org/web/20140910190920/http://www.reddit.com/r/netsec/comments/2fz13q/5_millions_of_gmail_passwords_lea
target="_blank" rel="noopener">confirmed by multiple source as correct</a>, albeit a number of years old.
Creation Date : 2014-01-09T00:00:00

Registered : true
Breach : true
Name : Collection #1
Bio : In January 2019, a large collection of credential stuffing lists (combinations of email addresses and
passwords used to hijack accounts on other services) was discovered being distributed on a popular
hacking forum. The data contained almost 2.7 <em>billion</em> records including 773 million unique
email addresses alongside passwords those addresses had used on other breached services. Full details
on the incident and how to search the breached passwords are provided in the blog post <a
href="https://www.troyhunt.com/the-773-million-record-collection-1-data-reach" target="_blank"
rel="noopener">The 773 Million Record "Collection #1" Data Breach</a>.
Creation Date : 2019-01-07T00:00:00

Registered : true
Breach : true
Name : Dropbox
Website : dropbox.com
Bio : In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of
millions of their customers. In August 2016, <a href="https://motherboard.vice.com/read/dropbox-
forces-password-resets-after-user-credentials-exposed" target="_blank" rel="noopener">they forced
password resets for customers they believed may be at risk</a>. A large volume of data totalling over 68
million records <a href="https://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-
accounts" target="_blank" rel="noopener">was subsequently traded online</a> and included email
addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
Creation Date : 2012-07-01T00:00:00

Registered : true
Breach : true
Name : Evite
Website : evite.com
Bio : In April 2019, the social planning website for managing online invitations <a
href="https://www.evite.com/security/update?usource=lc&lctid=1800182" target="_blank"
rel="noopener">Evite identified a data breach of their systems</a>. Upon investigation, they found
unauthorised access to a database archive dating back to 2013. The exposed data included a total of 101
million unique email addresses, most belonging to recipients of invitations. Members of the service also
had names, phone numbers, physical addresses, dates of birth, genders and passwords stored in plain
text exposed. The data was provided to HIBP by a source who requested it be attributed to
&quot;[email protected]&quot;.
Creation Date : 2013-08-11T00:00:00

Registered : true
Breach : true
Name : Exploit.In
Bio : In late 2016, a huge list of email address and password pairs appeared in a &quot;combo list&quot;
referred to as &quot;Exploit.In&quot;. The list contained 593 million unique email addresses, many with
multiple different passwords hacked from various online systems. The list was broadly circulated and
used for &quot;credential stuffing&quot;, that is attackers employ it in an attempt to identify other
online systems where the account owner had reused their password. For detailed background on this

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 4/16
10/4/24, 6:54 AM [email protected]
incident, read <a href="https://www.troyhunt.com/password-reuse-credential-stuffing-and-another-1-
billion-records-in-have-i-been-pwned" target="_blank" rel="noopener">Password reuse, credential
stuffing and another billion records in Have I Been Pwned</a>.
Creation Date : 2016-10-13T00:00:00

Registered : true
Breach : true
Name : Funimation
Website : funimation.com
Bio : In July 2016, the anime site <a href="https://www.funimation.com/" target="_blank"
rel="noopener">Funimation</a> suffered a data breach that impacted 2.5 million accounts. The data
contained usernames, email addresses, dates of birth and salted SHA1 hashes of passwords.
Creation Date : 2016-07-01T00:00:00

Registered : true
Breach : true
Name : gPotato
Website : gpotato.com
Bio : In July 2007, the multiplayer game portal known as <a
href="https://web.archive.org/web/20070710161412/http://gpotato.com/" target="_blank"
rel="noopener">gPotato</a> (link to archive of the site at that time) suffered a data breach and over 2
million user accounts were exposed. The site later merged into the <a href="http://www.webzen.com/"
target="_blank" rel="noopener">Webzen portal</a> where the original accounts still exist today. The
exposed data included usernames, email and IP addresses, MD5 hashes and personal attributes such as
gender, birth date, physical address and security questions and answers stored in plain text.
Creation Date : 2007-07-12T00:00:00

