Here we are again folks, another article of a large breach in security, leaving multiple thousands in a state of possible vulnerability.
It was discovered that back in 2012, the same year Engadget used Disqus for comments, hackers had claimed data from Disqus’ servers. A snapshot of usernames and the emails associated, dating back to 2007, as well as sign-up dates, and last login info and users of the 17.55mm text had been captured. Adding onto that, it seems that 1/3 of the passwords were also breached from those affected accounts, despite being hashed (SHA1)
Disqus learned of the hacking this past Thursday after Troy Hunt of Have I Been Pwned notified disqus that it had obtained a copy of the site’s disclosed information.
Apparently Hunt has also come across breaches for Bit.ly and Kickstarter, while stating he has three more to go.
If you have an account with any of above mentioned sites it would be wise to check on your vulnerable information and ensure all your things are accounted for.