Disqus has released a statement on a security breach which took place in 2012.
“While we are still investigating the incident… we know that a snapshot of our user database from 2012, including information dating back to 2007, was exposed,” said Disqus.
This includes email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5 million users.
“Additionally, passwords (hashed using SHA1 with a salt; not in plain text) for about one-third of users are included.”
Disqus said there isn’t any evidence of unauthorised logins occurring in relation to this.
“As a security precaution, we have reset the passwords for all affected users. We recommend that all users change passwords on other services if they are shared.”