Digimon.co.in
  • Total Records35,372,113
  • Unique Emails5,834,222
  • Unique IP Addresses948,982

Digimon.co.in Data Breach: 35 Million Records Exposed in September 2016

In September 2016, Digimon.co.in—a service believed to be connected with mass email distribution and marketing campaigns—experienced a significant data breach when attackers accessed an unsecured MongoDB database. As a result, over 35 million records were compromised. The leaked database contained sensitive details such as email addresses, IP addresses, and comprehensive geographic information like country, state, and city. Evidence suggests these records were associated with activity logs from a system utilizing PowerMTA, commonly linked to large-scale email and spam operations. The files included valuable insights into email opens, recipient engagements, and more, exposing a massive dataset to public view.

What Happened in the Digimon.co.in Data Breach?

The breach took place in early September 2016, when a misconfigured MongoDB instance allowed unauthorized access to the full dataset. The database, believed to be powering email campaign tracking, was not properly secured, making it openly accessible to anyone who found it. This led to various sensitive details being exfiltrated and released online.

Scope and Impact of the Breach

The breach affected an enormous number of records—more than 35 million entries in total. These records contained a mixture of contact-related and behavior-tracking information, revealing not only identifiable email addresses but also detailed logs on email interactions and the geolocations of recipients.

What Data Was Exposed?

  • Email addresses
  • IP addresses
  • Country, state, and city

Most of the exposed data originated from logs tracking emails—details about sender and recipient activity, open events, and click-through logs from the service's campaigns.

Timeline of Events

  • Early September 2016: The incident occurs with the exposure of the MongoDB database.
  • September 2016: Database is accessed and data is leaked, revealing extensive communication logs and personal data.
  • Posts and discussions emerge online about the dump, bringing attention to the scale and impact of the breach.

Digimon.co.in Breach FAQ

How many users were affected in the Digimon.co.in data breach?

Over 35 million unique records were included in the data breach, representing a broad segment of users and contacts stored in the system's email campaign database.

What information was leaked in the Digimon.co.in breach?

The breached data included email addresses, IP addresses, and detailed geographic information such as the country, state, and city linked to each record, alongside email interaction logs.

Was Digimon.co.in used for spam campaigns?

Based on the nature of the leaked records and the use of PowerMTA within the exposed infrastructure, the system appears to have been used for large-scale email and spam mail campaigns, capturing extensive user interaction details.

When did the Digimon.co.in breach happen?

The data breach took place in September 2016, with the exact date most commonly cited as September 1st, 2016.

How can I check if I'm in the Digimon.co.in breach?

You can check if your information was part of the Digimon.co.in breach by utilizing the DeHashed search engine.