Imgur Confirms Email Addresses, Passwords Stolen In 2014 Hack
An anonymous reader quotes a report from ZDNet: Imgur, one of the world's most visited websites, has confirmed a hack dating back to 2014. The company confirmed to ZDNet that hackers stole 1.7 million email addresses and passwords,
scrambled with the SHA-256 algorithm, which has been passed over in
recent years in favor of stronger password scramblers. Imgur said the
breach didn't include personal information because the site has "never
asked" for real names, addresses, or phone numbers. The stolen accounts
represent a fraction of Imgur's 150 million monthly users. The hack went
unnoticed for four years until the stolen data was sent to Troy Hunt,
who runs data breach notification service Have I Been Pwned.
Hunt informed the company on Thursday, a US national holiday observing
Thanksgiving, when most businesses are closed. A day later, the company
started resetting the passwords of affected accounts, and published a
public disclosure alerting users of the breach.
Thank you @troyhunt for bringing the data breach to our attention. The official @imgur statement and response here: https://t.co/2pXReoHjB8 https://t.co/cyp1NutS7i
— Roy Sehgal (@sehgal) November 25, 2017
Comments
Post a comment