Registered : true
Breach : true
Name : Gravatar
Website : gravatar.com
Bio : In October 2020, <a href="https://www.bleepingcomputer.com/news/security/online-avatar-service-
gravatar-allows-mass-collection-of-user-info/" target="_blank" rel="noopener">a security researcher
published a technique for scraping large volumes of data from Gravatar, the service for providing
globally unique avatars </a>. 167 million names, usernames and MD5 hashes of email addresses used to
reference users' avatars were subsequently scraped and distributed within the hacking community. 114
million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the
original email address and accompanying data. Following the impacted email addresses being
searchable in HIBP, <a href="https://en.gravatar.com/support/data-privacy" target="_blank"
rel="noopener">Gravatar release an FAQ detailing the incident</a>.
Creation Date : 2020-10-03T00:00:00

Registered : true
Breach : true
Name : Kaneva
Website : kaneva.com
Bio : In July 2016, now defunct website Kaneva, the service to &quot;build and explore virtual
worlds&quot;, suffered a data breach that exposed 3.9M user records. The data included email
addresses, usernames, dates of birth and salted MD5 password hashes.
Creation Date : 2016-07-01T00:00:00

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 5/16
10/4/24, 6:54 AM [email protected]

Registered : true
Breach : true
Name : Kayo.moe Credential Stuffing List
Bio : In September 2018, a collection of almost 42 million email address and plain text password pairs
was uploaded to the anonymous file sharing service <a href="https://kayo.moe/" target="_blank"
rel="noopener">kayo.moe</a>. The operator of the service contacted HIBP to report the data which,
upon further investigation, turned out to be a large credential stuffing list. For more information, read
about <a href="https://www.troyhunt.com/the-42m-record-kayo-moe-credential-stuffing-data"
target="_blank" rel="noopener">The 42M Record kayo.moe Credential Stuffing Data</a>.
Creation Date : 2018-09-11T00:00:00

Registered : true
Breach : true
Name : Kickstarter
Website : kickstarter.com
Bio : In February 2014, the crowdfunding platform <a
href="https://www.kickstarter.com/blog/important-kickstarter-security-notice" target="_blank"
rel="noopener">Kickstarter announced they'd suffered a data breach</a>. The breach contained almost
5.2 million unique email addresses, usernames and salted SHA1 hashes of passwords.
Creation Date : 2014-02-16T00:00:00

Registered : true
Breach : true
Name : Lead Hunter
Bio : In March 2020, <a href="https://www.troyhunt.com/the-unattributable-lead-hunter-data-breach"
target="_blank" rel="noopener">a massive trove of personal information referred to as &quot;Lead
Hunter&quot;</a> was provided to HIBP after being found left exposed on a publicly facing Elasticsearch
server. The data contained 69 million unique email addresses across 110 million rows of data
accompanied by additional personal information including names, phone numbers, genders and
physical addresses. At the time of publishing, the breach could not be attributed to those responsible for
obtaining and exposing it. The data was provided to HIBP by <a href="https://dehashed.com/"
target="_blank" rel="noopener">dehashed.com</a>.
Creation Date : 2020-03-04T00:00:00

Registered : true
Breach : true
Name : Luxottica
Website : luxottica.com
Bio : In March 2021, the world's largest eyewear company <a
href="https://www.bleepingcomputer.com/news/security/luxottica-confirms-2021-data-breach-after-info-
of-70m-leaks-online/" target="_blank" rel="noopener">Luxoticca suffered a data breach via one of their
partners that exposed the personal information of more than 70M people</a>. The data was
subsequently sold via a popular hacking forum in late 2022 and included email and physical addresses,
names, genders, dates of birth and phone numbers. In a statement from Luxottica, they advised they
were aware of the incident and are currently &quot;considering other notification obligations&quot;.
Creation Date : 2021-03-16T00:00:00

