Disqus Hacked... in 2012

posted by cmn32480 on Monday October 09, @10:17PM
Security

takyon writes:

Disqus will reset passwords for 17.5 million users... who may have been affected in 2012:

Blog comment service provider Disqus was hacked back in 2012, exposing 17.5 million user email addresses, the firm admitted on Friday.

The breached information also included Disqus user names, sign-up dates and last login dates in plain text, as well as passwords hashed and salted with the crackable SHA1 algorithm for about one-third of users.

The data theft appears to have occurred back in July 2012, with some of the information in the targeted database dating back as far as 2007, according to a blog post from the firm.

Disqus is in the process of notifying those affected and forcing a password reset as a precaution.

Also at Engadget.

  • (Score: 1) by GreatOutdoors on Monday October 09, @10:24PM

    Really, I have heard the phrase better late than never, but 5 years later? That's waaaay too long.

  • (Score: 2) by slinches on Monday October 09, @10:45PM

    That's a great explanation for why Disqus comments are usually so shitty. They're spambots on hacked (and non-hacked) accounts.

