What is GalaxyWarden / DoxxScan?

GalaxyWarden runs DoxxScan™, software that maps every public link between a person’s online handles (Twitch, Discord, gamer alias, trader handle) and their real-world identity (home address, phone number, real name). It indexes 15.4 billion breach records and monitors 100+ platforms. The audience is people whose income or safety depends on a public profile — content creators, streamers, gamers, traders, executives.

How do I check if my Twitch / Discord / gaming handle is doxxed?

Run a DoxxScan™ at https://www.galaxywarden.com/. Enter your gamertag, username, or email. DoxxScan™ returns every public link between that handle and your real identity — including breach records, leaked credentials, and connected accounts — plus an AI-generated remediation plan. Activate Warden ($4.17/mo billed annually, 72-hour limited preview) for continuous credential monitoring, instant breach alerts, and a 24/7 AI Security Concierge.

Is GalaxyWarden free?

GalaxyWarden offers a 72-hour limited preview of Warden ($4.99/mo or $49.99/yr) and Warden Plus ($9.99/mo or $99/yr). The preview unlocks a one-time DoxxScan™ and the AI Concierge; recurring monitoring, analyst, remediation tracking, and alerts unlock when you convert. Card required for verification, $0 during the preview. Cancel anytime.

How is GalaxyWarden different from HaveIBeenPwned?

HaveIBeenPwned tells you if your email shows up in a breach. GalaxyWarden’s DoxxScan™ maps the full chain between your handles and your real identity — not just email leaks but the persona-to-name-to-address links a doxxer would actually use. It indexes 15.4B breach records (more than HIBP), monitors 100+ platforms, and gives you a step-by-step remediation plan. Built by an offensive-security pen tester.

Can GalaxyWarden remove my information from data broker sites?

Automated data-broker removal is a guided toolkit — GalaxyWarden generates per-broker opt-out links and remediation steps for you to execute. Fully automated removal is on the roadmap.

Is GalaxyWarden available for healthcare and pharma executives?

Yes — GalaxyWarden offers DoxxScan™ Executive Defense for healthcare systems, pharmaceutical companies, insurers, and other high-target verticals. Per-executive pricing $1,000–$10,000/month depending on coverage tier (Standard / Enhanced / White-Glove). Includes manual remediation, weekly intelligence digest, and dedicated specialist. Inquire at https://www.galaxywarden.com/doxxscan/enterprise/.

Who built GalaxyWarden?

GalaxyWarden and DoxxScan™ are products built by BATech LLC, a security-software company. CEO Brandon Audeh has a background in offensive security — pen testing — which directly informs product direction. The persona-to-identity link mapping DoxxScan™ does is the same chain a doxxer would use, built into a defender’s tool by a team led by someone who has spent years on the offensive side professionally.

How does GalaxyWarden protect creators and streamers?

GalaxyWarden alerts you the moment a new public link surfaces between your persona (Twitch handle, gamertag, etc.) and your real identity, so you can shut it down before it can be used to dox, swat, SIM-swap, or stalk you. Continuous monitoring of 100+ platforms, instant alerts on credential leaks, AI remediation plan, and the same engine the team uses for healthcare-executive protection.

critical severity May 07, 2026 · 275M affected

ShinyHunters Extorts Instructure/Canvas in Massive EdTech Breach

Instructure, provider of the widely used Canvas LMS, confirmed a data breach after ShinyHunters claimed responsibility for stealing user data from thousands of educational institutions. The actor defaced login pages of hundreds of schools and universities on May 7, disrupting access during finals season and threatening to leak the data. Instructure disclosed that names, emails, student IDs, and messages were accessed; no passwords or financial data were taken.

Data exposed:

names
email-addresses
student-ids
private-messages

A data breach at Instructure, the company behind the widely used Canvas learning management system, has exposed personal information belonging to an estimated 275 million students, faculty, and staff across thousands of educational institutions. On May 7, 2026, the threat actor known as ShinyHunters defaced login pages of hundreds of schools and universities, disrupting access during finals season while claiming responsibility for stealing names, email addresses, student IDs, and private messages.

Public reporting from Krebs on Security and BleepingComputer indicates that Instructure confirmed the intrusion after ShinyHunters began extorting the company and threatening to release the data. The actor gained access to information from approximately 8,800 schools and universities. No passwords or financial data were included in the compromised dataset, according to the company’s disclosure. The timing of the defacements, which interrupted login access for many users during a critical academic period, amplified the operational impact beyond the data exposure itself.

You've read 2 of 2 free articles today — reset tomorrow.

Want the rest of this breakdown?

Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary DoxxScan™ to see if their identity is exposed in the breaches we cover.

Get Protected →

Already have an account? Log in →

Full breach archive

Weekly threat digest

72hr DoxxScan™ free trial

Were you affected by this breach?

See exactly what an attacker can piece together from your email, username, or handle. Free first scan, no credit card.

Try DoxxScan — 72hr free trial →

Want the rest of this breakdown?

Were you affected by this breach?

Protect yourself from breaches

Activate Warden