BloomsToday
  • Total Records15,386,975
  • Unique Emails3,195,415
  • Unique First Names3,158,279
  • Unique Addresses3,631,707

BloomsToday Data Breach Exposes Personal Details of 15.4 Million Users

In early December 2024, BloomsToday—an online flower delivery and gifting service—discovered a major data breach that affected nearly 15.4 million records. The incident resulted in the exposure of a wide range of user information, including full names, street addresses, company affiliations, phone numbers, and email addresses. For a platform frequently used for sending flowers and gifts, this breach raises concerns due to the volume of personal data involved. The unauthorized access placed a massive trove of customer contact information at risk, increasing the possibility of targeted scams and phishing attempts.

What Happened in the BloomsToday Breach?

On December 1, 2024, malicious actors gained access to the user database of BloomsToday. The breach compromised extensive personal information spanning both individual and corporate details collected through the site. The unauthorized party was able to extract records that included a broad set of identifying and contact details.

Scope of the Breach and Records Impacted

The breach involved a staggering 15,386,976 records. Both current and past customers of BloomsToday may have been impacted. Because the dataset contains names, addresses, emails, phone numbers, and company data, anyone who registered, made a purchase, or otherwise submitted information to BloomsToday prior to December 2024 could be affected.

Types of Data Exposed

  • First and last names
  • Full street addresses (including apartment or suite numbers)
  • City, state, ZIP code, and country
  • Company names
  • Phone numbers
  • Email addresses
  • Full name (single field)

This breadth of data can be sensitive if used maliciously for targeted phishing attempts or fraud.

Timeline of Events

  • December 1, 2024: The breach occurred, with attackers gaining access to customer records held by BloomsToday.
  • After discovery, internal investigations were initiated to determine the scale and scope of the incident.
  • Notification and public awareness efforts followed as details of the breach were confirmed and released.

Frequently Asked Questions (FAQ)

What kind of data was leaked in the BloomsToday breach?

The information exposed included first and last names, full addresses, company names, phone numbers, and email addresses.

How many users were affected by the December 2024 BloomsToday breach?

Approximately 15.4 million records were compromised in the breach, impacting a large number of current and past BloomsToday customers.

When did the BloomsToday breach happen?

The breach occurred on December 1, 2024, and was later discovered after unauthorized access was detected.

How can I check if I'm in the BloomsToday breach?

You can check if your information was part of the BloomsToday breach by utilizing the DeHashed search engine.