It's even a more blatant lie because 404media found the credentials in a Telegram group. So, yeah, there's no way this wasn't exploited by multiple people.
that statement really bothered me. they can of course say that they don't see any evidence of exploitation, but this kind of personal data is valuable to bad actors because they can take it from au10tix and then use it to exploit other services or the individuals directly. au10tix would never know about that exploitation.
