Xiaomi

In August 2012 the official Xiaomi Chinese forum suffered a significant security breach resulting in the exposure of millions of user records. The incident involved an unauthorized access to the forum database which allowed attackers to exfiltrate sensitive member information. The leaked data contained a high volume of email addresses many of which utilized numerical pseudonyms associated with the xiaomi subdomains. Additionally the breach exposed internal user identifiers and technical metadata. Security analysis revealed that passwords were stored using MD5 hashing algorithms with salt which were considered vulnerable to cracking attempts even at the time of the incident.