Security Breach to Popular PhotoSharing Site Exposes User Data
How Many Records: 14.8 Million
Date: February 13, 2019
What Happened: Photo-sharing platform 500px has revealed that it suffered a security breach that exposed its users’ data and profile information.
How did it happen: While the company’s engineers have only just discovered the unauthorized entry, it actually happened way back on July 5th, 2018 — just a few days after the company closed its in-house Marketplace that helped photographers sell their work. Simply put, everybody who signed up for a 500px account on or before that day has been compromised. According to the company the breach exposed users’ first and last names, usernames, the email addresses they used to create their accounts, a hash of their passwords and their birthdates. It also compromised their gender and their city/state/province/country if they chose to provide them.
Outcome: 500px found no evidence of unauthorized entry into users’ accounts and no evidence that the breach exposed data other than the ones it listed. People’s credit card details were apparently left untouched. The company said it’s monitoring its source codes to protect against further security issues. It also promises to upgrade its security measures and network infrastructure. 500px has started sending out emails to all its users, asking them to change their passwords, and it’s offering to send them all their data on file within 72 hours if they send an email request.