Registered : true
Breach : true
Name : MGM Resorts (2022 Update)
Website : mgmresorts.com
Bio : In July 2019, <a href="https://www.zdnet.com/article/exclusive-details-of-10-6-million-of-mgm-hotel-
guests-posted-on-a-hacking-forum/" target="_blank" rel="noopener">MGM Resorts discovered a data
breach of one of their cloud services</a>. The breach included 10.6M guest records with 3.1M unique
email addresses stemming back to 2017. In May 2022, <a href="https://www.vpnmentor.com/blog/mgm-
leaked-on-telegram/" target="_blank" rel="noopener">a superset of the data totalling almost 25M
unique email addresses across 142M rows was extensively shared on Telegram</a>. On analysis, it's
highly likely the data stems from the same incident <a href="https://www.zdnet.com/article/a-hacker-is-

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 6/16
10/4/24, 6:54 AM [email protected]
selling-details-of-142-million-mgm-hotel-guests-on-the-dark-web/" target="_blank" rel="noopener">with
142M records having been discovered for sale on a dark web marketplace in mid-2020</a>. The exposed
data included email and physical addresses, names, phone numbers and dates of birth.
Creation Date : 2019-07-25T00:00:00

Registered : true
Breach : true
Name : Modern Business Solutions
Website : modbsolutions.com
Bio : In October 2016, a large Mongo DB file containing tens of millions of accounts <a
href="https://twitter.com/0x2Taylor/status/784544208879292417" target="_blank" rel="noopener">was
shared publicly on Twitter</a> (the file has since been removed). The database contained over 58M
unique email addresses along with IP addresses, names, home addresses, genders, job titles, dates of
birth and phone numbers. The data was subsequently <a href="http://news.softpedia.com/news/hacker-
steals-58-million-user-records-from-data-storage-provider-509190.shtml" target="_blank"
rel="noopener">attributed to &quot;Modern Business Solutions&quot;</a>, a company that provides
data storage and database hosting solutions. They've yet to acknowledge the incident or explain how
they came to be in possession of the data.
Creation Date : 2016-10-08T00:00:00

Registered : true
Breach : true
Name : MyFitnessPal
Website : myfitnesspal.com
Bio : In February 2018, the diet and exercise service <a href="https://content.myfitnesspal.com/security-
information/FAQ.html" target="_blank" rel="noopener">MyFitnessPal suffered a data breach</a>. The
incident exposed 144 million unique email addresses alongside usernames, IP addresses and passwords
stored as SHA-1 and bcrypt hashes (the former for earlier accounts, the latter for newer accounts). In
2019, <a href="https://www.theregister.co.uk/2019/02/11/620_million_hacked_accounts_dark_web/"
target="_blank" rel="noopener">the data appeared listed for sale on a dark web marketplace</a> (along
with several other large breaches) and subsequently began circulating more broadly. The data was
provided to HIBP by a source who requested it to be attributed to
&quot;[email protected]&quot;.
Creation Date : 2018-02-01T00:00:00

Registered : true
Breach : true
Name : National Public Data
Bio : In April 2024, <a href="https://www.troyhunt.com/inside-the-3-billion-people-national-public-data-
breach" target="_blank" rel="noopener">a large trove of data made headlines as having exposed
&quot;3 billion people&quot; due to a breach of the National Public Data background check service</a>.
The initial corpus of data released in the breach contained billions of rows of personal information,
including US social security numbers. Further partial data sets were later released including extensive
personal information and 134M unique email addresses, although the origin and accuracy of the data
remains in question. This breach has been flagged as &quot;unverified&quot; and a full description of
the incident is in the link above.
Creation Date : 2024-04-09T00:00:00

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 7/16
10/4/24, 6:54 AM [email protected]

Registered : true
Breach : true
Name : Naz.API
Bio : In September 2023, <a href="https://www.troyhunt.com/inside-the-massive-naz-api-credential-
stuffing-list/" target="_blank" rel="noopener">over 100GB of stealer logs and credential stuffing lists
titled &quot;Naz.API&quot; was posted to a popular hacking forum</a>. The incident contained a
combination of email address and plain text password pairs alongside the service they were entered
into, and standalone credential pairs obtained from unnamed sources. In total, the corpus of data
included 71M unique email addresses and 100M unique passwords.
Creation Date : 2023-09-20T00:00:00

