PropTiger
  • Total Records16,831,153
  • Unique Emails11,699,602
  • Unique IP Addresses217,924
  • Unique Usernames174,781
  • Unique First Names3,394,427

PropTiger Data Breach: What Happened in the 2018 Incident?

In January 2018, PropTiger, a prominent Indian property website catering to real estate buyers and sellers, was breached in an incident that exposed personal data from more than 16 million user records. Details like full names, email addresses, usernames, birthdates, IP addresses, and MD5 hashed passwords with unique salts were accessed by attackers. Although the breach took place at the start of 2018, the compromised data circulated more widely two years later when it surfaced on a popular hacking forum. The sheer scale and sensitive nature of the information made this one of the more significant incidents to impact an Indian real estate platform.

Scope and Details of the PropTiger Breach

The breach affected a substantial user base, with a total of 16,831,156 records compromised. The exposed database included vital personal details users typically provided when signing up or managing their accounts on the website. Because PropTiger operated as a property listing and brokerage platform, its users ranged from individuals seeking new homes to property professionals, broadening the scope of those impacted.

What Data Was Exposed?

The attackers obtained a range of sensitive information, including:

  • Full names
  • Email addresses
  • Usernames
  • Full birthdates
  • IP addresses
  • MD5 hashed passwords with unique salts

Although the passwords themselves were not exposed in plain text, the inclusion of both the hashes and accompanying salts increased the risk of password cracking attempts where attackers had sufficient resources and time.

Timeline: From Breach to Public Leak

The breach occurred in January 2018. For approximately two years, there was little public awareness of the incident until the full contents of the breached database were published on a popular hacking forum. This wider sharing of the data led to increased scrutiny and concern within the cybersecurity and real estate communities. Since the leak’s public disclosure lagged so far behind the breach date, many affected users were likely unaware for an extended period.

FAQ: PropTiger Data Breach

How many users were affected in the PropTiger data breach?

The breach impacted 16,831,156 users according to leaked database records.

What information was leaked in the PropTiger breach?

Personal data including email addresses, full names, usernames, full birthdates, IP addresses, and MD5 hashed passwords (with salts) were compromised in the incident.

When did the PropTiger breach happen?

The breach took place in January 2018, with the leaked database surfacing on hacking forums about two years later.

How was the PropTiger data breach discovered?

The breach became well-known after the data was widely shared on a well-trafficked hacking forum, bringing public attention to the incident after its initial occurrence.

How can I check if I'm in the PropTiger breach?

You can check if your information was part of the PropTiger breach by utilizing the DeHashed search engine.