Skip to main content

Imgur reveals major data breach

(Image credit: Image Credit: Balefire / Shutterstock)

Popular online photo site Imgur has revealed it suffered a major hack that saw the details of millions of users stolen. 

The site, which is one of the most-visited pages on the Internet, has confirmed the details of 1.7 million users, including email addresses and passwords, were stolen during a hack back in 2014.

These details remained secret for several years before being passed on to security researcher Troy Hunt, the man behind alert website HaveIBeenPwned?, who alerted Imgur to the breach.

Imgur says that it is still investigating how the breach happened, but has begun notifying users who may have been affected to change their passwords immediately.

The company has been a strong proponent of data encryption in the past, as it has always done so with the information submitted by its users in the past. 

However it appears that this 2014 breach may have been cracked with a brute force attack against an older version of the encryption hashing algorithm, which Imgur says was updated to the latest version last year.

"We take protection of your information very seriously and will be conducting an internal security review of our system and processes," Roy Sehgal, Imgur's chief operating officer said in a statement. "We apologise that this breach occurred and the inconvenience it has caused you."

Michael Moore
Michael Moore is News and Features Editor working across both ITProPortal and TechRadar Pro. He has worked as a technology journalist for more than five years, including spells at one of the UK's leading national newspapers. He is interested in hearing about all the latest news and developments across the Business IT world, and how companies are using new technology to help push forward their work and make their customer's lives easier.