Registered : true
Breach : true
Name : Nexus Mods
Website : nexusmods.com
Bio : In December 2015, the game modding site Nexus Mods <a
href="http://www.nexusmods.com/games/news/12670/" target="_blank" rel="noopener">released a
statement notifying users that they had been hacked</a>. They subsequently dated the hack as having
occurred in July 2013 although there is evidence to suggest the data was being traded months in
advance of that. The breach contained usernames, email addresses and passwords stored as a salted
hashes.
Creation Date : 2013-07-22T00:00:00

Registered : true
Breach : true
Name : Nitro
Website : gonitro.com
Bio : In September 2020, <a href="https://www.bleepingcomputer.com/news/security/massive-nitro-
data-breach-impacts-microsoft-google-apple-more/" target="_blank" rel="noopener">the Nitro PDF
service suffered a massive data breach which exposed over 70 million unique email addresses</a>. The
breach also exposed names, bcrypt password hashes and the titles of converted documents. The data
was provided to HIBP by <a href="https://dehashed.com/" target="_blank"
rel="noopener">dehashed.com</a>.
Creation Date : 2020-09-28T00:00:00

Registered : true
Breach : true
Name : Not SOCRadar
Bio : In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The
post alleged the addresses were scraped from cybersecurity firm SOCRadar, however <a
href="https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/"
target="_blank" rel="noopener">an investigation on their behalf concluded that &quot;the actor merely
utilised functionalities inherent in the platform's standard offerings, designed to gather information
from publicly available sources&quot;</a>. There is no suggestion the incident compromised
SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique
addresses of valid email address format.
Creation Date : 2024-08-03T00:00:00

Registered : true
Breach : true
Name : Onliner Spambot
Bio : In August 2017, a spambot by the name of <a
href="https://benkowlab.blogspot.com.au/2017/08/from-onliner-spambot-to-millions-of.html"
target="_blank" rel="noopener">Onliner Spambot was identified by security researcher Benkow
moʞuƎq</a>. The malicious software contained a server-based component located on an IP address in
the Netherlands which exposed a large number of files containing personal information. In total, there
were 711 million unique email addresses, many of which were also accompanied by corresponding
passwords. A full write-up on what data was found is in the blog post titled <a

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 8/16
10/4/24, 6:54 AM [email protected]
href="https://www.troyhunt.com/inside-the-massive-711-million-record-onliner-spambot-dump"
target="_blank" rel="noopener">Inside the Massive 711 Million Record Onliner Spambot Dump</a>.
Creation Date : 2017-08-28T00:00:00

Registered : true
Breach : true
Name : Patreon
Website : patreon.com
Bio : In October 2015, the crowdfunding site <a href="http://www.zdnet.com/article/patreon-hacked-
anonymous-patrons-exposed/" target="_blank" rel="noopener">Patreon was hacked</a> and over 16GB
of data was released publicly. The dump included almost 14GB of database records with more than 2.3M
unique email addresses, millions of personal messages and passwords stored as bcrypt hashes.
Creation Date : 2015-10-01T00:00:00

Registered : true
Breach : true
Name : Data Enrichment Exposure From PDL Customer
Bio : In October 2019, <a href="https://www.troyhunt.com/data-enrichment-people-data-labs-and-
another-622m-email-addresses" target="_blank" rel="noopener">security researchers Vinny Troia and
Bob Diachenko identified an unprotected Elasticsearch server holding 1.2 billion records of personal
data</a>. The exposed data included an index indicating it was sourced from data enrichment company
People Data Labs (PDL) and contained 622 million unique email addresses. The server was not owned by
PDL and it's believed a customer failed to properly secure the database. Exposed information included
email addresses, phone numbers, social media profiles and job history data.
Creation Date : 2019-10-16T00:00:00

