CCAA

In August 2021 the Brazilian educational platform CCAA suffered a significant data breach affecting nearly one million participants. The incident involved the exposure of sensitive user credentials from the WordPress based training system. Security researchers identified that the leaked database contained personal identifiers and authentication details. The breach originated from an unsecured or compromised database instance allowing unauthorized access to the underlying user tables. The passwords were stored as WordPress MD5 hashes which are susceptible to cracking attempts by malicious actors.