Imgur has confirmed that it is investigating a hack that took place in 2014, during which hackers stole over 1.7 million email addresses and passwords.
It all began last week when Troy Hunt – the man who runs Have I Been Pwned – was sent data stolen from Imgur almost four years ago. Hunt informed Imgur straight away on Thanksgiving, and Imgur took immediate action, resetting passwords on the accounts that were affected, and notifying users of the breach.
On November 23, we were notified about a data breach on Imgur that occurred in 2014. While we are still actively investigating the intrusion, we wanted to inform you as quickly as possible as to what we know and what we are doing in response. More: https://t.co/qElAetGVIc
— Imgur (@imgur) November 25, 2017
According to Imgur, hackers stole 1.7 million email addresses and passwords that had been scrambled with the SHA-256 algorithm. In case you’re wondering, SHA-256 isn’t generally used anymore, as there are stronger scramblers available. Also, the breach – which Imgur is still actively investigating – did not reveal any personal information like real names, addresses, phone numbers, etc. The site doesn’t ask for this information.
Despite containing data from only a small fraction of the photo-sharing site’s 150 million monthly users, the hack is still significant enough. In fact, roughly 60% of Imgur‘s hacked email addresses were already on Have I Been Pwned – which contains over 4.8 billion records. Despite being only identified now, the hack joins a list of other big ones in the past years – on sites like Disqus, LinkedIn, MySpace, and Yahoo.
Imgur’s COO Roy Sehgal announced that the company is “still investigating” how the breach actually happened, but has now improved its site security since the news broke. Also, Imgur had switched to Bcrypt – a stronger password scrambler – last year, which means that if you weren’t affected by this hack it’s highly possible that you are ok. In any case, we suggest that if you use the same email/password combination on other sites, you should probably change them immediately.
You might also like
More from Tech
Nyan Cat NFT Auctioned Off For 300 ETH
The creator of the Nyan Cat meme has confirmed the sale of the digital artwork for 300 Ether (ETH) - …
Facebook Adds Multi-User Accounts And App Sharing To Oculus Quest
Facebook has announced it's adding two features to Oculus Quest that let users share their devices with each other.
Microsoft Adds A ‘Kids Mode’ To Its Edge Browser
Microsoft has announced an update to its Edge Browser with a new 'Kids Mode' that makes browsing safer and more …
Apple Launches Inaugural Entrepreneur Camp For Black Founders And Developers
Apple has kicked off its Entrepreneur Camp for Black Founders and Developers, announcing 13 companies that will take part in …
A First Look At The Upcoming Sonos Headphones
A new design patent filing at the German Patent and Trademark Office provides a glimpse at the long-rumored Sonos Headphones.
Apple Launches AR App To Promote Season 2 Of For All Mankind
Apple has launched a new AR app as part of its promotion for season 2 of its popular show For All …
iOS 14.5 Lets You Choose Spotify As The Default Music Player For Siri
One of the new features on iOS 14.5 is the ability to choose Spotify as the default for Siri. Here's …
Shopify Expands Shop Pay To Facebook And Instagram
Shopify has announced that it's expanding its Shop Pay payment option to all merchants selling on Facebook and Instagram.
Adobe Brings Many Useful Features To Acrobat On The Web
Adobe Acrobat web users can now do a lot more with PDFs in their browser, without ever needing a desktop …