Datenleck-Beobachtungsstelle
Durchsuchen des Dark Webs nach Leaks sensibler Daten
Vier von fünf kleinen Unternehmen waren kürzlich von einem Datenleck betroffen. Und ein einziger Vorfall kann ein kleines Unternehmen über 1 Million US-Dollar kosten. Warum hören wir also nicht mehr Nachrichten über Datenlecks?
Proton wartet nicht darauf, dass Datenlecks gemeldet werden. Stattdessen gehen wir direkt ins Dark Web, erfassen und teilen Leaks in Echtzeit – und helfen kleinen Unternehmen, sich zu schützen.
Qantas Airways
What happened?
Australia's national airline Qantas Airways Ltd. was targeted by a group of hackers named Scattered Lapsus$ Hunters which launched a ransomware attack(neues Fenster). The company did not pay the ransom, leading to more than 11 million customer records being leaked on the dark web. Sensitive data including customer names, addresses, and email addresses were exposed, but no financial records appeared. Qantas announced that it has strengthened its security measures following the data breach.
Allianz Life
What happened?
In July 2025, hackers targeted the world's largest insurance company and Europe's largest financial services company Allianz(neues Fenster) and subsequently stole the personal information of 1 million Allianz customers and employees. Subsequently, information including names, dates of birth, physical addresses, phone numbers, email addresses, and Social Security numbers appeared in a data breach. The breach affected North American customers and employees, and Allianz disclosed the data breach in a legal filing in the US state of Maine.
Tracelo
What happened?
In September 2024, the data of more than 1.4 million customers(neues Fenster) of the mobile geolocation tracking service Tracelo was leaked on the dark web. A hacker known as Satanic leaked customer names, addresses, phone numbers, email addresses, and passwords following an attack on Tracelo, posting them on the cybercrime forum BreachForums. Tracelo does not appear to have addressed the breach.
INTERSPORT France
What happened?
In France, more than 100,000 customers of sporting goods retailer INTERSPORT(neues Fenster) had their personal data leaked on BreachForums. Data including names, addresses, phone numbers, and email addresses appeared online in June 2025. INTERSPORT advised that it was addressing the breach, but did not disclose whether it had notified French authorities of the breach.
Free
What happened?
France's second largest ISP and telephone provider Free(neues Fenster) confirmed in October 2024 that it had been targeted by a data breach. In May 2025, customer data appeared on the dark web: names, dates of birth, phone numbers, email addresses, and IBANs were all leaked. In total, more than 19.5 million records appeared online. The National Commission for Information Technology and Freedoms launched a sanctions procedure against Free in March 2025.
Orange Romania
What happened?
In February 2025, a hacker going by the name Rey obtained more than 3.4 million records from telecoms provider Orange's Romanian branch(neues Fenster). Data including customer names, dates of birth, addresses, phone numbers, email addresses, usernames, and ID numbers appeared on the dark web following a ransomware attack which Orange declined to pay. Orange is monitoring the attack along with The Romanian National Cybersecurity Directorate (DNSC).
Zacks Investment Research
What happened?
Chicago-based investment research company Zacks Investment Research(neues Fenster) was breached by hackers in June 2024. In February 2025, customer data including names, addresses, phone numbers, email addresses, usernames, and passwords appeared for sale online. The company has not yet addressed this breach, having now been affected by multiple data breaches in recent years.
SkilloVilla
What happened?
In July 2025, hackers targeted the world's largest insurance company and Europe's largest financial services company Allianz(neues Fenster) and subsequently stole the personal information of 1 million Allianz customers and employees. Subsequently, information including names, dates of birth, physical addresses, phone numbers, email addresses, and Social Security numbers appeared in a data breach. The breach affected North American customers and employees, and Allianz disclosed the data breach in a legal filing in the US state of Maine.
amai
What happened?
More than 10 million records stolen from Singapore-based eCommerce platform Amai appeared on the dark web in January 2025. Names, addresses, phone numbers, email addresses, and passwords were stolen from the company's customer database. It does not appear that Amai has acknowledged a data breach as of October 2025.
PhoneMondo
What happened?
In January 2025, more than 10.5 million records stolen from German telecommunications platform PhoneMondo appeared on the dark web. Sensitive data includes names, dates of birth, addresses, phone numbers, email addresses, usernames, passwords, and IBANs. As of October 2025, it doesn't appear that PhoneMondo has acknowledged the breach.
Sorge dafür, dass dein Unternehmen nicht auf dieser Liste landet
Deine Passwörter und die Multi-Faktor-Authentifizierung sind deine erste Verteidigungslinie gegen Hacker. Erfahre, wie Tausende von Führungskräften kleiner Unternehmen die Passwortverwaltung optimieren und ihre Daten schützen.
Über die Datenleck-Beobachtungsstelle
- Was ist die Datenleck-Beobachtungsstelle?
- Welche Daten werden geleakt?
- Warum über Datenlecks berichten?
- Woher bekommt ihr eure Informationen?
- Schadet die Offenlegung aktueller Datenlecks nicht den Unternehmen?