Disqus
What was exposed
Email addressesPasswordsUsernames
What to do if you were affected
- Change your password for this account, and anywhere you reused it. Turn on two-factor authentication.
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In October 2017, the blog commenting service Disqus announced they'd suffered a data breach . The breach dated back to July 2012 but wasn't identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email addresses and usernames. Users who created logins on Disqus had salted SHA1 hashes of passwords whilst users who logged in via social providers only had references to those accounts.
Frequently asked questions
What is the Disqus data breach?
In October 2017, the blog commenting service Disqus announced they'd suffered a data breach . The breach dated back to July 2012 but wasn't identified until years later when the data finally surfaced. The breach contained over 17.5 million unique email...
When did the data breach happen?
This data breach occurred around July 2012.
How many accounts were affected?
Around 17,551,044 accounts were affected.
What information was exposed?
Exposed data included Email addresses, Passwords and Usernames.
What should I do if I was affected?
Change your password for this account, and anywhere you reused it. Turn on two-factor authentication. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches