Ducks Unlimited


In mid-2021, Risk Based Security reported on a database sourced from Ducks Unlimited being traded online. The data dated back to January 2021 and contained 1.3M unique email addresses across both a membership list and a list of website users. Impacted data included names, phones numbers, physical addresses, dates of birth and passwords stored as unsalted MD5 hashes.

Domain Entries Date Breached Hashing Privacy acknowledged?
https://ducks.org 1,324,364 2021-01-29 MD5 Public No

Information leaked

Dates of birth, Email addresses, Names, Passwords, Phone numbers, Physical addresses


Notice any errors/mistakes in this breach entry? Please contact us and we will fix it ASAP. We strive to be the best and most accurate, so your contribution(s) will be greatly appreciated.