Disqus Confirms Over 17.5 Million Email Addresses Were Stolen In 2012 Hack of


#1

Is any of this applicable to us here at Boing Boing?


Discus breached 17.5 million user accounts in 2012, then did everything right about it in 2017
#2

possibly. Boing Boing used Disqus back then, but we allowed logins via the site itself using OAuth, so those credentials would not have been compromised.

However, if you created a Disqus account instead of a Boing Boing account, then yes, you may have been affected, and should make sure that your Disqus password is not used elsewhere.

This is also a good time for me to recommend a password manager to allow folks to use a unique password per site, and enable two-factor authentication everywhere possible.


#3

I think I created a BB login and not a discuss login back then. I guess I’ll have to go over to haveibeenpwoned and check. :frowning:

Thanks for the insightful reply.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.