Change your Password Now: Imgur was hacked in 2014
This is a relatively small percentage of Imgur users, and COO Roy Sehgal points out that the site has never asked for “personally-identifying information.” Nevertheless, the company is contacting the owners of affected accounts, advising them to change their passwords.
On the afternoon of November 23rd, an email was sent to Imgur by a security researcher who frequently deals with data breaches. He believed he was sent data that included information of Imgur users. Our Chief Operating Officer received the email late night on November 23rd and immediately corresponded with the researcher to learn more about the potential breach. He simultaneously notified Imgur’s Founder/CEO and Vice President of Engineering. Our Vice President of Engineering then arranged to securely receive the data from the researcher and began working to validate that the data belonged to Imgur users.
Early morning on November 24th, we confirmed that approximately 1.7 million Imgur user accounts were compromised in 2014. The compromised account information included only email addresses and passwords. Imgur has never asked for real names, addresses, phone numbers, or other personally-identifying information (“PII”), so the information that was compromised did NOT include such PII.
We recommend that you use a different combination of email and password for every site and application. Please always use strong passwords and update them frequently.