The Evony gaming company's website and forum were breached, exposing the personal information of 33 million players.
A second hack of the website occurred two months later, this time targeting the Evony forum and exposing the personal information of 938,000 registered users.
Among other internal data fields, each record has an IP address, password, email address, and username. Whenever a user appears in a breach, they can now receive notifications.
Because the passwords were saved in unsalted MD5 and SHA-1 (Secure Hash Algorithm 1), hackers can easily decrypt them.
Source: https://securityaffairs.com/52260/data-breach/evony-data-breach.html
TPRM report: https://scoringcyber.rankiteo.com/company/evonynet
"id": "evo201151123",
"linkid": "evonynet",
"type": "Breach",
"date": "10/2016",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': ['33 million players',
'938,000 registered users'],
'industry': 'Gaming',
'name': 'Evony',
'type': 'Gaming Company'}],
'attack_vector': ['Website Breach', 'Forum Breach'],
'data_breach': {'data_encryption': ['Unsalted MD5', 'SHA-1'],
'number_of_records_exposed': ['33 million', '938,000'],
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['IP address',
'password',
'email address',
'username']},
'description': "The Evony gaming company's website and forum were breached, "
'exposing the personal information of 33 million players. A '
'second hack occurred two months later, targeting the Evony '
'forum and exposing the personal information of 938,000 '
'registered users. Each record includes an IP address, '
'password, email address, and username. The passwords were '
'saved in unsalted MD5 and SHA-1, making them easily '
'decryptable.',
'impact': {'data_compromised': ['IP address',
'password',
'email address',
'username'],
'systems_affected': ['Website', 'Forum']},
'title': 'Evony Gaming Company Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': ['Unsalted MD5', 'SHA-1']}