Cannabis information platform Leafly sent notification emails to some of its customers letting them know that some of their information was exposed in a data leak incident. The company discovered on September 30 that customer information stored within user records from July 2, 2016, was exposed by a secondary database. For some users [1, 2, 3, 4, 5], the database leaked emails, usernames, and encrypted passwords, while, for others, it also included extra info such as names, ages, gender, location, and mobile numbers.
Source: https://www.bleepingcomputer.com/news/security/leafly-cannabis-website-leaked-user-info-via-exposed-database/