Avvo Data Breach
What Happened
In approximately December 2019, an alleged data breach of the lawyer directory service Avvo was published to an online hacking forum and used in an extortion scam (it's possible the exposure dates back earlier than that). The data contained 4.1M unique email addresses alongside SHA-1 hashes, most likely representing user passwords. Multiple attempts at contacting Avvo over the course of a week were unsuccessful and the authenticity of the data was eventually verified with common Avvo and HIBP subscribers.
Compromised Data
Recommended Actions
Change Your Password
If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.
Enable Two-Factor Authentication
Wherever 2FA is supported, add an extra layer of security to your account.
Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Try 1PasswordBreach Overview
-
Affected Accounts:
4.1 million
-
Breach Occurred:
December 2019
-
Added to HIBP:
15 Apr 2022
Recommended Actions
Change Your Password
If you haven’t already changed the password affected by this breach, do so immediately on every account where it was used.
Enable Two-Factor Authentication
Wherever 2FA is supported, add an extra layer of security to your account.
Use a password manager to generate and store strong, unique passwords for all your accounts. 1Password helps protect your data with industry-leading security.
Try 1Password