500px, the popular Toronto, Canada-based online photography community and smartphone photography app, has admitted a data breach.
The security issue is said to affect most of its 15 million users, certainly those who registered before July 2018.
The ‘unauthorized party’ apparently gained access to its systems and acquired partial user data on approximately 5 July, 2018. But unfortunately 500px engineers only noticed the issue on 8 February 2019.
The compromised data could be potentially damaging as it includes the user’s first and last name, their username, email address, a hash of their password, birth date (if provided), city, state/province, country, and gender.
“Based on our investigation to date, we believe that an unauthorized party gained access to our systems and acquired partial user data on approximately July 5, 2018,” said the firm in a blog posting.
“We’ve concluded this issue affected certain information that users provided when filling out their user profiles, as listed below,” it added. “Our engineers are closely monitoring our platform and we’ve found no evidence to date of any recurrence of this issue.”
It said that as a precaution, it is resetting all users’ 500px account passwords. Users will receive an email shortly requested them to sign in with a new password.
Users who registered after 5 July 2018 are unlikely to have been affected by the data breach.
500px confirmed it has informed law enforcement and is utilising a third party expert to help with its investigation.
It said there was no evidence that other data such as credit card information, has been compromised.
This is not the first time that 500px has been in trouble.
In 2013 Apple removed 500px from its App Store over fears it could be used to view pornographic images and possibly indecent images of children.
Do you know all about security? Try our quiz!