- Breach date: 16 October 2024
- Date added to HIBP: 7 November 2024
- Compromised accounts: 420,961
- Compromised data: Email addresses, Usernames
- Breach date: 16 October 2024
- Date added to HIBP: 7 November 2024
- Compromised accounts: 420,961
- Compromised data: Email addresses, Usernames
You are correct that people commonly reuse passwords. People are stupid after all. But in this case passwords weren’t taken because they were encrypted, so all they’ve got is user names and email addresses.
From the sounds of it, the database was actually pretty secure the problem was the interface between the database and the website wasn’t. Good news is because the database was secure not a lot of sensitive information has been leaked.