Data Breaches

SurveyLama Data Breach Impacts 4.4 Million Users

Data breach impacting users’ personal information prompts survey rewards platform SurveyLama to reset passwords.

Data breach impacting users’ personal information prompts survey rewards platform SurveyLama to reset passwords.

Survey rewards platform SurveyLama says it is aware of a data breach impacting the personal information of more than 4.4 million users.

The incident occurred in February but came to light this week, when the leaked information was added to the data breach notification platform Have I Been Pwned (HIBP).

According to the alert service, more than 4.4 million user email addresses were compromised in the incident, along with various types of personal information, including names, addresses, phone numbers, dates of birth, and IP addresses.

“Passwords stored as either salted SHA-1, bcrypt or argon2 hashes” were also compromised, HIBP says. Although not immediately usable, hashed passwords can be cracked with enough time and effort, potentially exposing user accounts to further compromise.

Responding to a SecurityWeek inquiry, SurveyLama said it has already prompted a platform-wide password reset to help users keep their accounts secure.

“We notified users by email by deleting their password so that they could create a new one,” the platform said.

Advertisement. Scroll to continue reading.

“We were already notified of a possible leak a month or two ago,” SurveyLama revealed.

The platform also said that it does not know how the leak occurred and that it has “made security checks and modifications to strengthen our system”.

SurveyLama allows registered users to earn monetary rewards by completing surveys, promising earnings of up to $300 per month. The platform is owned by French company Globe Media.

Users should reset the password for their SurveyLama accounts as soon as possible and should also change their credentials for any other online account secured with the same email and password pair.

Related: Prudential Financial Data Breach Impacts 36,000

Related: OWASP Data Breach Caused by Server Misconfiguration

Related: Massachusetts Health Insurer Data Breach Impacts 2.8 Million

Related Content

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Data Breaches

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

Data Breaches

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

Data Breaches

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version