In May 2019, the company confirmed a data breach that was first reported in April when an attacker began selling data from breached companies including theirs. The intrusion occurred in February and involved an "inactive data storage file" that contained user data from 2013 and earlier.
For 10 million accounts, the exposed information included names, phone numbers, addresses, dates of birth, genders and plaintext passwords. 101 million unique email addresses were also exposed (91 million of which were recipients of invites and 10 million were members).
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We've done the analysis so you can make the decisions