Online image sharing portal Imgur was hacked in 2014, 1.7million user accounts compromised

By Digit NewsDesk | Published on 27 Nov 2017

One of the most frequently visited websites, Imgur was hacked in 2014 after attackers used brute force to crack open an old encryption algorithm to steal 1.7 million email IDs and passwords.

Online image sharing portal Imgur was hacked in 2014, 1.7million user accounts compromised

Want to modernise your banking loan application?

Build an application that analyses credit risk with #IBMCloud Pak for Data on #RedHat #OpenShift

Click here to know more


Imgur, the frequently visited online image sharing website was hacked back in 2014 when attackers stole around 1.7 million email addresses and passwords. Imgur posted on its blog that the passwords were protected with the SHA-256 algorithm and since the website does not ask for real names, addresses, phone numbers and other personal information, nothing other than email IDs and passwords were stolen.

Imgur reported they received an email from security researcher Troy Hunt, who runs a data breach notification service Have I Been Pwned. The researcher believed he was sent data that included information of Imgur users. Imgur was notified of the breach on Thanksgiving, a US national holiday when most businesses are closed. 

Imgur made a public disclosure of the hack and began notifying affected users via their registered email addresses asking users to immediately update their passwords.

Imgur believes hackers used brute force to access the data as the site was using an outdated encryption algorithm at that time, which has since been updated. The stolen 1.7 million user data forms only a fraction of Imgur’s 150 million monthly users.

“We are still investigating how the account information was compromised. We have always encrypted your password in our database, but it may have been cracked with brute force due to an older hashing algorithm (SHA-256) that was used at the time. We updated our algorithm to the new bcrypt algorithm last year,” Imgur wrote in the blog. 

Imgur has notified it will conduct an internal security review of their systems and processes and has apologised for the breach of personal data. The company also suggested users to use a different combination of email addresses and passwords for every site and application.

Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry. Protection Status