In late March 2022, the Sri Lankan payment gateway PayHere suffered a data breach that exposed more than 65GB of payment records including over 1.5M unique email addresses. The data also included IP and physical addresses, names, phone numbers, purchase histories and partially obfuscated credit card data (card type, first 6 and last 4 digits plus expiry date). A month later, PayHere published a blog on the incident titled Ensuring Integrity on PayHere Cybersecurity Incident.
| Domain | Entries | Date Breached | Hashing | Privacy | acknowledged? |
|---|---|---|---|---|---|
| https://payhere.lk | 1,580,249 | 2022-03-27 | N/A | Not Rated | Yes |
Information leaked
Email addresses, IP addresses, Names, Partial credit card data, Phone numbers, Physical addresses, Purchases
Notice any errors/mistakes in this breach entry? Please contact us and we will fix it ASAP. We strive to be the best and most accurate, so your contribution(s) will be greatly appreciated.