Disqus reveals it suffered a security breach in 2012

Source: Engadget

“Another day, another security breach (and another, and another…). This time it’s Disqus, which is revealing that in 2012 … hackers made off with some of its data, covering a snapshot of usernames and associated email addresses dating back to 2007, as well as ‘sign-up dates, and last login dates in plain text for 17.5mm users.’ More distressing is news that it also coughed up passwords for a third of those accounts, which were in hashed (SHA1) form but it’s possible the attackers could have decrypted them. According to Disqus, it learned of the leak Thursday evening after Troy Hunt of Have I Been Pwned notified obtained a copy of the site’s information and informed the company. Within about 24 hours, it has disclosed the breach, started to contact users and forced password resets for affected accounts.” (10/06/17)

https://www.engadget.com/2017/10/06/disqus-reveals-it-suffered-a-security-breach-in-2012/