Registered : true
Breach : true
Name : Pemiblanc
Website : pemiblanc.com
Bio : In April 2018, a credential stuffing list containing 111 million email addresses and passwords known
as <a href="https://www.troyhunt.com/the-111-million-pemiblanc-credential-stuffing-list"
target="_blank" rel="noopener">Pemiblanc</a> was discovered on a French server. The list contained
email addresses and passwords collated from different data breaches and used to mount account
takeover attacks against other services. <a href="https://www.troyhunt.com/the-111-million-pemiblanc-
credential-stuffing-list" target="_blank" rel="noopener">Read more about the incident.</a>
Creation Date : 2018-04-02T00:00:00

Registered : true
Breach : true
Name : Roll20
Website : roll20.net
Bio : In December 2018, the tabletop role-playing games website <a
href="https://app.roll20.net/forum/post/7209691/roll20-security-breach" target="_blank"
rel="noopener">Roll20 suffered a data breach</a>. Almost 4 million customers were impacted by the
breach and had email and IP addresses, names, bcrypt hashes of passwords and the last 4 digits of
credit cards exposed. The data was provided to HIBP by a source who requested it be attributed to
&quot;[email protected]&quot;.
Creation Date : 2018-12-26T00:00:00

Registered : true
Breach : true
Name : Snail
Website : snail.com
Bio : In March 2015, the gaming website <a href="https://www.technadu.com/emuparadise-1-1-million-
user-data-breach/70025/" target="_blank" rel="noopener">Snail suffered a data breach</a> that
impacted 1.4 million subscribers. The impacted data included usernames, IP and email addresses and

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 9/16
10/4/24, 6:54 AM [email protected]
passwords stored as unsalted MD5 hashes. The data was provided to HIBP by <a
href="https://dehashed.com/" target="_blank" rel="noopener">dehashed.com</a>.
Creation Date : 2015-03-14T00:00:00

Registered : true
Breach : true
Name : Combolists Posted to Telegram
Bio : In May 2024, <a href="https://troyhunt.com/telegram-combolists-and-361m-email-addresses"
target="_blank" rel="noopener">2B rows of data with 361M unique email addresses were collated from
malicious Telegram channels</a>. The data contained 122GB across 1.7k files with email addresses,
usernames, passwords and in many cases, the website they were entered into. The data appears to have
been sourced from a combination of existing combolists and info stealer malware.
Creation Date : 2024-05-28T00:00:00

Registered : true
Breach : true
Name : Thingiverse
Website : thingiverse.com
Bio : In October 2021, a database backup taken from the 3D model sharing service <a
href="https://www.databreachtoday.com/thingiverse-data-leak-affects-25-million-subscribers-a-17729"
target="_blank" rel="noopener">Thingiverse began extensively circulating within the hacking
community</a>. Dating back to October 2020, the 36GB file contained 228 thousand unique email
addresses, mostly alongside comments left on 3D models. The data also included usernames, IP
addresses, full names and passwords stored as either unsalted SHA-1 or bcrypt hashes. In some cases,
physical addresses was also exposed. Thingiverse's owner, MakerBot, is aware of the incident but at the
time of writing, is yet to issue a disclosure statement. The data was provided to HIBP by <a
href="https://dehashed.com/" target="_blank" rel="noopener">dehashed.com</a>.
Creation Date : 2020-10-13T00:00:00

Registered : true
Breach : true
Name : tumblr
Website : tumblr.com
Bio : In early 2013, <a href="https://staff.tumblr.com/post/144263069415/we-recently-learned-that-a-
third-party-had" target="_blank" rel="noopener">tumblr suffered a data breach</a> which resulted in
the exposure of over 65 million accounts. The data was later put up for sale on a dark market website
and included email addresses and passwords stored as salted SHA1 hashes.
Creation Date : 2013-02-28T00:00:00

