The social networking website Imgur announced in a blog post Friday that a security breach in 2014, and which it learned about just last week, compromised nearly 1.7 million emails and passwords.
The company did not announce any more information about the hack into user accounts.
However, Imgur said no personal information was obtained.
Imgur has never asked for real names, addresses, phone number, or other personally-identifying information, so the information that was compromised did NOT include such PII, it emphasizes.
Imgur, though not as popular as Facebook, Twitter or Instagram, is an image-based social network where online users can post memes, photos and links to articles. Posts on Reddit are often linked to Imgur. Some of these images and memes likely circulated on your social media news feed around the 2016 presidential election.
The company said it only discovered the hack Nov. 23 after a security researcher, Troy Hunt, contacted the company, according to ZDNet.
"I disclosed this incident to Imgur late in the day in the midst of the U.S. Thanksgiving holidays," said Hunt. "That they could pick this up immediately, protect impacted accounts, notify individuals and prepare public statements in less than 24 hours is absolutely exemplary."
According to TechCrunch, Imgur said it used an algorithm back in 2014 that left encrypted passwords in its database, making it susceptible to hackers if they used "a brute force attack." The company only changed its algorithm last year.
Imgurs announcement comes at a time of heightened levels of security hacks. Back in 2013 and 2014, a hack on Yahoo affected nearly 3 billion accounts.
More recently, Equifax announced that 143 million Americans' personal information was exposed by a cyberattack on the company. It has led experts to the management of the countrys credit reporting system.
And Uber made news last week after a hack compromised personal data of 57 million users and drivers.
Europe has been working to install new rules that will set a standard for companies when it comes to hacks, according to TechCrunch. Failing to comply with those rules could result in millions of dollars in fines.
So perhaps, as the financial risks of storing and handling user data step up, well start to see more data breaches disclosed promptly, according to TechCrunch. While, over time, EU lawmakers hope is there will be fewer major breaches occurring as security and data protection gets given far more executive priority.
The company did not announce any more information about the hack into user accounts.
However, Imgur said no personal information was obtained.
Imgur has never asked for real names, addresses, phone number, or other personally-identifying information, so the information that was compromised did NOT include such PII, it emphasizes.
Imgur, though not as popular as Facebook, Twitter or Instagram, is an image-based social network where online users can post memes, photos and links to articles. Posts on Reddit are often linked to Imgur. Some of these images and memes likely circulated on your social media news feed around the 2016 presidential election.
The company said it only discovered the hack Nov. 23 after a security researcher, Troy Hunt, contacted the company, according to ZDNet.
"I disclosed this incident to Imgur late in the day in the midst of the U.S. Thanksgiving holidays," said Hunt. "That they could pick this up immediately, protect impacted accounts, notify individuals and prepare public statements in less than 24 hours is absolutely exemplary."
According to TechCrunch, Imgur said it used an algorithm back in 2014 that left encrypted passwords in its database, making it susceptible to hackers if they used "a brute force attack." The company only changed its algorithm last year.
Imgurs announcement comes at a time of heightened levels of security hacks. Back in 2013 and 2014, a hack on Yahoo affected nearly 3 billion accounts.
More recently, Equifax announced that 143 million Americans' personal information was exposed by a cyberattack on the company. It has led experts to the management of the countrys credit reporting system.
And Uber made news last week after a hack compromised personal data of 57 million users and drivers.
Europe has been working to install new rules that will set a standard for companies when it comes to hacks, according to TechCrunch. Failing to comply with those rules could result in millions of dollars in fines.
So perhaps, as the financial risks of storing and handling user data step up, well start to see more data breaches disclosed promptly, according to TechCrunch. While, over time, EU lawmakers hope is there will be fewer major breaches occurring as security and data protection gets given far more executive priority.