The Daily Swig Web security digest

Social networks: We Heart It alerts users to historic data breach

James Walker | 16 October 2017 at 17:00

Eight million user account details in the frame.

Image-based social network We Heart It has alerted users of a security breach dating back to 2013.

According to the company, information from its user database was leaked, including the email addresses, usernames, and encrypted passwords of more than eight million accounts created between 2008 and November 2013.

After being alerted to the breach on October 11, We Heart It said its investigation failed to find evidence of unauthorized logins, but it urged all users to change their passwords if they have not done so over the past four years.

“The encryption algorithms commonly used to encrypt passwords in 2013 are no longer secure due to advancements in computer hardware,” We Heart It said in a statement to its members last week.

“Since 2013 we have made significant upgrades and improvements to our systems, security protocols, password security, and database.

“Additionally, we have taken immediate action to further protect all We Heart It account passwords with additional encryption using the secure bcrypt algorithm.”

“We are in the process of updating all user passwords with this additional encryption as expeditiously as possible.

Founded by Fabio Giolito in 2008, San Francisco-based We Heart It has an estimated 45 million registered users. It was named as one of Google Play’s Best Apps of 2015.