Imgur has confirmed that it is investigating a hack that took place in 2014, during which hackers stole over 1.7 million email addresses and passwords.
It all began last week when Troy Hunt – the man who runs Have I Been Pwned – was sent data stolen from Imgur almost four years ago. Hunt informed Imgur straight away on Thanksgiving, and Imgur took immediate action, resetting passwords on the accounts that were affected, and notifying users of the breach.
On November 23, we were notified about a data breach on Imgur that occurred in 2014. While we are still actively investigating the intrusion, we wanted to inform you as quickly as possible as to what we know and what we are doing in response. More: https://t.co/qElAetGVIc
— Imgur (@imgur) November 25, 2017
According to Imgur, hackers stole 1.7 million email addresses and passwords that had been scrambled with the SHA-256 algorithm. In case you’re wondering, SHA-256 isn’t generally used anymore, as there are stronger scramblers available. Also, the breach – which Imgur is still actively investigating – did not reveal any personal information like real names, addresses, phone numbers, etc. The site doesn’t ask for this information.
Despite containing data from only a small fraction of the photo-sharing site’s 150 million monthly users, the hack is still significant enough. In fact, roughly 60% of Imgur‘s hacked email addresses were already on Have I Been Pwned – which contains over 4.8 billion records. Despite being only identified now, the hack joins a list of other big ones in the past years – on sites like Disqus, LinkedIn, MySpace, and Yahoo.
Imgur’s COO Roy Sehgal announced that the company is “still investigating” how the breach actually happened, but has now improved its site security since the news broke. Also, Imgur had switched to Bcrypt – a stronger password scrambler – last year, which means that if you weren’t affected by this hack it’s highly possible that you are ok. In any case, we suggest that if you use the same email/password combination on other sites, you should probably change them immediately.
You might also like
More from Tech
Apple Will Reduce Its App Store Fee To 15% For Most Developers
After a year of battling with some developers, Apple will allow most to qualify for a reduced App Store fee …
MeowTalk: The App That Gives Your Cat A Voice
MeowTalk, an app developed by a former Amazon Alexa engineer, uses AI to translate your cat's meow.
Bud Light Made A Game Console That Cools Down Your Beer
Forget the PS5, this Bud Light game console can also cool down your beer, and nothing beats that, not even …
You Can Now Embed Apple Podcasts On The Web
Apple Podcasts can now be embedded on the web, making it easier to discover and share your favorite content.
Reebok Launches Rentable Sneaker Service
In what might be the craziest idea in urban mobility, Reebok has launched Reebok To Go, the first rentable sneaker …
macOS Big Sur Is Now Available To Download For All
Apple has officially released macOS Big Sur, the latest version of macOS, which is available to download on compatible Mac …
Spotify Strengthens Investment In Podcast Advertising With Latest Acquisition
Spotify announced the acquisition of Megaphone, a leading podcast advertising and publishing platform, to expand its podcast advertising offerings.
You Can Now Book Your Uber Up To 30 Days In Advance
Uber is rolling out Uber Reserve, a new feature that will let you book a ride up to 30 days …
Under Armour Is Shutting Down Endomondo
Under Armour announced it's retiring its health and fitness tracking app Endomondo at the end of the year.
