CATEGORIES
home News

Imgur Was Hacked In 2014, 1.7 Million Compromised And We’re Just Now Hearing About It

by Shane McGlaunSunday, November 26, 2017, 11:28 AM EDT

Imgur has discovered what it calls a "potential security breach" that happened three years ago. The breach allowed the attackers to make off with the emails and passwords of 1.7 million user accounts. Imgur says that it is still investigating the breach, but that it wanted to warn its users of the intrusion and tell people what it is doing as a result.

imgur

Imgur writes that last week it received an email from security researcher Troy Hunt about the breach. Imgur wrote, "Our Chief Operating Officer received the email late night on November 23rd and immediately corresponded with the researcher to learn more about the potential breach. He simultaneously notified Imgur’s Founder/CEO and Vice President of Engineering. Our Vice President of Engineering then arranged to securely receive the data from the researcher and began working to validate that the data belonged to Imgur users."

Imgur writes that in the early morning of November 24 it confirmed that about 1.7 million user accounts were compromised back in 2014. "The compromised account information included only email addresses and passwords. Imgur has never asked for real names, addresses, phone numbers, or other personally-identifying information (“PII”), so the information that was compromised did NOT include such PII," wrote Imgur in a blog post.

The company is still investigating how exactly the data was accessed by the hackers. It has always encrypted passwords in the database, but Imgur believes at this time that the hack may have been a brute force attack on an older SHA-256 hashing algorithm that was being used at the time. Imgur says that it changed to a new bcrypt algorithm last year.

The impacted users were notified starting on November 24 via their registered email addresses. All affected users were required to update their password. As for protecting your online accounts, Imgur has some suggestions, "We recommend that you use a different combination of email and password for every site and application. Please always use strong passwords and update them frequently."

Imgur wrote, "We take protection of your information very seriously and will be conducting an internal security review of our system and processes. We apologize that this breach occurred and the inconvenience it has caused you. If you have questions, we encourage you to contact us at support@imgur.com."

Tags:  security, Hack, imgur
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment