The Open Worldwide Application Security Project (OWASP) suffered a data breach in late February 2024 as a result of a misconfiguration of an old OWASP Wiki web server. This exposed sensitive data of its members. The breach enabled threat actors to access resumes belonging to open source enthusiasts who joined between 2006 and 2014. The obtained information included names, email addresses, postal addresses, phone numbers, and other personally identifiable information, which could be utilized for phishing or identity theft. Although the data is outdated, OWASP plans to notify the affected individuals. However, contacting these individuals might be challenging due to the age of the data. OWASP, a software security non-profit, ensures to take necessary steps to address and mitigate the impact of this breach.