picsart.com
Mar 17, 2014
A breach of PicsArt, the photo editing and social platform, containing user account data from around March 2014. Records include internal MongoDB IDs, usernames, names, profile photo URLs (hosted on cdn.picsart.com and cdn23.picsart.com), email addresses (many null), OAuth tokens for Twitter and Facebook (including access tokens and secrets), provider type (twitter/facebook/site), account creation and update timestamps, and various account flags. The presence of OAuth tokens makes this particularly sensitive.
Data found in this dataset
Source files
Expand any file to inspect its column headers and the LLM's field-mapping reasoning, recorded during ingestion.
part1.json25 columns100,000 rows
File structure
Format: NDJSON
| Source column | Mapped field | Confidence | LLM assessment |
|---|---|---|---|
| date | skip | high | timestamp string, metadata |
| skip | high | OAuth provider data structure (token/secret handled separately as sensitive but not mapped field) | |
| top | skip | high | boolean flag, metadata |
| provider | skip | high | authentication provider type (twitter/facebook/google/site) |
| permissions | skip | high | internal metadata array |
| origins | skip | high | internal metadata array |
| id | skip | high | numeric user ID |
| categories | skip | high | internal metadata array |
| key | skip | high | internal UUID identifier |
| high | email addresses with @ symbol or null values | ||
| is_searchable | skip | high | boolean flag, account setting |
| subscribe | skip | high | boolean flag, account setting |
| created | skip | high | timestamp, CRM metadata |
| skip | high | OAuth provider data structure (token/secret handled separately as sensitive but not mapped field) | |
| verified | skip | high | boolean flag, account status |
| photo | skip | high | profile photo URLs, not PII |
| blacklist | skip | high | boolean flag, account status metadata |
| skip | high | OAuth provider data structure (token/secret handled separately as sensitive but not mapped field) | |
| email_confirmed | skip | high | boolean flag, email verification status |
| name | fullName | high | contains full names of users |
| username_changed | skip | high | boolean flag, metadata |
| comment | skip | high | empty/optional field, metadata |
| _id | skip | high | MongoDB internal ID |
| updated | skip | high | timestamp, CRM metadata |
| username | username | high | PicsArt account usernames |
Notes: PicsArt 2014 breach: MongoDB user account export. OAuth tokens (Twitter, Facebook, Google) present in nested provider objects are highly sensitive but not mapped to a PII field type—they represent authentication credentials. The 'name' field contains user display names which map to fullName. Email field frequently null for OAuth-linked accounts. All nested OAuth data (tokens, secrets, profile data) should be treated as compromised credentials.