Massive Security Breach at Disqus Exposes Millions of User Accounts
In another alarming incident in the realm of cybersecurity, the widely-used commenting platform Disqus has revealed a significant data breach that occurred five years ago. The breach, which took place in July 2012, affects over 17.5 million user accounts, with sensitive information now in the hands of malicious actors.
Disqus, a United States-based company known for its web-based comment plugin utilized by numerous websites and blogs, confirmed that the compromised data includes email addresses, usernames, sign-up dates, and last login timestamps— all exposed in plain text. This breach has raised serious concerns among users, especially since the disclosed credentials date back to 2007, with the most recent data from July 2012.
Alarmingly, hackers accessed passwords for approximately one-third of the affected accounts, which were stored using the SHA-1 hashing algorithm noted for its vulnerabilities. In response to the breach, Disqus promptly contacted affected users, urging them to reset their passwords and enhance their security across other platforms that utilize similar credentials.
The company became aware of the incident following notification from independent security researcher Troy Hunt, who acquired a copy of the exposed data. Disqus’s Chief Technology Officer, Jason Yan, stated in a blog post, “No plain text passwords were exposed, but it is possible for this data to be decrypted (even if unlikely).” This prompted an immediate reset of passwords for all impacted accounts as a precautionary measure, highlighting the inherent risks associated with such breaches.
While the immediate reaction has been strong, it’s crucial to note that Disqus has since upgraded its security protocols. They transitioned to using the stronger Bcrypt hashing algorithm for passwords at the end of 2012, aiming to bolster user data protection against potential vulnerabilities. Yan remarked, “Since 2012, we have made significant upgrades to our database and encryption to prevent breaches and increase password security.”
Businesses that may have users relying on Disqus must remain vigilant in safeguarding credentials. Cybercriminals can employ social engineering tactics to exploit the leaked information. Users should remain cautious about potential phishing attempts that might arise as a result of this breach, particularly emails containing malicious attachments that could compromise additional sensitive data.
Disqus is currently conducting a thorough investigation to determine how the hackers infiltrated their system initially. The details surrounding the method of the breach remain unclear. However, potential MITRE ATT&CK tactics, such as initial access and credential dumping, could serve as frameworks to analyze how this breach may have occurred.
As businesses continue to grapple with the implications of data breaches, this incident further underscores the necessity for robust cybersecurity measures. Disqus’s breach follows closely on the heels of other significant incidents, such as the Equifax breach affecting 145.5 million US consumers and the recent security lapse at the U.S. Securities and Exchange Commission.
As the cybersecurity landscape evolves, continuous vigilance and proactive measures are essential for businesses to safeguard sensitive user data amidst increasing threats. Further updates from Disqus will provide additional insights as they navigate this security incident.
