What happened
According to public breach records, the 1win data breach on November 2, 2024 is reported to have exposed the personal information of 96,166,543 accounts.
In November 2024, the online betting platform 1win suffered a data breach that exposed 96M users. The exposed data included email and IP addresses, phone numbers, dates of birth, country and SHA-256 password hashes.
In November 2024, the online betting platform 1win was the subject of a data breach in which a copy of its database was published to hacking forums; reports first emerged around November 7, 2024, after a threat actor using the alias "fe0dor" uploaded the stolen data to the exploit.in forum, from where it circulated more widely. The exposed data included email addresses, phone numbers, IP addresses, dates of birth, geographic/country location and SHA-256 password hashes. Have I Been Pwned ingested the data on February 3, 2025, identifying roughly 96 million affected accounts, making it one of the larger gambling-industry exposures on record.
What data was exposed
The following types of personal data were compromised:
- Dates of birth
- Email addresses
- Geographic locations
- IP addresses
- Passwords
- Phone numbers
Breach details
| Detail | Value |
|---|---|
| Breach name | 1win |
| Date | November 2, 2024 |
| Accounts affected | 96,166,543 |
| Domain | 1win.com |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by 1win; it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Change your 1win password immediately, and change it anywhere else you reused the same password — the leaked passwords were stored as SHA-256 hashes, which are crackable for weak or common passwords.
- Enable two-factor authentication on your 1win account and any other accounts that shared the breached email/password combination.
- Treat unexpected emails, calls and texts as potential phishing — exposed email addresses and phone numbers are commonly used for targeted scams, and attackers also obtained dates of birth that can make these messages look convincing.
- Be cautious of messages referencing your gambling activity or account balance, and verify any account or payment requests directly through 1win's official channels rather than links in messages.
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →