Action Required: Important information about your Disqus account

Hello necesitocambio,

We take privacy seriously at Disqus. We are emailing to inform you about a potential security matter.

*What happened?*

A snapshot of our user data from 2012 has been exposed. We were alerted to this issue on Thursday, October 5th and worked as quickly as possible to investigate and to contact the affected users.

*What information was involved?*

Your email linked to your Disqus account and Disqus username, as well as your password (hashed using SHA1 with a salt; not in plain text) may have been included. Right now there isn't any evidence of unauthorized logins occurring in relation to this, but it is possible for this data to be decrypted (even if unlikely). Out of an abundance of caution, we are requiring you to change your Disqus password.

To do so, please follow this link: https://disqus.com/reset/?uid=9825875&tkn=sZUCMRSk7fEFqjYHcUJwNu2azf2WbX5W

*What are we doing?*

We have been investigating the matter and implementing a password reset. We are also reaching out to our users to inform them about this matter.

*What can you do?*

In addition to changing your password (see above), it is always a good idea to be vigilant against identity theft and fraud, to review account statements and credit reports, and to report suspected identity theft to law enforcement. Also, we encourage everyone to regularly rotate passwords for all online accounts and not use the same password for multiple accounts. Finally, be alert to "phishing" when someone acts like a colleague or friend and requests sensitive information over email.

For more information about the incident and what we are doing in response, please refer to our blog post here: https://blog.disqus.com/security-alert-user-info-breach

Thank you,
The Disqus team

Posted in: