SurveyLama data breach exposes the personal information of 4.4 million users online

A data breach impacting the online paid survey site SurveyLama has exposed personally identifiable information (PII) of 4.4 million people.

SurveyLama is an online platform that offers paid surveys for participants who get paid via cash redeemable LamaPoints.

Troy Hunt, the creator of the data breach alerting service Have I Been Pwned (HIPB) was the first to catch wind of the breach in early February 2024.

Exposed data includes personal data linked to 4,426,879 user accounts, such as:

• Email addresses and phone numbers
• Full names and date of birth
• IP addresses and physical addresses
• Hashed passwords

According to BleepingComputer’s report, Hunt also contacted SurveyLama about the legitimacy of the data. He told the technology news outlet that SurveyLama confirmed “that they had already notified they had already notified impacted users via email.”

Were you a victim of the SurveyLama data breach? Here are your next steps

If passwords are in the mix, you need to reset your SurveyLama account password

Even if the exposed passwords are hashed, it doesn’t mean that malicious actors can’t crack them to access your account and steal more sensitive information.

Commit to healthy online habits by setting up a new and unique password for your SurveyLama account, and don’t forget to review other accounts that might have the same login credentials.

Stay vigilant against future unsolicited correspondence

The most immediate consequence of a data breach with your contact information is an increase in spam correspondence that may include texts, phishing emails or phone calls.

Although you’re probably tired of reading this by now, brushing up on healthy online habits is the way to go when it comes to protecting your identity and wallet against potentially nasty data breach aftereffects.

• Monitor your accounts regularly for suspicious activity
• Limit the information you willingly share only
• Never hand out sensitive information to strangers or via unsolicited correspondence
• Scrutinize anything that sounds too good to be true
• Use a security solution on your devices to protect against phishing attempts and malware
• Use a password manager to maintain best password practices
• Use Bitdefender Scamio, our free AI-powered scam detector, to check if any unsolicited or suspicious messages, texts, or even QR codes are scams.

Don’t turn a blind eye when it comes to data breaches. Your data has no expiration date and can be exploited by malicious individuals indefinitely.

Stay on top of data breaches to immediately act and protect your identity and data with Bitdefender Digital Identity Protection.

Our identity protection service is packed with features that enable data breach victims to find out if their personal information has been leaked online in real time.

On top of 24/7 data breach alerts, you can benefit from the industry's first Identity Protection Score to help you understand the extent of the breach and how it can impact you and receive actionable advice to immediately minimize risk and safeguard your well-being.

But wait, there’s more! We’ve recently launched some handy improvements to our Digital Identity Protection service so that you can benefit from a fully-fledged identity theft prevention layer and an easy way to minimize your digital footprint.