In 2012, the Organization experienced an incident involving unauthorized access to and disclosure of some members? passwords. At the time, the Organization believed that the hashed passwords of 15 million accounts may have been compromised. On May 18, 2016, the Organization became aware of the release of an additional set of data comprised of email addresses, member IDs, and hashed password combinations of more than 100 million members, which appeared to have been obtained from the theft in 2012. The Organization reports that, at the time of the 2012 breach, other than the hashed passwords that were posted by the intruders at that time, the Organization had no evidence demonstrating that other passwords or personal information had been taken.