+44 0330 223 3428
Call Us
+44 0330 223 3428

WPTavern: Disqus Data Breach Affects 17.5 Million Accounts

WPTavern: Disqus Data Breach Affects 17.5 Million Accounts

Disqus, a comment management and hosting service, has announced it suffered a data breach that affects 17.5 million users. A snapshot of its database from 2012 with information dating back to 2007 containing email addresses, usernames, sign-up dates, and last login dates in plain-text were exposed.

Passwords hashed with the SHA1 protocol and a salt for about one-third of affected users are also included in the snap-shot. Disqus was made aware of the breach and received the exposed data on October 5th by Troy Hunt, an independent security researcher. Today, the service contacted affected users, reset their passwords, and publicly disclosed the incident.

Jason Yan, CTO of Disqus, says the company has no evidence that unauthorized logins are occurring due to compromised credentials. “No plain-text passwords were exposed, but it is possible for this data to be decrypted (even if unlikely),” Yan said.

“As a security precaution, we have reset the passwords for all affected users. We recommend that all users change passwords on other services if they are shared. At this time, we do not believe that this data is widely distributed or readily available. We can also confirm that the most recent data that was exposed is from July, 2012.”

Since emails were stored in plain-text, it’s possible affected users may receive unwanted email. Disqus doesn’t believe there is any threat to user accounts as it has made improvements over the years to significantly increase password security. One of those improvements was changing the password hashing algorithm from SHA1 to bcrypt.

If your account is affected by the data breach, you will receive an email from Disqus requesting that you change your password. The company is continuing to investigate the breach and will share new information on its blog when it becomes available.



Source: WordPress

Related Post
WPTavern: WordPress 4.9 Will Support Shortcodes and Embedded Media in the Text Widget

WPTavern: WordPress 4.9 Will Support Shortcodes and Embedded Media in the Text Widget WordPress 4.8 brought TinyMCE to the core Text widget, along with brand new Image, Video, and Audio media widgets. The upcoming 4.9 release builds on this progress and will introduce some long-awaited improvements to Text widget. Users will finally be able to […]

Read more
WPTavern: WPWeekly Episode 292 – Recap of WooConf and CaboPress

WPTavern: WPWeekly Episode 292 – Recap of WooConf and CaboPress In this episode, John James Jacoby and I are joined by Cody Landefeld, co-founder of Mode Effect. Landefeld described his experience attending WooConf as we reviewed highlights from the State of the Woo. We also discussed WooCommerce retiring its Canvas theme in favor of Storefront. Jacoby […]

Read more
WPTavern: Goodnight Firebug

WPTavern: Goodnight Firebug Twitter is lighting up with sentimental Firebug remembrances today after Mozilla announced it will reach end-of-life in the Firefox browser next month. Firebug was the first browser-based tool that allowed developers to easily inspect HTML and debug JS. It was discontinued as a separate add-on and merged into Firefox DevTools in 2016 […]

Read more