In July 2015, the French Pokémon site Pokébip suffered a data breach which exposed 657k subscriber identities. The data included email and IP addresses, usernames and passwords stored as unsalted MD5 hashes.
Accounts breached: 657001
Breached on: July 28, 2015
Exposed data: Email addresses, IP addresses, Passwords, Time zones, Usernames, and Website activity
Domain: pokebip.com
Added on: September 09, 2016