What happened in the Disqus data breach?
Twingate Team
•
Apr 25, 2024
In July 2012, Disqus, a popular blog commenting service, experienced a data breach that went undetected until October 2017. The company has since made significant security improvements, including switching to the more secure bcrypt password hashing algorithm.
How many accounts were compromised?
The breach impacted data related to approximately 17.6 million users.
What data was leaked?
The data exposed in the breach included email addresses, usernames, sign-up dates, last login dates, and passwords for about one-third of the affected users.
How was Disqus hacked?
In the 2012 Disqus data breach, the specific methods used by hackers to access the database were not disclosed.
Disqus's solution
In response to the data breach, Disqus took several measures to enhance its security and prevent future incidents. They reset the passwords for all affected users as a precautionary measure and changed their password hashing algorithm from SHA1 to bcrypt at the end of 2012 as part of normal security enhancements. Additionally, Disqus made significant upgrades to its database and encryption methods since the breach to increase password security and protect user data.
How do I know if I was affected?
Disqus reached out to affected users and reset their passwords as a precautionary measure. If you're a Disqus user and haven't received a notification, you may visit HaveIBeenPwned to check if your credentials were affected by the breach.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached service. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to the Disqus data breach, please contact Disqus support directly.
Where can I go to learn more?
For more information on the Disqus data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Disqus data breach?
Twingate Team
•
Apr 25, 2024
In July 2012, Disqus, a popular blog commenting service, experienced a data breach that went undetected until October 2017. The company has since made significant security improvements, including switching to the more secure bcrypt password hashing algorithm.
How many accounts were compromised?
The breach impacted data related to approximately 17.6 million users.
What data was leaked?
The data exposed in the breach included email addresses, usernames, sign-up dates, last login dates, and passwords for about one-third of the affected users.
How was Disqus hacked?
In the 2012 Disqus data breach, the specific methods used by hackers to access the database were not disclosed.
Disqus's solution
In response to the data breach, Disqus took several measures to enhance its security and prevent future incidents. They reset the passwords for all affected users as a precautionary measure and changed their password hashing algorithm from SHA1 to bcrypt at the end of 2012 as part of normal security enhancements. Additionally, Disqus made significant upgrades to its database and encryption methods since the breach to increase password security and protect user data.
How do I know if I was affected?
Disqus reached out to affected users and reset their passwords as a precautionary measure. If you're a Disqus user and haven't received a notification, you may visit HaveIBeenPwned to check if your credentials were affected by the breach.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached service. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to the Disqus data breach, please contact Disqus support directly.
Where can I go to learn more?
For more information on the Disqus data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Disqus data breach?
Twingate Team
•
Apr 25, 2024
In July 2012, Disqus, a popular blog commenting service, experienced a data breach that went undetected until October 2017. The company has since made significant security improvements, including switching to the more secure bcrypt password hashing algorithm.
How many accounts were compromised?
The breach impacted data related to approximately 17.6 million users.
What data was leaked?
The data exposed in the breach included email addresses, usernames, sign-up dates, last login dates, and passwords for about one-third of the affected users.
How was Disqus hacked?
In the 2012 Disqus data breach, the specific methods used by hackers to access the database were not disclosed.
Disqus's solution
In response to the data breach, Disqus took several measures to enhance its security and prevent future incidents. They reset the passwords for all affected users as a precautionary measure and changed their password hashing algorithm from SHA1 to bcrypt at the end of 2012 as part of normal security enhancements. Additionally, Disqus made significant upgrades to its database and encryption methods since the breach to increase password security and protect user data.
How do I know if I was affected?
Disqus reached out to affected users and reset their passwords as a precautionary measure. If you're a Disqus user and haven't received a notification, you may visit HaveIBeenPwned to check if your credentials were affected by the breach.
What should affected users do?
In general, affected users should:
Change Your Password: Immediately update your password for the breached service. Make sure the new password is strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on the breached account and consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to the Disqus data breach, please contact Disqus support directly.
Where can I go to learn more?
For more information on the Disqus data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions