Hackers stole data from 1.7 million Imgur users

Imgur, one of the most popular image hosting sites, which has more than 150 million accounts registered on their site, has reported the theft of user data going as far back as 2014. The hackers managed to...

Imgur, one of the most popular image hosting sites, which has more than 150 million accounts registered on their site, has reported the theft of user data going as far back as 2014.

The hackers managed to crack the database of the service and get access to the data of 1.7 million users.

The company itself learned about the leak only on November 23, 2017. A copy of the stolen data was found by Troy Hunt, a computer security specialist and owner of a service that collects information about leaks “Have I been pwned”?.

The company stressed that no personal information, for example phone numbers, addresses, and real user names could have fallen into the hands of hackers since Imgur does not request this information. Among the compromised data are e-mail addresses and password hashes. In an information letter, representatives of the site reported that an investigation into the causes of the leak is ongoing. It is possible that the database was cracked due to the use of the old SHA-256 hash algorithm. Imgur has used the bcrypt algorithm since last year. Troy Hunt noted on his personal Twitter account that Imgur employees reacted quite quickly - the company prepared an information letter in just over a day. Hunt also stressed that data leakage is common in the modern world, but companies should be judged by their ability to respond to such incidents and their willingness to deal with the consequences.

This is really where we're at now: people recognize that data breaches are the new normal and they're judging organizations not on the fact that they've had one, but on how they happened https://t.co / zV5YLa8hKQ

— Troy Hunt (@troyhunt) November 25, 2017

On the morning of November 24th, the company began to notify users whose data was stolen about the need to change their account passwords. Imgur recommends using different passwords for all applications and sites and paying attention to their reliability.