In January 2018, the children’s gaming site Club Penguin Rewritten (CPRewritten) suffered a data breach (note: CPRewritten is an independent recreation of Disney’s Club Penguin game). The incident exposed almost 1.7 million unique email addresses alongside IP addresses, usernames and passwords stored as bcrypt hashes. When contacted, CPRewritten advised they were aware of the breach and had "contacted affected users".
Accounts breached: 1688176
Breached on: January 21, 2018
Exposed data: Email addresses, IP addresses, Passwords, and Usernames
Added on: April 23, 2019