- Couple calls for boycott of dog walker app Wag! after their dog was abducted 3 Years Ago
- Trump gets banned from SeekingArrangement because he’s not a ‘real sugar daddy’ Today 4:17 PM
- InfoWars accidentally sent child porn to lawyers representing Sandy Hook parents Today 4:12 PM
- Sticker warns men changing diapers about ‘feminization of the American male’ Today 4:10 PM
- The genius way Genius caught Google allegedly stealing lyrics Today 3:03 PM
- This bubble tea challenge is a balancing act Today 2:15 PM
- Laura Dern gifts the internet with more ‘Big Little Lies’ memes Today 1:54 PM
- The Stonks meme is back—and it’s weirder than ever Today 1:27 PM
- Video shows officer threatening to shoot pregnant Black woman in front of her children Today 1:12 PM
- Netflix’s ‘Leila’ tells a familiar dystopian horror story Today 12:37 PM
- O.J. Simpson says in Twitter video that he never slept with Kris Jenner Today 12:06 PM
- GOP commissioner jokes on Facebook about running over Trump protesters Today 11:52 AM
- 2 trans women killed within 3 months in the same neighborhood Today 11:35 AM
- DNC tries to pander with tone-deaf Beyoncé meme, fails miserably Today 10:45 AM
- Parkland grad says Harvard rescinded offer after racist comments surfaced Today 10:10 AM
If you used Tumblr in 2013, you might want to reset your password just in case.
The 2013 Tumblr data breach affected 65 million users, according to an unofficial but reliable resource for data breaches and hacks.
Tumblr disclosed the breach on May 12 and said it included “salted and hashed passwords from early 2013.”
“Our analysis gives us no reason to believe that this information was used to access Tumblr accounts,” the company said. “As a precaution, however, we will be requiring affected Tumblr users to set a new password.”
Tumblr declined to confirm Hunt’s information. Katherine Barna, a company spokeswoman, pointed to steps taken since the breach, including the introduction of two-factor authentication and the creation of a bug bounty program.
“Tumblr is committed to protecting our users’ security and we’re continuously innovating our offensive and defensive efforts to keep our users secure,” Barna said in an email. “That said, criminals are constantly evolving their methods, as well, and 100 percent security is not a realistic end point for any platform.”
Have I Been Pwned, which lets people check if an email address or username is present in any of the databases that Hunt has acquired, lists the Tumblr breach as the third largest on record. The largest is the 2012 LinkedIn breach, which included 164 million accounts. That data set appeared on the Dark Net earlier this month.
On his blog, Hunt warned that estimates of the number of affected Tumblr users would vary “due to data idiosyncrasies such as the way deactivated accounts were flagged.”
Update 6:13pm CT, May 30: Added Tumblr comment.
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.