Probably a boring answer but I know my grandmother’s credit card information. I live with and help take care of her, so she doesn’t mind sharing it with me. Not like I’m planning to do anything nefarious, but I guess technically it could ruin her financially.
An IT company I used to work for stored the domain admin credentials for hundreds of client’s WSAD/AzureAD tenants on a pastbin document. When I explained how outrageous that was they deleted the file and changed all the passwords.
To the same password.
Which I still know.
And it still works.
EIGHT YEARS LATER.