Account Takeover And CredentialsAccount Issue

SongTrivia2 breach with bcrypt password hashes for non Google auth users

April 4, 2026Have I Been Pwned

Have I Been Pwned reports the SongTrivia2 breach exposed 291,000 unique email addresses and included bcrypt password hashes where Google authentication was not used, reinforcing the ongoing risk of credential reuse after data leaks.

Open in PulseSee the full expert discussion →

QUOTES

New breach: SongTrivia2 had 291k unique email addresses breached this week.

Data included name, username, avatar and, where Google auth wasn't used, bcrypt password hash.

45% were already in @haveibeenpwned.

VOICES

Have I Been Pwned

RELATED TERMS

data breachstored hashesgooglegoogledata breachstored hashes

OTHER FINDINGS IN ACCOUNT TAKEOVER AND CREDENTIALS

LinkedIn hidden code collecting installed software and transmitting it to LinkedIn and third parties OpenAI Codex branch-name command injection stealing GitHub tokens Exposed API keys harvested via GitHub dorking and OSINT workflows

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security