SongTrivia2, a music trivia platform, suffered a data breach in April 2026 affecting approximately 292,000 accounts, with data subsequently published to a public hacking forum.
What happened
According to HIBP, SongTrivia2 experienced a data breach in April 2026. The breach was discovered and the compromised data was published to a public hacking forum on April 4, 2026.
What was exposed
The breach exposed approximately 291,739 unique records containing email addresses, names, usernames, avatars, authentication tokens, and passwords. According to the source, email addresses came from either Google OAuth logins or accounts created directly on the platform, with the latter also containing bcrypt password hashes.
Who is affected
The breach affected 291,739 user accounts on the SongTrivia2 platform, including both users who registered via Google OAuth and those who created accounts directly on the site.
What to do now
Users should change their password on SongTrivia2 and any other services where they reused the same password. Those who used Google OAuth may review their Google account security settings. Monitor accounts for unauthorized activity and consider enabling two-factor authentication where available.