DaFont

In May 2017 the popular font sharing community DaFont suffered a significant data breach. The incident resulted in the exposure of approximately 637000 user accounts. Research indicates the breach was likely facilitated by a classic SQL injection vulnerability within the websites infrastructure. The compromised information contained sensitive user credentials including usernames and email addresses. Most critically the database stored passwords using the outdated MD5 hashing algorithm without any salt making them highly susceptible to rapid decryption and credential stuffing attacks.