Published: Mon, November 27, 2017
Hi-Tech | By Cory Rios

Imgur discloses 2014 security breach affecting 1.7 million accounts

Imgur discloses 2014 security breach affecting 1.7 million accounts

Imgur said it suffered a major data breach in 2014 that compromised the email addresses and passwords of 1.7 million user accounts.

2017's unending parade of major companies and web destinations suffering through major breaches of user information has not slowed down.

The breach was originally discovered by data researcher Troy Hunt, who runs the user-notification service Have I Been Pwned; the majority of the passwords were already in his database of compromised accounts.

Imgur said the breach didn't include personal information because the site has "never asked" for real names, addresses, or phone numbers.

Imgur's notice said users' registered e-mail addresses and hashed passwords were leaked, but no personally-identifying information was included.

The company says that while it is still investigating how the breach happened in the first place, it believes the "database may have been cracked with brute force due to an older hashing algorithm (SHA-256) that was used at the time".

"I disclosed this incident to Imgur late in the day in the midst of the U.S. Thanksgiving holidays", Hunt said. He simultaneously notified Imgur's Founder/CEO and Vice President of Engineering.

More news: Royal engagement rumour leaves No 10 in a muddle

Imgur's COO, Roy Sehgal, confirmed that the breach occurred in 2014.

The company is still investigating how exactly the data was accessed by the hackers. Imgur further apologised and requested the users to immediately update their password.

Hackers managed to steal email addresses and passwords.

While it isn't impressive that the company was hacked, Imgur's response was "exemplary" according to Hunt.

Imgur encouraged users to use different email and password combinations for all of their online accounts and to reset passwords that may have been affected by the breach. Please always use strong passwords and update them frequently.

Imgur wrote, "We take protection of your information very seriously and will be conducting an internal security review of our system and processes. We apologize that this breach occurred and the inconvenience it has caused you", the company added.

Like this: