Imgur hack: A few days later the Uber admission for a data breach that took place in 2016, and affects 57 million customers, the also popular image sharing website revealed it fell victim to hacking in 2014.
Email addresses and passwords were stolen from the Imgur breach access from 1,7 million user accounts.
In one publishing on the blog of the company, Imgur claims to have been notified of the breach three years ago on November 23, when a security investigator sent them an email containing stolen data.
Imgur's Chief Operating Officer (COO) then notified its founder and VP companys before starting data confirmation.
After data validation was completed, the company confirmed Friday morning that the 2014 data breach affected approximately 1,7 million Imgur user accounts (a small portion of the database containing 150 million users) and that the information περιελάμβαναν μόνο διευθύνσεις ηλεκτρονικού ταχυδρομείου και codeof access.
Makes sense because Imgur didn't actually ask for names, phone numbers, addresses or any other personal information recognitions.
The company said the stolen passwords were encrypted with an old SHA-256 hash algorithm, which can be easily cracked by brute force attacks.
However, Imgur COG Roy Sehgal said the service no longer uses the SHA-256 but a much more powerful password scrambler bcrypt from last year.
The company has already started informing the affected users and requires them to change their password, while still investigating how the hacking occurred.
Security expert Troy Hunt, who briefed Imgur on the incident, said technicians acted immediately after the breach was reported.