Last year was a big year for hacks of high profile services like Facebook. In late 2018, Facebook announced that a hack had occurred that left the private messages of 81,000 accounts up for sale. Now, photography website 500px has announced that it was hacked last year and that at least some data on all of its users was stolen in the hack.
500px says that on February 8, 2019, its engineering team became aware of a potential security issue that affected some user profile data. The company says that it launched a "comprehensive review" of its systems to try and understand the nature and scope of the hack; the investigation involved a third-party expert and coordination with law enforcement authorities.
The investigation revealed that hackers gained access to 500px systems and were able to acquire partial user data on approximately July 5, 2018. Hackers made off with some of the user data that people signing up for the service entered into their profiles. The data included first and last names, 500px user name, emails address associated with the account, hashed passwords, birth date (if provided), information on user location (if provided) and the gender of the users (if provided). Credit card information was not affected as it was not on the 500px servers.
500px notes that its team of engineers have been monitoring its platform and have found no evidence of recurrence of the issue. All users are being forced to reset passwords as a precaution; notification emails are being sent to users with instructions on resetting the passwords. A system-wide password reset is underway. As for how many users were affected, 500px gives no exact numbers and says that if you were a 500px user before July 5, 2018, your data was part of the breach. The company notes that due to the volume of users affected, there could be a delay in notifying all users.