Digital banking and cash advance app Dave has reported a data breach after a bad actor published a database containing personal information of 7.5 million users on a public hacking forum.
According to a data breach memo, “a malicious party recently gained unauthorized access to certain user data” after breaching the systems of Waysez, a former third-party service provider of the company.
The exfiltrated information included users’ names, emails, dates of birth, home addresses and phone numbers, along with “user passwords that were stored in hashed form, using Bcrypt, an industry-recognized hashing algorithm.”