havenly.com
Jul 1, 2020
A breach of Havenly (havenly.com), an online interior design platform. The archive contains a MySQL database dump (havenly.sql) from the 'havenly_app' database and a customers CSV file. The SQL dump includes a users table schema with fields for usernames, names, email addresses, bcrypt-hashed passwords, phone numbers, ZIP codes, Stripe customer IDs, Facebook OAuth IDs, referral data, subscription status, and various account metadata. The customers CSV contains user IDs, email addresses, first and last names, account creation timestamps, address fields, and LTV (lifetime value) data. The breach was distributed via BreachForums.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
customers.csv7 columns1,707,928 rows
File structure
Format: CSV·Delimiter: comma·Has header: yes·Quote: "
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 1 | high | [1] header 'EMAIL', values contain @ signs and email addresses | |
| 2 | firstName | high | [2] header 'FIRST_NAME', values are common given names |
| 3 | lastName | high | [3] header 'LAST_NAME', values are common family names |
| 5 | address1 | high | [5] header 'ADDRESS', maps to address1 |
| 6 | city | high | [6] header 'CITY', maps to city |
| 7 | state | high | [7] header 'STATE', maps to state |
| 8 | zip | high | [8] header 'ZIP_CODE', maps to zip |
Notes: 10 columns total. USER_ID (col 0) is an internal identifier — skipped. USER_CREATED (col 4) is a timestamp — skipped. LTV_LIFETIME (col 9) is a financial/transactional value — skipped. Address fields (cols 5-8) are present in the header but mostly empty in the sample rows; still mapped as PII.
havenly.sql25 columns579 rows
File structure
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| 0 | skip | high | auto-increment primary key 'id' |
| 1 | skip | high | 'vip' flag - tinyint boolean, non-PII status field |
| 2 | username | high | column named 'username', human-generated login name |
| 3 | fullName | high | column named 'name', full name field |
| 4 | firstName | high | column named 'first_name' |
| 5 | lastName | high | column named 'last_name' |
| 6 | skip | high | 'photo' - profile photo URL, non-PII |
| 7 | password | high | column named 'password', bcrypt hashed passwords per breach context |
| 8 | high | column named 'email', primary email address | |
| 9 | phone | high | column named 'phone_number', varchar(10) phone digits |
| 10 | zip | high | column named 'zip_code', varchar(6) postal code |
| 11 | skip | high | 'timezone' - user timezone preference, non-PII |
| 12 | skip | high | 'stripe_customer' - third-party payment processor ID, internal reference |
| 13 | skip | high | 'referral_source_id' - internal referral FK, non-PII |
| 14 | skip | high | 'referral_source_details' - referral metadata, non-PII |
| 15 | skip | high | 'role' - account role/permission level, non-PII |
| 16 | skip | high | 'support' - tinyint boolean flag, non-PII |
| 17 | skip | high | 'created' - account creation timestamp, non-PII |
| 18 | skip | high | 'modified' - record update timestamp, non-PII |
| 19 | skip | high | 'welcome_sent' - tinyint boolean flag, non-PII |
| 20 | skip | high | 'likely_to_order' - CRM datetime flag, non-PII |
| 21 | skip | high | 'status' - tinyint account status flag, non-PII |
| 22 | skip | medium | 'notes' - internal CRM notes field, likely non-PII operational data |
| 23 | skip | high | 'preferred_designer_id' - internal FK reference, non-PII |
| 24 | skip | high | 'allow_reminders' - tinyint boolean preference flag, non-PII |
Notes: MySQL dump from havenly_app database users table. Contains bcrypt-hashed passwords per breach context. Key PII fields: username, full name, first/last name, email, phone number, and ZIP code. Stripe customer IDs skipped as third-party internal references. No SSN, DOB, or address fields present in this table schema. Breach also includes a customers CSV (not analyzed here) which per context contains address fields and LTV data.