In October 2018, the bullion education and dealer services site GoldSilver suffered a data breach that exposed 243k unique email addresses spanning customers and mailing list subscribers. An extensive amount of personal information on customers was obtained including names, addresses, phone numbers, purchases and passwords and answers to security questions stored as MD5 hashes. In a small number of cases, passport, social security numbers and partial credit card data was also exposed. The data breach and source code belonging to GoldSilver was publicly posted on a dark web service where it remained months later. When notified about the incident, GoldSilver advised that "all affected customers have been directly notified".
Accounts breached: 242715
Breached on: October 21, 2018
Exposed data: Bank account numbers, Email addresses, IP addresses, Names, Partial credit card data, Passport numbers, Phone numbers, Physical addresses, Purchases, Security questions and answers, and Social security numbers
Added on: December 27, 2018