We Heart It, the image sharing website, disclosed late last week that there was a potential cybersecurity breach that may have impacted more than 8 million accounts.
In a blog post, the company announced news that the data breach may have happened several years ago, but that it was only recently alerted to the cyberattack. We Heart It said it has started an investigation. So far, only information from the company’s user account database was leaked, which included details like email addresses, usernames and encrypted passwords for accounts that were created between 2008 and November of 2013.
Currently, the company said it has found no evidence that there were any unauthorized logins or wrongdoing. However, the encryption algorithms used to secure passwords back in 2013 aren’t valid anymore because of advancements in computer hardware.
“Since 2013, we have made significant upgrades and improvements to our systems, security protocols, password security and database. Additionally, we have taken immediate action to further protect all We Heart It account passwords with additional encryption using the secure encryption algorithm. We are in the process of updating all user passwords with this additional encryption as expeditiously as possible,” the company said in the blog post.
We Heart It said it is contacting users impacted by the data leak via email. The company recommends users change their passwords. If the same password was used at multiple websites, users should change those as well.
“We would like to apologize to all of our users who were affected by this breach. We will continue to investigate this incident and will update this post as and if further relevant information comes to light,” the company wrote.
We Heart It is just the latest in a slew of companies to disclose cybersecurity incidents in recent months. The biggest in recent weeks came from Equifax, which disclosed data from 145.5 million customers in the U.S. was hacked.