Hackers gained access to the Last.fm online music service, the firm informed subscribers of the breach and encouraged them to reset their passwords.
Since the MD5 hashing technique without salt is recognised to be a weak security implementation, the company was utilising it to secure passwords.
At the time of the data breach, the actual number of affected users was not made public; nonetheless, compromised documents contained email addresses, dates of registration, usernames, passwords, and other internal data.
A username, email address, password, join date, and a few other internal details are contained in each record.
Source: https://securityaffairs.com/50862/data-breach/last-fm-security-breach.html
"id": "LAS2245291023",
"linkid": "last-fm",
"type": "Breach",
"date": "09/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"