8 Million Accounts Exposed in We Heart It Data Breach
We Heart It has informed users that about eight million accounts may have been compromised.
The image-sharing site, which at its peak was used by about 40 million teens, said exposed information includes usernames, email addresses and encrypted passwords for accounts created between 2008 and November 2013. While the passwords were encrypted, the company warns they are not secure.
“At this time we have found no evidence of unauthorized logins or wrongdoing. However, the encryption algorithms commonly used to encrypt passwords in 2013 are no longer secure due to advancements in computer hardware,” the company said in its announcement.
Anyone who created an account after 2013, or who has updated their password in the intervening years, should be in the clear, as the company said they have improved their security protocols as well as password and database security since this time. However, the company is urging users who have not updated their password since 2013 to do so immediately. They also advised affected consumers to change their password on other sites where the same password is used.
We Heart It has emailed affected users and said they are investigating the incident.
The company said they were notified of the breach by security researcher Troy Hunt.