Disqus

In October 2017 the popular blog commenting platform Disqus disclosed a significant data breach that occurred back in July 2012. The incident involved an unauthorized access to a database snapshot containing user information. The security compromise was identified after researchers found a database file containing millions of records. The data included user identifiers and hashed passwords using SHA1 with salts which made them vulnerable to cracking. Disqus responded by forcing password resets for all affected users and improving their encryption standards to bcrypt.