Instant Checkmate 2019 Data Breach

Instant Checkmate People-Search Background Check Service Breach (2019): 20 Million User Accounts Including Passwords Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

MisconfigurationData BrokerEmail AddressFull NamePasswordPhone Number
Low SeverityWebsite / service breach

Instant Checkmate People-Search Background Check Service Breach (2019): 20 Million User Accounts Including Passwords Exposed

People search and background check service.

Verified by ObscureIQ Intelligence
23/100Breach Risk Index
5Data Value
25Market Recency
406dSince Breach

Breach Intelligence Summary

Entity: Instant Checkmate · Actor: Unknown · Sources: 4 references
Attack: Misconfiguration
Profile: Data Broker · Background checks and people search · People search and background report service · USA
Timeline: Breach (2019-04-12) · Indexed (Mar 17, 2025) · Year (2019)
Exposure: 20.2M records · 4 fields: Email Address, Full Name, Password, Phone Number
Status: Confirmed

Executive Summary

Instant Checkmate, a people-search and background check service operated by PeopleConnect, suffered a data breach traced to a 2019 backup file. The data surfaced on a hacking forum in January 2023. PeopleConnect confirmed the exposed data was authentic and affected customer accounts created between 2011 and 2019. The breach stemmed from a misconfiguration or inadvertent exposure of the backup, with no evidence of a direct intrusion into active systems. Approximately 20.2 million records were compromised. The exposed data included full names, email addresses, phone numbers, and passwords stored as scrypt hashes. While scrypt is a hardened encryption format, cracking remains possible with sufficient resources, meaning passwords should be considered at risk. The breach carries heightened concern given the nature of the platform. Instant Checkmate aggregates detailed personal records on millions of individuals. A breach of its own customer database compounds that risk, exposing the identities and contact details of people who were researching others, in some cases for sensitive personal or professional reasons. PeopleConnect notified affected users and prompted password resets following discovery. No major regulatory enforcement action or settlement specific to this breach has been publicly documented. Affected individuals face real risks including phishing attacks, account takeover attempts on other services where the same password was reused, and potential targeting for stalking or doxxing. Anyone who held an Instant Checkmate account between 2011 and 2019 should treat their credentials as compromised and audit any accounts sharing the same password.

ObscureIQ assessment: Extremely high risk because the data is already normalized for person lookup. Exposure enables stalking, doxxing, identity theft, executive targeting, and cross-dataset identity linkage.

Breach Impact

In January 2023 a corpus of data from Instant Checkmate and its sister service TruthFinder surfaced on a hacking forum. The dataset originated from 2019 backup files and contained records for approximately 20 million accounts including names, email addresses, phone numbers, and passwords. PeopleConnect acknowledged the breach and confirmed the data was authentic. The company notified affected users and prompted password resets. No major settlement or regulatory enforcement action specific to this breach has been prominently documented, though the exposure of a background check service's own user database — a platform whose purpose is aggregating others' personal information — drew pointed commentary in security and privacy circles.

About Instant Checkmate

Instant Checkmate is a consumer-facing people search and background check service that aggregates public records — criminal histories, court filings, addresses, relatives, and contact information — into searchable personal profiles. The platform is operated by PeopleConnect, which also runs the related service TruthFinder. Both are marketed for personal use in researching individuals, though critics have raised concerns about their use in surveillance and stalking contexts.

Why They Hold Your Data

People-search and background-report services aggregate identity, address, phone, criminal-record, relative, and public-record data into searchable consumer profiles.

Recent Developments

Instant Checkmate continues to operate under PeopleConnect alongside TruthFinder. The people search and data broker industry faces ongoing scrutiny under state privacy laws — particularly the California Consumer Privacy Act and similar legislation — requiring opt-out mechanisms and data deletion processes. No major organizational changes have been prominently reported beyond the regulatory environment context.

Data Points Exposed

4 verified field types
Email Address
Full Name High
Password Critical
Phone Number

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:High
Primary downstream threats:
  • Credential stuffing against reused passwords across other platforms
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • Credential stuffing & account takeover
  • SIM swapping, vishing & SMS phishing

Recommended Actions

If you believe your information may be included:

Change Reused Passwords
Update this account and anywhere you reused the password; use a manager.
Password manager guide
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Instant Checkmate breach?

Instant Checkmate, a people-search and background check service operated by PeopleConnect, suffered a data breach traced to a 2019 backup file. The data surfaced on a hacking forum in January 2023. PeopleConnect confirmed the exposed data was authentic and affected customer accounts created between…

What data was exposed?

Verified fields include Email Address, Full Name, Password, Phone Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
Breach Index
Have I Been Pwned
Record & field corroboration
Cross-source
Leaked.Domains
Independent catalogue listing
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation