Data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows with 16M unique email addresses, the data was spread across 147 tables totalling 65GB and included both direct users of the service and what appears to be individuals who'd placed orders on other services that implemented Eye4Fraud to protect their sales. The data included names and bcrypt password hashes for users, and names, phone numbers, physical addresses and partial credit card data (card type and last 4 digits) for orders placed using the service. Eye4Fraud did not respond to multiple attempts to report the incident.

Tweet here with more context: https://twitter.com/FalconFeedsio/status/1622838659689988098

This seems to be quite significant. The infuriating bit is that most of the people affected by this breach were not direct customers of Eye4Fraud (since this is a B2B service). But rather had their personal data shared from other online services / platforms they've been using, which in turn had a contract with Eye4Fraud.