MangaDex Says Stolen User Database Already Shared “in the Wild”

Written by Bill Toulas
Last updated September 27, 2021

Last month, MangaDex suffered a data breach that resulted in the exfiltration of the website’s user database. The platform decided to go offline for a while and fix its security, and today, they remain in the same state. However, there’s an update that came online a couple of days ago, confirming that user data has been leaked “in the wild,” and it contains usernames, email addresses, IP addresses, and securely hashed passwords.

Users of the site who haven’t been using a VPN to mask their IP address are now running the risk of finding trouble due to them engaging in content piracy. MangaDex is a popular scanlation site, which means that it hosted and distributed content that violates the rights of the creators of manga comics, etc.

Source: MangaDex

And then there is the aspect of the leaked credentials, which are risking the security of the accounts that MangaDex users may have on other online platforms. The announcement mentions that the team behind the site is working closely with HIBP ( platform to add the affected emails onto the checker’s database and send out notifications of a breach.

We don’t know if this is true, and we have reached out to Troy Hunt to ask about it, so we will update this piece as soon as we have a comment. It is notable that MangaDex is taking the path of responsibility, which for a piracy site is atypical and worth of applaud.

As the announcement points out, the user database hasn’t been leaked widely yet but is instead being shared privately among certain groups of people who have ill intentions against the platform. MangaDex claims these people are quiet about their data possession, likely for unethical reasons, but they expect the situation to escalate soon.

We have checked around with the help of KELA, and we have found some posts that partly confirm these claims. First, on a popular clearnet hacking forum, there’s a post saying that the database is out there and available for purchase, but not at a price that’s worth it.

Source: KELA

On a dark web forum, though, we found a post that dates back to the start of this month, offering several links to download the database for free. We have not tested these links, and we have not confirmed the validity of the data, so we’re conveying this info with caution.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: