Unverified Data Source 2021 Data Breach

Unverified Multi-Source Breach (2021): SSN, Health Records, Bank Accounts & Income Data Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

Unknown (compilation; provenance unverified per HIBP)Breach CompilationBank Account NumberCredit StatusDate of BirthEmail AddressEmployerFinancial ProfileFull NameHealth Information
High SeverityWebsite / service breach

Unverified Multi-Source Breach (2021): SSN, Health Records, Bank Accounts & Income Data Exposed

Unattributed multi-source breach compilation with extensive PII fields

Verified by ObscureIQ Intelligence
65/100Breach Risk Index
100Data Value
10Market Recency
1860dSince Breach

Breach Intelligence Summary

Entity: Unverified Data Source · Actor: Unknown (compilation; provenance unverified per HIBP) · Sources: 3 references
Attack: Unknown
Profile: Breach Compilation · Aggregated personal records from unidentified sources · Unverified multi-source personal data corpus · Global
Timeline: Breach (2021-01-26) · Indexed (Mar 24, 2021) · Year (2021)
Exposure: 11.5M records · 14 fields: Bank Account Number, Credit Status, Date of Birth, Email Address, Employer, Financial Profile, Full Name, Health Information, Health Insurance Information, IP Address, Lifestyle Habits, Phone Number, Physical Address, Social Security Number
Status: Confirmed

Executive Summary

A compiled dataset of personal records was discovered in January 2021 by researchers at Night Lion Security. The corpus contained more than 11 million unique email addresses paired with an unusually broad set of personal fields drawn from multiple unidentified sources.\n\nThe records included names, physical and IP addresses, phone numbers, dates of birth, employer details, income levels, and credit-status information. Some entries also contained social security numbers, driver's license details, bank account numbers, health insurance information, and personal health data. Fields varied by the source breach each record was drawn from. The original organizations responsible for the underlying leaks were never publicly attributed.\n\nBecause the data spans government identifiers, finance, and health, the practical risk to affected individuals is unusually severe. The combination of name, date of birth, and SSN supports synthetic identity fraud and identity-verification bypass. Bank account and health-insurance data extend exposure into ACH fraud, medical identity theft, and insurance abuse. Anyone whose data may have been included should monitor credit reports, place fraud alerts where available, and treat any unsolicited financial or medical correspondence with caution.

ObscureIQ assessment: High risk of identity theft, phishing, profiling, and misuse, even where provenance is uncertain. Unverified origin increases uncertainty, but not the practical harm once the records circulate.

Breach Impact

A compiled dataset of personal records was discovered in January 2021 by researchers at Night Lion Security. The corpus contained more than 11 million unique email addresses paired with an unusually broad set of personal fields drawn from multiple unidentified sources.\n\nThe records included names, physical and IP addresses, phone numbers, dates of birth, employer details, income levels, and credit-status information. Some entries also contained social security numbers, driver's license details, bank account numbers, health insurance information, and personal health data. Fields varied by the source breach each record was drawn from. The original organizations responsible for the underlying leaks were never publicly attributed.\n\nBecause the data spans government identifiers, finance, and health, the practical risk to affected individuals is unusually severe. The combination of name, date of birth, and SSN supports synthetic identity fraud and identity-verification bypass. Bank account and health-insurance data extend exposure into ACH fraud, medical identity theft, and insurance abuse. Anyone whose data may have been included should monitor credit reports, place fraud alerts where available, and treat any unsolicited financial or medical correspondence with caution.

About Unverified Data Source

The "Unverified Data Source" record is not a corporate entity but a multi-source breach compilation surfaced in 2021. The dataset aggregated personal records from a mix of unattributed origins into a single corpus of more than 11 million unique email addresses. What distinguishes this compilation from a typical contact-list aggregation is the unusual depth of fields included, which extend well beyond names and emails into government identifiers, financial profiles, and health-linked information. The original sources of the underlying records were not publicly resolved.

Why They Hold Your Data

Unverified multi-source personal data corpora typically aggregate identity, contact, and account-linked records from unclear or mixed origins into a generalized exposure dataset.

Recent Developments

The compilation was discovered in January 2021 by Night Lion Security and added to public breach-tracking services shortly afterward. No definitive attribution has been published in the years since, and the original breached entities remain unidentified. Records from broad compilations of this type tend to recirculate on data-broker forums, dark-web marketplaces, and aggregated leak sites for years after first surfacing, particularly when they include high-value identity and financial fields. There has been no public regulatory action tied to the corpus.

Data Points Exposed

14 verified field types
Bank Account Number Critical
Credit Status High
Date of Birth High
Email Address
Employer
Financial Profile High
Full Name High
Health Information Critical
Health Insurance Information Critical
IP Address
Lifestyle Habits
Phone Number
Physical Address High
Social Security Number Critical

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Financial fraud using exposed financial profile data
  • Identity theft and synthetic identity construction using government-issued IDs
  • Identity verification bypass using name + date of birth combination
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
  • Employment-based social engineering using job and employer data
Threat vectors:
  • ACH fraud & unauthorized transfers
  • Fraudulent credit application
  • Identity verification bypass
  • Phishing, credential stuffing & account takeover
  • Business Email Compromise seeding
  • Loan fraud & targeted financial scams
  • Name-based social engineering
  • Insurance fraud & employment discrimination
  • Medical identity theft
  • Geolocation & account flagging
  • Insurance discrimination & targeting
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification
  • Full identity theft & synthetic identity fraud

Threat Actor: Unknown (compilation; provenance unverified per HIBP)

Unknown (compilation; provenance unverified per HIBP)
Unknown

Attribution and method are based on available breach intelligence. Reported attack vector: Unknown.

Recommended Actions

If you believe your information may be included:

Protect Your ID Documents
Government-ID exposure enables document fraud — monitor and report misuse.
IdentityTheft.gov
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Unverified Data Source breach?

A compiled dataset of personal records was discovered in January 2021 by researchers at Night Lion Security. The corpus contained more than 11 million unique email addresses paired with an unusually broad set of personal fields drawn from multiple unidentified sources.\n\nThe records included…

What data was exposed?

Verified fields include Bank Account Number, Credit Status, Date of Birth, Email Address, Employer, Financial Profile, Full Name, Health Information, Health Insurance Information, IP Address, Lifestyle Habits, Phone Number, Physical Address, Social Security Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
Have I Been Pwned
Record & field corroboration
Cross-source
9ghz
Independent catalogue listing
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation