In December 2016, an attacker breached PayAsUGym’s website exposing over 400k customers’ personal data. The data was consequently leaked publicly and broadly distributed via Twitter. The leaked data contained personal information including email addresses and passwords hashed using MD5 without a salt.

Accounts breached: 400260

Breached on: December 15, 2016

Exposed data: Browser user agent details, Email addresses, IP addresses, Names, Partial credit card data, Passwords, Phone numbers, and Website activity


Added on: December 17, 2016

%d bloggers like this: