What Happened
In January 2018, Indian real estate website PropTiger suffered a data breach when a 3.46GB database file containing user records and login histories was exposed and later shared on a popular hacking forum in 2020, affecting approximately 2.2 million accounts with over 2 million unique email addresses. The compromised data included personal details such as names, dates of birth, genders, IP addresses, and passwords stored as MD5 hashes. PropTiger claimed the data’s usability was limited due to storage methods, though they later denied a 2018 breach in response to 2020 reports, attributing a separate incident to March 2020. The breach was added to Have I Been Pwned on March 24, 2020.