Registered : true
Breach : true
Name : Twitter (200M)
Website : twitter.com
Bio : In early 2023, <a href="https://www.bleepingcomputer.com/news/security/200-million-twitter-
users-email-addresses-allegedly-leaked-online/" target="_blank" rel="noopener">over 200M records
scraped from Twitter appeared on a popular hacking forum</a>. The data was obtained sometime in
2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent
results were then composed into a corpus of data containing email addresses alongside public Twitter
profile information including names, usernames and follower counts.
Creation Date : 2021-01-01T00:00:00

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 10/16
10/4/24, 6:54 AM [email protected]

Registered : true
Breach : true
Name : Unreal Engine
Website : unrealengine.com
Bio : In August 2016, <a href="http://www.zdnet.com/article/epic-games-unreal-engine-forums-hacked-
in-latest-data-breach" target="_blank" rel="noopener">the Unreal Engine Forum suffered a data
breach</a>, allegedly due to a SQL injection vulnerability in vBulletin. The attack resulted in the exposure
of 530k accounts including usernames, email addresses and salted MD5 hashes of passwords.
Creation Date : 2016-08-11T00:00:00

Registered : true
Breach : true
Name : Verifications.io
Website : verifications.io
Bio : In February 2019, the email address validation service <a href="https://securitydiscovery.com/800-
million-emails-leaked-online-by-email-verification-service" target="_blank"
rel="noopener">verifications.io suffered a data breach</a>. Discovered by <a
href="https://twitter.com/mayhemdayone" target="_blank" rel="noopener">Bob Diachenko</a> and <a
href="https://twitter.com/vinnytroia" target="_blank" rel="noopener">Vinny Troia</a>, the breach was
due to the data being stored in a MongoDB instance left publicly facing without a password and resulted
in 763 million unique email addresses being exposed. Many records within the data also included
additional personal attributes such as names, phone numbers, IP addresses, dates of birth and genders.
No passwords were included in the data. The Verifications.io website went offline during the disclosure
process, although <a href="https://web.archive.org/web/20190227230352/https://verifications.io/"
target="_blank" rel="noopener">an archived copy remains viewable</a>.
Creation Date : 2019-02-25T00:00:00

Registered : true
Breach : true
Name : War Inc.
Website : thewarinc.com
Bio : In mid-2012, the real-time strategy game <a href="http://thewarinc.com" target="_blank"
rel="noopener">War Inc.</a> suffered a data breach. The attack resulted in the exposure of over 1
million accounts including usernames, email addresses and salted MD5 hashes of passwords.
Creation Date : 2012-07-04T00:00:00

Registered : true
Breach : true
Name : Zynga
Website : zynga.com
Bio : In September 2019, game developer <a href="https://www.cnet.com/news/words-with-friends-
hack-reportedly-exposes-data-of-more-than-200m-players/" target="_blank" rel="noopener">Zynga (the
creator of Words with Friends) suffered a data breach</a>. The incident exposed 173M unique email
addresses alongside usernames and passwords stored as salted SHA-1 hashes. The data was provided to
HIBP by <a href="https://dehashed.com/" target="_blank" rel="noopener">dehashed.com</a>.
Creation Date : 2019-09-01T00:00:00

INSTACART
Registered : true

REPLIT
Registered : true

CHANGE
https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 11/16
10/4/24, 6:54 AM [email protected]
Registered : true

FIREFOX
Registered : true

SPOTIFY
Registered : true

TUMBLR
Registered : true

FOURSQUARE
Registered : true
Id : 4579969
Name : Mark Kern
First Name : Mark
Last Name : Kern
Gender : Male
Location : US
Username : markk5104547
Profile Url : https://foursquare.com/markk5104547
Private : false

INSTAGRAM
Registered : true

ADOBE
Registered : true

VIMEO
Registered : true

ACADEMIA
Registered : true

STARZPLAY
Registered : true

HONDA
Registered : true

DISNEY

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 12/16
10/4/24, 6:54 AM [email protected]
Registered : true

