// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-hibpDTG 0600Z
Breach Record

Raaga

DISCLOSED 2025-12-15 · STOLEN CREDS · 10,225,145 RECORDS EXPOSED

In December 2025, data allegedly breached from the Indian streaming music service "Raaga" was posted for sale to a popular hacking forum. The data contained 10M unique email addresses along with names, genders, ages (in some cases, full date of birth), postcodes and passwords stored as unsalted MD5 hashes.

The record

What we know

Disclosed
2025-12-15
Attack vector
Stolen Creds
Records exposed
10,225,145
Domain
raaga.com
Data classes exposed
AgesDates of birthEmail addressesGendersGeographic locationsNamesPasswords
Sources

Cited reporting

Similar vector · recent

Other stolen creds breaches on file

This page is the permanent ColdRecon entry for the Raaga disclosure. It updates if new public reporting emerges. All tracked breaches →

Raaga just lived through this. Your next prospect doesn't have to.

ColdRecon turns every disclosed breach into a daily intelligence brief from the seller's seat — normalized to the factors that move a deal, written in the Handler's voice. Request clearance and the first lands tomorrow at 0600.

Request Clearance →