On November 24, 2017, image-sharing website Imgur disclosed that email addresses and passwords of 1.7 million users were stolen in a 2014 hack on the company. Imgur became aware of the breach on November 23, 2017 when a security researcher alerted the company about the potential issue. The breach was confirmed on November 24th and Imgur posted a notice of the breach on its blog later that same day. According to the blog post, the breach does not include personally-identifiable information (PII) because Imgur has never asked for users’ real names, addresses, telephone numbers or other PII. Imgur is still investigating the breach but believes that it may have been caused by a security algorithm in use at the time that has since been replaced. Imgur has already begun resetting passwords of affected users, and recommends that individuals use a different combination of email and password for every site and application. Imgur has approximately 150 million monthly users.
[View source.]