What Happened
In approximately January 2014, the Chinese Android app store HiAPK suffered a data breach impacting 13.8 to 13.9 million unique subscriber accounts, exposing usernames, email addresses, and salted MD5 password hashes. The incident was reported as “unverified” due to challenges in confirming legitimacy despite evidence of authentic data, and it was added to breach databases like Have I Been Pwned and Mozilla Monitor on April 1, 2018, after being provided by white hat researcher Adam Davies.
