Imgur breach revealed 1.7 million passwords in 2014
Tierra Smith, 15, types on her computer while taking a diagnostic test at the Washington Leadership Academy. Photo: Jacquelyn Martin / AP
Imgur revealed last Friday that it had been breached in 2014, revealing emails and passwords of about 1.7 million user accounts. The image-hosting web site was made aware of the breach Nov. 23 when researcher Troy Hunt, of "Have I Been Pwned," approached them with his suspicions of the breach since he had been emailed data with what he believed were links to Imgur user accounts.
Why it matters: When users create accounts online, they risk their information or passwords getting exposed. Using a combination of multiple emails and passwords for every site could be a good bet against how vulnerable breaches will actually make users' other accounts, per Imgur.
- This pales in comparison to the Yahoo breaches of 2013 and 2014, one of which affected all 3 billion user accounts, and it also represents just a small portion of Imgur's user base of about 150 million monthly users, per ZDNet.
- Imgur did not say how the breach happened, but said it was using an older algorithm to encrypt passwords in its database in 2014. It upgraded last year to a more secure algorithm.
- The company emphasized in its blog post that no personally identifying information was at risk. 60% of the account information in the data sent to Hunt was already in his database.
- Imgur plans to disclose the breach to California's state attorney general, law enforcement, and other government agencies, per ZDNet.