From CNET: Image-sharing site Imgur says 1.7 million email addresses and passwords were compromised in a 2014 breach that was only recently discovered.
Imgur said Friday it first learned of the years-old hack on Thursday from a security researcher. The security researcher has been identified by ZDNet as Troy Hunt, who runs data breach notification service Have I Been Pwned.
The hack, which affected a fraction of Imgur's 150 million monthly users, didn't include users' personal information because the site never gathered real names, addresses or phone numbers.
Imgur said the hack is still under investigation but believes an older password encryption system in use at the time of the hack allowed hackers to breach the system using a brute force attack. The company said it updated its algorithm last year.
"While we are still actively investigating the intrusion, we wanted to inform you as quickly as possible as to what we know and what we are doing in response," Imgur said in a statement.
View: Article @ Source Site
