In January 2018, the Joomla template website JoomlArt inadvertently exposed more than 22k unique customer records in a Jira ticket. The exposed data was from iJoomla and JomSocial, both services that JoomlArt acquired the previous year. The data included usernames, email addresses, purchases and passwords stored as MD5 hashes. When contacted, JoomlArt advised they were aware of the incident and had previously notified impacted parties.
Accounts breached: 22477
Breached on: January 30, 2018
Exposed data: Email addresses, Names, Passwords, Payment histories, and Usernames
Added on: November 01, 2018