Art and Photography

500px Data Breach - all accounts before July 6th 2018

  • Last Updated:
  • Feb 17th, 2019 2:12 pm
[OP]
Deal Addict
Feb 16, 2006
4326 posts
1361 upvotes
Vancouver

500px Data Breach - all accounts before July 6th 2018

https://www.dpreview.com/news/816987216 ... -july-2018

Quote:

5oopx, the photo sharing service owned by Visual China Group (VCG), the world's third-largest visual content provider, has posted a security notice on its support site today, revealing that the platform suffered a security breach that exposed user data and profile information.

The breach was discovered by 500px engineers only a few days ago on February 8, but actually happened all the way back on July 5, 2018. The company says all users who signed up on or before that day are affected by the breach which exposed users' first and last names, usernames, email addresses, a hash of their passwords and dates of birth.

If at signing up users decided to provide gender and location information this data will be compromised as well. The good news is that 500px has found no signs of unauthorized entry into any of the affected user accounts. Payment information was not compromised either.

In its announcement 500px says it will upgrade its security measures and examine its source code in order to avoid similar issues in the future. The company is also asking all users to change passwords.

.
2 replies
Deal Addict
Jul 30, 2003
1888 posts
274 upvotes
Toronto
What about users who login via facebook, will their facebook credential get exposed as well?
[OP]
Deal Addict
Feb 16, 2006
4326 posts
1361 upvotes
Vancouver
zero_ wrote: What about users who login via facebook, will their facebook credential get exposed as well?
The info is there off the link to the 500px support page.

https://support.500px.com/hc/en-us/arti ... y-2019-FAQ
If I logged in with a social account (Google+, Facebook), do you still have my password?

"As a user signing in from an external social platform, you can still enter a password with us, but we do not store your Google+, Facebook, or social sign-in passwords. When you log in via a social account, we receive a session token that is stored on our servers. When the session token expires, we ask you to login via your social account to give us a new token each time."
.

Top