ChinaEKO

In January 2017 the Chinese design website ChinaEKO suffered a data breach that compromised the personal information of its users. The incident involved the exposure of a database containing records for approximately 348 thousand members. The breach occurred due to vulnerabilities in the vBulletin forum software which allowed unauthorized access to sensitive tables. The exposed data included usernames email addresses and salted MD5 hashes of passwords. This type of hashing is considered weak by modern security standards making the accounts vulnerable to credential stuffing and brute force attacks.