Imgur, popular meme site, confirms security breach affecting 1.7 million accounts

Email addresses and passwords pertaining to more than a million accounts on Imgur, one of the world’s most popular websites, were compromised as the result of a 2014 data breach that went unnoticed until this week, the image sharing site said Friday.

Imgur was contacted by a prominent security research Thursday evening about a potential security breach and confirmed within hours that 1.7 million user accounts were compromised in 2014, the site’s chief operating officer wrote in a blog post.

The hacked data consisted entirely of email addresses and passwords belonging to the equivalent of 1.7 million user accounts, said Imgur COO Roy Sehgal, or roughly one percent of the site’s 150 million monthly users.
The stolen passwords were encrypted by Imgur but still susceptible to being deciphered because they had been encoded using an out-of-date encryption method that the website has since abandoned, Mr. Sehgal said.