ClixSense

In September 2016 the ClixSense paid-to-click service suffered a major security breach. An attacker gained access to the main database server by exploiting an old server that was still connected to the network. The breach resulted in the exposure of approximately 6.6 million user records. The leaked information contained sensitive personal details and account data. Notably the service was storing passwords in plain text which significantly increased the risk for affected users. The stolen data was subsequently offered for sale on dark web forums and eventually leaked publicly.