Open Exchange Rates provides foreign exchange data for over 200 currencies worldwide. The company runs its service in the Amazon Web Services (AWS) cloud. An unauthorised account had access to a database containing user data. The data included registered names and email addresses, encrypted account access passwords, user IP addresses, and tokens used to authenticate querying applications. If provided by the user, the data breach also divulged their personal and/or business address, country of residence, and web address.”]
Source: https://nakedsecurity.sophos.com/2020/03/20/exchange-rate-services-customer-details-hacked-via-aws/