In May 2017, font sharing site DaFont suffered a data breach resulting in the exposure of 637k records. Allegedly due to a SQL injection vulnerability exploited by multiple parties, the exposed data included usernames, email addresses and passwords stored as MD5 without a salt.
Accounts breached: 637340
Breached on: May 16, 2017
Exposed data: Email addresses, Passwords, and Usernames
Domain: dafont.com
Added on: May 18, 2017