If you visit shady internet sites from an Apple Macintosh computer, you may have already seen an add from a product called MacKeeper. The researcher in question said:
"I have recently downloaded over 13 million sensitive account details related to MacKeeper, Zeobit, and/or Cromlech." Reddit
He said the information collected includes "names, email addresses, usernames, password hashes, computer name, ip address, software license and activation codes, type of hardware (ex: "macbook pro"), and type of subscriptions."
And he provides this screenshot as proof of his claim :
The sites used encryption but used it badly... The researcher says:
"MD5 with no salt… so very weak hashing"
The moral of the story is be careful what you believe on the internet and where you buy your software from.