Hotel Hippo Data Breach (2014)

NVP found a flaw in victims website that divulged customer personal information (session jumping) and later found them susceptable to SQLi. As a result of the NVP and publicity, the parent company shut down the service.