Gravatar US 2020

In October 2020 a security researcher discovered a vulnerability in the Gravatar service that allowed for large scale scraping of user profile data. The incident involved the collection of public profile information and MD5 hashes of email addresses. By using these hashes attackers could cross reference them with known email databases to identify the users behind the profiles. The dataset contains approximately 167 million entries although some reports focused on a specific subset of 60 million records primarily associated with users in the United States. The scraped data includes names usernames and location details along with other public profile metadata.