Check out the latest Business and Technology News on the web, check the source link below to go to the original source link…
Good Guy Greg, Scumbag Steve, and their fellow meme friends had better shore up their online security.
On Friday, photo sharing community Imgur broke the news that the company was the target of a security breach in 2014. According to a company blog post, the data breach gained access to the email addresses and passwords of 1.7 million Imgur users.
On November 23, we were notified about a data breach on Imgur that occurred in 2014. While we are still actively investigating the intrusion, we wanted to inform you as quickly as possible as to what we know and what we are doing in response. More: https://t.co/qElAetGVIc
— Imgur (@imgur) November 25, 2017
Imgur first learned of the breach at 4 p.m. PST on Thanksgiving day. Troy Hunt who runs the data breach notification service Have I Been Pwned? notified Imgur when he received the data in the form of stolen usernames and passwords, according to ZDNet.
Hunt has since praised Imgur for swiftly taking action. Which means Imgur CEO Alan Schaaf and COO Roy Sehgal definitely did not get to enjoy their turkey.
I want to recognise @imgur‘s exemplary handling of this: that’s 25 hours and 10 mins from my initial email to a press address to them mobilising people over Thanksgiving, assessing the data, beginning password resets and making a public disclosure. Kudos! https://t.co/jV8MDscXLT
— Troy Hunt (@troyhunt) November 25, 2017
Sehgal wrote in the company blog post that Imgur is still investigating how the hackers gained access to the site. However, at this time, they suspect that passwords were “cracked with brute force due to an older hashing algorithm (SHA-256) that was used at the time.” Imgur updated their encryption in 2016, two years after the hack.
They’re advising users to change their passwords, while still noting that Imgur’s policy of never asking for real identifying information means names and other “personally-identifying information” (PII) have not been exposed. To which some Imgur users are responding: