123RF

In 2020, a massive data leak occurred at 123RF, a Singapore-based stock photo and footage website. The breach exposed the personal information of 8,661,578 users, including usernames, email addresses, hashed passwords, and IP addresses.

The leak was first discovered by a security researcher and was later confirmed by 123RF. The company attributed the incident to a vulnerability in its third-party vendors API, which allowed unauthorized access to user data. 123RF immediately took down the affected API and launched an investigation into the breach.

The leaked data was published on a dark web marketplace and included information dating back to 2015. The breach raised concerns about the security of online services and the potential for data to be stolen and misused. 123RF apologized for the incident and assured users that it was taking steps to strengthen its security measures.