Ucraft.com Breach


NOTE: This post was originally written in March 2023 in my old blog.

Sometime in the beginning of March 2023 a database belonging to Ucraft.com was shared on multiple places. Ucraft is a service that allows to easily create websites without coding skills. Now, the database was shared in March 2023, but the last line in the MySQL file says “Dump completed on 2018-12-02 8:37:25”.

Let’s see what we have in the database of this service.

Number of unique email addresses in the users table: 217815.

Compromised data include names/usernames, email addresses, hashed passwords, IP addresses, geolocations, transactions, payment methods, partial payment card details etc.

Not surprising that top 20 email domains are from free email service providers:

122398 gmail.com
11418 hotmail.com
11149 yahoo.com
7539 qq.com
6132 mail.ru
2645 facebook.com
2511 outlook.com
2336 yandex.ru
1095 icloud.com
1003 live.com
867 aol.com
739 hotmail.co.uk
710 bk.ru
476 me.com
471 ymail.com
454 googlemail.com
416 mail.com
404 yahoo.co.uk
389 msn.com
374 inbox.ru

Top 20 TLDs:

177437 com
10964 ru
3241 net
2993 org
2316 uk
1937 de
1570 it
1321 pl
1280 fr
1263 edu
1024 us
879 ca
860 nl
745 au
588 br
430 es
428 in
382 cz
350 gr
339 za

How about Nordic countries? Glad that you asked:

186 dk
172 se
137 no
56 ee
52 fi
25 is

If you have registered an account on Ucraft.com prior to December 2018, then probably worth changing your password.