In 1997, researcher Aaron Spangler discovered a bug in Internet Explorer that allowed an attacker to steal credentials using a protocol known as Windows Server Message Block (SMB).
Link: 18-Year-Old Security Flaw Allows Hackers To Steal Credentials From All Versions Of Windows