Friday, November 1, 2024
HomeData BreachDisqus confirms it's been hacked and more than 17.5 Million Users Details...

Disqus confirms it’s been hacked and more than 17.5 Million Users Details Exposed

Published on

Malware protection

Disqus the most famous commenting system late today confirmed the data breach that took place in the summer of 2012, which exposed more than 17.5 million user accounts online.

Leaked details include email addresses, Disqus usernames, sign-up dates, and last login dates in plain text for 17.5mm users, but passwords are hashed with SHA-1 and salted, which protects the compromised account.

Also Read POS Malware Breach at Sonic Affected Millions of Credit & Debit Cards

- Advertisement - SIEM as a Service

This breach was identified by the Aussie security researcher Troy Hunt, and according to Hunt’s tweet, Disqus took 23 hours and 42 minutes from initial private disclosure to public notification.

User Impact

Email address is in plain text, so affected users may receive Spam emails. They believe the data was not widely exposed and they also confirmed the exposed data is from July 2012.

Right now there isn’t any evidence of unauthorized logins occurring in relation to this. No plain text passwords were exposed, but it is possible for this data to be decrypted (even if unlikely). As a security precaution, we have reset the passwords for all affected users. We recommend that all users change passwords on other services if they are shared.Disqus says.

So if you started using Disqus after July 2012, then your account is not impacted by the breach.

Safety Measures were taken by Disqus

They started notifying users about the breach and forcing the reset of passwords for all affected users.Also, they tighten the database security.

They also said that toward the end of 2012 we changed our password hashing algorithm from SHA1 to bcrypt.

Also Read Deloitte Hacked by Cyber Criminals and Revealed Client & Employee’s Secret Emails

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

LightSpy iOS Malware Enhanced with 28 New Destructive Plugins

The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS...

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch...

New PySilon RAT Abusing Discord Platform to Maintain Persistence

Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan...

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Grayscale Investments Data Breach Exposes 693K User Records Reportedly Affected

Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting...

Northern Ireland Police to Pay £750,000 Fine Following Data Breach

The Police Service of Northern Ireland (PSNI) has been ordered to pay a £750,000...

Google Warns Of North Korean IT Workers Have Infiltrated The U.S. Workforce

North Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue...