Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 12 MINUTES AGO.
You are here: Home / Data Security / Imgur Confirms 2014 Data Breach
Imgur Confirms 2014 Data Breach; 1.7 Million Uses Affected
Imgur Confirms 2014 Data Breach; 1.7 Million Uses Affected
By Daniel Uria Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
NOVEMBER
27
2017
Photo sharing website Imgur confirmed 1.7 million email addresses and passwords were stolen during a breach in 2014.

Imgur released a blog post on Friday notifying users of the breach after attackers possibly cracked the website's password encryption algorithm.

"While we are still actively investigating the intrusion, we wanted to inform you as quickly as possible as to what we know and what we are doing in response," the post stated.

Troy Hunt, who runs the data breach notification site Have I Been Pwned, notified Imgur of the breach on Thursday after he was sent data that included the information of Imgur users.

"He simultaneously notified Imgur's Founder/CEO and Vice President of Engineering. Our Vice President of Engineering then arranged to securely receive the data from the researcher and began working to validate that the data belonged to Imgur users," Imgur said.

After being notified of the breach the company began resetting passwords of the affected accounts.

Imgur said the information stolen in the breach didn't include personally-identifying information such as real names, addresses or phone numbers, as the site had never asked users to provide such information.

While noting the incident is still under investigation, Imgur Chief Operating Officer Roy Sehgal said attackers may have cracked the site's password encryption through "brute force" due to the older SHA-256 algorithm, which has since been updated.

Imgur encouraged users to use different email and password combinations for all of their online accounts and to reset passwords that may have been affected by the breach.

Hunt praised Imgur for quickly responding to the news of the breach despite learning of it during a holiday.

"I disclosed this incident to Imgur late in the day in the midst of the U.S. Thanksgiving holidays," Hunt said. "That they could pick this up immediately, protect impacted accounts, notify individuals and prepare public statements in less than 24 hours is absolutely exemplary."

© 2017 UPI Top Stories under contract with NewsEdge/Acquire Media. All rights reserved.
Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY

NETWORK SECURITY SPOTLIGHT
China-based Vivo will be the first company to come out with a smartphone featuring an in-display sensor for fingerprint security, beating Apple, Samsung, and other device makers to the punch.

ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.