habbo.com
Jul 7, 2026
A credential dump associated with Habbo Hotel (a social networking site/online game), containing username:MD5-hashed-password:email:IP address records. The dataset appears to be a compilation of German-speaking Habbo users, predominantly with .de, .at, .ch email domains across providers like hotmail.de, web.de, gmx.de, and live.de. The SQL header references a 'hotmail_data' table, suggesting this may be a secondary credential stuffing or phishing-harvested set tied to Habbo accounts.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
HabboSt.txt4 columns900,891 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | username | high | Column 'email' in CREATE TABLE but data shows Habbo usernames (e.g., 'XStrikeX', 'sweet0164', 'MichiMaus14'). These are human-generated login handles typical of gaming platforms, not email addresses. Mismatch between schema and actual data content indicates data repurposing or dump compilation error. |
| 1 | password | high | Column 'name' in CREATE TABLE but data shows MD5 hashes (32-character hex strings like '2b385def1fad60118a69456234fdb788'). Consistent with credential dump format where password hashes are present. |
| 2 | skip | high | Column 'address' in CREATE TABLE but data shows email addresses with @ symbol and common German/Austrian/Swiss domains (.de, .at, .ch) from providers like hotmail.de, gmx.de, web.de, live.de, yahoo.de. Consistent with breach context describing German-speaking Habbo users. |
| 3 | skip | high | IPv4 addresses (e.g., '173.245.51.208', '81.62.172.184'). Non-PII technical data, not a standard PII field type. |
Notes: SQL dump schema mislabeling detected: CREATE TABLE declares columns as 'email', 'name', 'address' but actual data structure is username:MD5-hash:email:IP. This is consistent with credential stuffing/phishing-harvested data repurposed into SQL format. The LOAD DATA statement references 'hotmail.sql' and 'users' table mismatch with 'hotmail_data' declaration, indicating schema inconsistency typical of hastily compiled breach archives. German-language Habbo userbase confirmed by email domain distribution (.de dominant, .at, .ch secondary) matching breach context.