Nearly 15 Million Users Affected in 500px.com Hack
Popular photo-sharing site 500px has announced that it was hacked last summer, resulting in a massive data breach for all of its users.
Discovered on Saturday 8th February 2019 by their in-house engineering team, it was realised that the hack occurred back in July 2018.
According to a 500px blog post, information acquired by the hackers included:
- Your first and last name as entered on 500px
- Your 500px username
- The email address associated with your 500px login
- A hash of your password, which was hashed using a one-way cryptographic algorithm
- Your birth date, if provided
- Your city, state/province, country, if provided
- Your gender, if provided
Fortunately, 500px believe that credit card information was not stolen, as this was stored on a separate server.
If you registered as a user on the site prior to July 2018, then it is almost a certain that your personal details will have been stolen by the hackers.
In response, the company’s engineers are “closely monitoring” the platform, with no evidence of any reoccurrence. In addition, they have forced a reset of passwords. This reset will prioritise affected users first, with a forced reset of all MD5-encrypted passwords.
500px are in the process of sending out notification emails and texts to affected users that will provide instructions on how to reset their passwords. However, due to the large volume involved, these notifications may be delayed.
They are further recommending that you change all passwords on any other websites or apps in which you may have used the same information.
If you are an affected user and have not received the email as of yet, they suggest to check your spam folder or reset your password directly on the site to be safe.
To be certain of what information may have been compromised, you can send a request to [email protected]. If you wish to delete your account with 500px, see instructions here – although it will make no difference to your information being compromised.