ShareThis Data Breach
ShareThis Audience Data Platform Breach: 41M User Records Including Passwords & Date of Birth
Data and content sharing tools provider.
Risk Interpretation
Exposure enables large-scale behavioral profiling, re-identification, and cross-site tracking. Data can be used to build detailed user profiles for phishing, manipulation, or deanonymization.
Impact & Downstream Threats
In July 2018 ShareThis suffered a breach exposing approximately 41 million unique email addresses along with names, dates of birth, and in some cases password hashes. The data was placed for sale on dark web marketplaces in 2019. ShareThis notified relevant parties and engaged cybersecurity investigators. Because the company operates as a data broker rather than a direct consumer service, many of the affected individuals had no direct relationship with ShareThis and no awareness their data was h
- Credential stuffing against reused passwords across other platforms
- Identity verification bypass using name + date of birth combination
- Targeted phishing campaigns using exposed email addresses
Threat Vectors
Breach Intelligence
Executive Summary
ShareThis, a data and marketing technology company whose sharing buttons appear on millions of websites, suffered a breach in July 2018 that exposed records on approximately 41 million individuals. The company operates not just as a social sharing tool but as an audience data platform, collecting and selling behavioral data gathered through its widespread web presence. The breach pathway involved a misconfiguration, and the exposed data surfaced for sale on dark web marketplaces in 2019 before circulating more broadly. The exposed records included email addresses, names, dates of birth, and in some cases password hashes. Because ShareThis functions as a data broker rather than a consumer-facing service, most affected individuals had no direct relationship with the company and likely had no knowledge their information was held there. This makes the breach particularly concerning: people cannot protect data they do not know has been collected about them. The combination of behavioral tracking data with personal identifiers creates real risk of cross-site profiling, phishing, and targeted manipulation. No prominent regulatory action or settlement specific to this breach has been documented. ShareThis notified relevant parties and brought in cybersecurity investigators following the incident. For affected individuals, the practical risks include credential stuffing attacks if password hashes are cracked, as well as phishing campaigns built on the detailed profiles this data can enable. Anyone who may have used a site featuring ShareThis widgets should consider changing passwords used around that period, particularly if the same credentials were reused elsewhere.
About ShareThis
ShareThis is a data and marketing technology company providing social sharing widgets, audience analytics, and consumer data services to publishers and advertisers. The company's sharing buttons appear on millions of websites globally, enabling users to share content to social networks while simultaneously collecting browsing and behavioral data. ShareThis generates revenue by selling audience data and analytics products derived from this web-scale tracking activity.
Why They Hold Your Data
Adtech and tracking platforms collect cross-site behavioral data, device identifiers, browsing activity, and engagement signals to enable targeted advertising and analytics across the web.
Recent Developments
ShareThis continues to operate as a marketing data company. The company has navigated increasing scrutiny of third-party tracking and cookie-based data collection as browsers and regulators have moved to restrict such practices. No major organizational changes beyond this industry context have been prominently reported.
Data Points Exposed
Canonical Fields
date_of_birth, email_address, full_name, password
Dark Web Verification
- Dataset containing ~41.0M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: ShareThis Data Breach;sharethis.com-2018
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of ShareThis
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam