Freepik Co. says an 8.3 million email addresses and 3.7 million hashed passwords were leaked. The company says the attack targeted Flaticon, enabling access to a database. Security experts say hashing passwords using MD5 or SHA-1 is inadequate because the hashed password can be relatively easily reversed by attackers to recover users’ passwords. After the breach, the company says it updated the hash of all users to bcrypt, and 229,000 passwords have been hashed.”]
Source: https://www.govinfosecurity.com/massive-freepik-data-breach-tied-to-sql-injection-attack-a-14880