65 million tumblr accounts leaked in the tumblr breach
On 12 May, Tumblr revealed that it had just discovered a 2013 breach of user email addresses and passwords.
Details were sparse, and the company reportedly refused to put a number on the affected accounts.
Now, we know: the dataset included more than 65 million accounts, up for sale on the Dark Web, as confirmed by an independent security researcher.
Troy Hunt, who maintains the data breach awareness portal Have I Been Pwned, on Monday sent out an email blast to affected Tumblr users who’d signed up for notifications when their accounts are pwned.
According to the advisory, the total number of compromised accounts is 65,469,298.
As with any data breach, those affected should head over to Tumblr to change their passwords immediately.
Finally, if you’ve used the same password in other places (which of course you shouldn’t – and here’s why it matters), you should head to those other sites and change it there – using a unique password for each site.