In January 2016, a large number of unpatched vBulletin forums were compromised by an actor known as "CrimeAgency". A total of 140 forums had data including usernames, email addresses and passwords (predominantly stored as salted MD5 hashes), extracted and then distributed. Refer to the complete list of the forums for further information on which sites were impacted.
Accounts breached: 942044
Breached on: January 19, 2017
Exposed data: Email addresses, Passwords, and Usernames
Added on: March 21, 2017