ESPN
Registered : true

NVIDIA
Registered : true

UPWORK
Registered : true

ASUS
Registered : true

TWITTER
Registered : true

EA
Registered : true

PINTEREST
Registered : true

WORDPRESS
Registered : true

MAPS
Registered : true
Profile Url : https://www.google.com/maps/contrib/114618857069686035968/reviews
Private : false

AUTODESK
Registered : true

DROPBOX
Registered : true
Id : dbid:AAAAESd2ZiCpjNosZNVcJViA73jYXphSKhg
Name : Mark Kern
First Name : Mark
Last Name : Kern
Verified : true

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 13/16
10/4/24, 6:54 AM [email protected]

PATREON
Registered : true

YELP
Registered : true
Id : D5f_9l2qGNJaRbDRS9W1mg
Name : Mark K.
First Name : Mark
Gender : Male
Location : Aliso Viejo, CA
Profile Url : https://www.yelp.com/user_details?userid=D5f_9l2qGNJaRbDRS9W1mg&utm_source=ishare
Followers : 0
Following : 0
Creation Date : 2016-07-05T23:21:54

STEAM
Registered : true
Username : grummz
Phone Hint : ********46

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 14/16
10/4/24, 6:54 AM [email protected]

Timeline
Content: Breached 4 times in 2013. (HaveIBeenPwnd!)
Date/Year: 2013

Content: Breached 5 times in 2016. (HaveIBeenPwnd!)


Date/Year: 2016

Content: Breached 6 times in 2018. (HaveIBeenPwnd!)


Date/Year: 2018

Content: Breached 5 times in 2019. (HaveIBeenPwnd!)


Date/Year: 2019

Content: Breached 5 times in 2020. (HaveIBeenPwnd!)


Date/Year: 2020

Content: Breached on BTC-E


Date/Year: 2014-10-01T00:00:00

Content: Breached on Bitcoin Security Forum Gmail Dump


Date/Year: 2014-01-09T00:00:00

Content: Breached on Dropbox


Date/Year: 2012-07-01T00:00:00

Content: Breached on gPotato


Date/Year: 2007-07-12T00:00:00

Content: Breached on Kickstarter


Date/Year: 2014-02-16T00:00:00

Content: Breached on Luxottica


Date/Year: 2021-03-16T00:00:00

Content: Breached on National Public Data


Date/Year: 2024-04-09T00:00:00

Content: Breached on Naz.API


Date/Year: 2023-09-20T00:00:00

Content: Breached on Not SOCRadar


Date/Year: 2024-08-03T00:00:00

Content: Breached on Onliner Spambot


Date/Year: 2017-08-28T00:00:00

Content: Breached on Patreon


Date/Year: 2015-10-01T00:00:00

Content: Breached on Snail


Date/Year: 2015-03-14T00:00:00

Content: Breached on Combolists Posted to Telegram


Date/Year: 2024-05-28T00:00:00

Content: Breached on Twitter (200M)


Date/Year: 2021-01-01T00:00:00

Content: Breached on War Inc.


Date/Year: 2012-07-04T00:00:00

Content: Reviewed Jerome's Furniture & Mattress Store-Laguna Hills


Date/Year: 2021-11-05T18:34:01

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 15/16
10/4/24, 6:54 AM [email protected]
Content: Last Active (Google)
Date/Year: 2023-04-15T13:06:17

Content: Created Account (Yelp)


Date/Year: 2016-07-05T23:21:54

Content: Reviewed Navroz Mediterranean Grill.


Date/Year: 2022-12-06T02:07:14

Content: Reviewed Kimberly Lou.


Date/Year: 2018-02-22T15:48:59

Content: Reviewed OC Junk Hauling.


Date/Year: 2016-08-02T16:08:20

Content: Last Active (Github)


Date/Year: 2024-05-24T17:52:38

Content: Created Account (Github)


Date/Year: 2013-03-21T23:35:53

osint.industries

https://app.osint.industries/pdf?id=ffdaf842-f622-4761-a480-b44d7db2c7c9 16/16

You might also like