DatPiff Data Breach (2021)

DatPiff, a mixtape hosting service, suffered a data breach that was publicly revealed in 2021. The breach exposed 7.5 million member records, including email addresses, usernames, passwords, and security questions. The passwords, hashed using the outdated and insecure MD5 algorithm, were later dehashed and made available in plain text. The breach is believed to have occurred via a website vulnerability scanner that allowed threat actors access to an old server with database backup.