Disqus Hacked: More than 17.5 Million Users' Details Stolen in 2012 Breach
Oct 07, 2017
Another day, Another data breach disclosure. This time the popular commenting system has fallen victim to a massive security breach. Disqus, the company which provides a web-based comment plugin for websites and blogs, has admitted that it was breached 5 years ago in July 2012 and hackers stole details of more than 17.5 million users. The stolen data includes email addresses, usernames, sign-up dates, and last login dates in plain text for all 17.5 million users. What's more? Hackers also got their hands on passwords for about one-third of the affected users, which were salted and hashed using the weak SHA-1 algorithm. The company said the exposed user information dates back to 2007 with the most recently exposed from July 2012. According to Disqus, the company became aware of the breach Thursday (5th October) evening after an independent security researcher Troy Hunt, who obtained a copy of the site's information, notified the company. Within about 24 hours,