Imgur Confirms 1.7 Million Users Affected By Data Breach

Imgur has recently released information on a data breach, and the site claims that 1.7 million users had their email addresses and passwords compromised in the incident.

Pe3k / Shutterstock.com

Imgur, an extremely popular photo sharing site, was recently notified of a potential breach in 2014 which compromised user email addresses and passwords. Luckily, Imgur does not ask users for any other personally-identifying information, so names, phone numbers, residential addresses, and further information were not compromised as part of the breach. The company shared further details in the notice it posted on its blog.

It’s unclear how the site was breached, as Imgur is still investigating. But it’s believed the attacker(s) used a brute force attack to crack an older hashing algorithm which was being used at the time. Imgur points out that it is now using a newer, more secure algorithm for account protection.

Quick Response

 

Security researcher Troy Hunt tipped off Imgur to the possible breach after receiving the stolen data. Hunt runs haveibeenpwned.com, a site which lets you check if one of your accounts may have been compromised in a data breach. Hunt called Imgur’s handling of the possible breach “exemplary.”

Imgur’s response looks great when compared with other recent breaches, like Equifax or the recently announced Uber breach — a report from the Wall Street Journal claims that new Uber CEO Dara Khosrowshahi actually learned about the breach in September, but no announcement was made until last week.

Staying Safe

Although no personally-identifiying information was revealed in the Imgur hack, that doesn’t mean it’s harmless. Compromised email addresses often point to real names, and some Imgur users may have used their Imgur passwords on other sites, which would make them more vulnerable.

The hack is a reminder to change passwords frequently, and to use different passwords for every site. Our article Five Simple Ways To Improve Your Cybersecurity points out the latter tip, and a few more as well.

(H/T ZDNet)

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Leave a Comment

Trending News

Follow Us

Reviews