Disqus confirmed a 2012 database breach on Friday impacting some data for 17.5 million users and including information dating back to 2007. “The snapshot includes email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5mm users,” Jason Yan, the company’s CTO, wrote in a blog post. “Additionally, passwords (hashed using SHA1 with a salt; not in plain text) for about one-third of users are included.” The company, which builds a commenting system for news websites, was notified on Thursday by security researcher Troy Hunt. Hunt runs the data breach notification website Have I Been Pwned. No plain text passwords were exposed but, as a precaution, all affected users had their passwords reset and Disqus is recommending changing any related password. The company does “not believe that this data is widely distributed or readily available.”
The post Disqus confirms 2012 database breach impacting 17.5 million users appeared first on Cyberscoop.
Continue reading Disqus confirms 2012 database breach impacting 17.5 million users→