User data exposed in 500px security breach

Security
500px data breach

Photo-sharing company 500px has revealed it recently suffered a breach that exposed its users’ personal data and warned members to reset their passwords.

An unauthorised party managed to gain access to its system on 5th July 2018. However, the breach was only discovered last Saturday (Feb.10th) and was disclosed via a blog post on the company’s website on Tuesday (Feb.12th).

Information compromised include usernames, first and last names, email addresses, hashed passwords, users birthdate, address information, and gender, according to the blog.

Investigation

“If you were a 500px user on or prior to July 5th, 2018, you have been affected,” the company said. “Our engineers are closely monitoring our platform and we’ve found no evidence to date of any recurrence of this issue.”

500px, which has more than 13m registered users, said there’s no evidence of unauthorised access to user accounts, and that the company began contacting its members by email at around 8pm ET on Tuesday.

As soon as they discovered the breach, the company said it ” immediately launched a comprehensive review of our systems to understand the nature and scope of the issue,” adding that they contacted third-party experts to assist the company in its investigation.

“We have alerted law enforcement, in addition to retaining a security firm to assist us in the investigation and next steps,” the company said.

The company promises to upgrade its security and network infrastructure to prevent any breaches from reoccurring.

Security measures

“Going forward, we will continue to enhance our security measures to help keep your data safe and we are implementing additional measures to help prevent this type of incident from reoccurring.

“We are continuing to upgrade our network infrastructure. Over the last 12 months, we have undertaken a major upgrade to our network infrastructure – this project is nearing completion, and will also offer a significant increase in security.”

The news comes after The Register reported 500px’ data is available for sale on the dark web, along with DataCamp data and information from other sites.

Related Posts

Menu