In December 2016, an attacker breached PayAsUGym’s website exposing over 400k customers’ personal data. The data was consequently leaked publicly and broadly distributed via Twitter. The leaked data contained personal information including email addresses and passwords hashed using MD5 without a salt.
Accounts breached: 400260
Breached on: December 15, 2016
Exposed data: Browser user agent details, Email addresses, IP addresses, Names, Partial credit card data, Passwords, Phone numbers, and Website activity
Added on: December 17, 2016