What Happened
In May 2010, Neteller, an e-wallet service and subsidiary of Paysafe Group (then Optimal Payments), suffered a data breach via a vulnerability in its Joomla content management system, exposing personal and account details from over 3.6 million customer records, including names, dates of birth, email addresses, genders, home addresses, IP addresses, phone numbers, account balances, security questions and answers, and website activity—but not passwords, card data, or bank details. The incident went undiscovered publicly until October 2015, when security researcher Troy Hunt found the stolen databases and alerted media, prompting Paysafe’s disclosure; at the time, Neteller had informed authorities, engaged a third-party forensic firm, reimbursed about 1,500 compromised accounts, and strengthened security, with less than 2% of affected accounts still active by late 2015.
