DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

UK: Social networking site xat hacked; user database acquired by hacker(s)

Posted on November 9, 2015 by Dissent

Oh my.

Update and Information About Data Breach.

Hello!

Many of you will have noticed the serious problems with the xat service over the last two days. It would appear that our hosting provider fell for a simple social engineering scam and briefly handed control of some of xat’s servers to a third party.

It is likely that the third party was able to download the xat registered user database. This consists of registered usernames, email address, a hashed version of the password and ip address. We do not store real names, addresses, financial data, dates of birth or similar personal information.

The old servers have now been shut down for analysis. It is therefore necessary to replace them with new servers with a different provider and we are working on this as quickly as we can. We would appreciate your patience while we perform this task and return xat to normal operation. The database was rolled back to Nov 4 08:04 GMT so any trades you did after that but before the breach will have been reversed. Purchases made after that time will be re-credited.

We have always appreciated the loyal and committed users who have helped xat to grow into the fun place that it is. We are confident that we will have things back to normal and really appreciate your support during this difficult time.

Anyone with information about this attack or recent DDoS attempts can email it to [email protected] with the subject: tipoff.

We look forward to chatting again with you soon.

The xat team

6 Nov 2015

Category: Business SectorHackNon-U.S.

Post navigation

← UK: Parliament HACKED: Sensitive data STOLEN, used to hold MP to ransom
AU: Queensland TAFE student data exposed in hack →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Slapped wrists for Financial Conduct Authority staff who emailed work data home
  • School Districts Unaware BoardDocs Software Published Their Private Files
  • A guilty plea in the PowerSchool case still leaves unanswered questions
  • Brussels Parliament hit by cyber-attack
  • Sweden under cyberattack: Prime minister sounds the alarm
  • Former CIA Analyst Sentenced to Over Three Years in Prison for Unlawfully Transmitting Top Secret National Defense Information
  • FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters
  • Dutch police identify users on Cracked.io
  • Help, please: Seeking copies of the PowerSchool ransom email(s)
  • RCMP thumb drive with informant, witness data obtained by criminals: watchdog

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Meta AI app is a privacy disaster – TechCrunch
  • Apple fixes new iPhone zero-day bug used in Paragon spyware hacks
  • Norwegian Data Protection Authority’s findings on tracking pixels: 6 cases
  • Multiple States Enact Genetic Privacy Legislation in a Busy Start to 2025
  • Rules Proposed Under New Jersey Data Privacy Act
  • Using facial recognition? Three recent articles of interest.
  • India publishes consent management rules under Digital Personal Data Protection Act

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.