Skip to main content
  1. Home
  2. Social Media
  3. Computing
  4. Web
  5. News

New details of huge Tumblr data breach reveal possible connection to LinkedIn hackers

Add as a preferred source on Google

The massive scale of a data breach that affected social blogging platform Tumblr has been revealed for the first time.

The Yahoo-owned service admitted it had been hacked in 2013 but refused to divulge how many accounts had been affected. According to security expert Troy Hunt, hackers got away with approximately 65 million Tumblr passwords in total, making it the third-biggest data breach of all time.

Recommended Videos

Even more fascinating, however, is the potential connection between the Tumblr hack and a recently revealed LinkedIn breach. The latter is the current record holder in terms of the amount of data stolen, but Hunt has also drawn parallels to the way that data is being sold online.

In both cases, the passwords extracted by the hacker, or hackers, are all available to the highest bidder on the dark web. Additionally, the listings that Hunt spotted online were all created by the same seller, an account known as “peace_of_mind.” That doesn’t necessarily mean that individual is the person responsible for the breaches, but it is yet another similarity.

There is also a third breach, concerning a once-popular but now defunct social network, which is rumored to be the biggest of them all. It is thought that MySpace was hacked on an unspecified date, possibly during its mid-2000s heyday, and that 360 million records were stolen. The fact that all of these breaches are now coming to light is another indication that the perpetrators may be the same, according to Hunt.

“There are some really interesting patterns emerging here. One is obviously the age; the newest breach of this recent spate is still more than three years old,” states Hunt. “This data has been lying dormant (or at least out of public sight) for long periods of time.”

Security experts are also advising social media companies to go beyond passwords in order to protect their members.

“The breaches at MySpace and LinkedIn are just two more examples highlighting why passwords aren’t sufficient for protecting sensitive data,” Vishal Gupta, CEO of security startup Seclore, told Digital Trends. “Data-centric security solutions are a natural candidate for supplementing the increasingly weakened password. By applying protections at the data level, even if hackers manage to get their hands on sensitive information, the data remains completely unusable.”

It is important to note that Tumblr claims the stolen set of user email addresses all contained salted and SHA1 hashed passwords, which are much harder to crack.

Saqib Shah
Saqib Shah is a Twitter addict and film fan with an obsessive interest in pop culture trends. In his spare time he can be…
As AI turbocharges digital abuse, UK agencies urge parents to limit who sees kids’ photos online
The National Crime Agency and Internet Watch Foundation are asking parents to tighten privacy settings as AI-generated abuse material rises.
Social Media

Parents who post pictures of their kids online are being told to rethink the habit. The UK's National Crime Agency and the Internet Watch Foundation have issued new guidance urging families to lock down their social media accounts, warning that publicly shared photos are increasingly being pulled and altered by AI tools to create child sexual abuse material.

The two organizations say most parents have no idea this is happening. Criminals no longer need to contact a child directly to generate such material. They can scrape an ordinary photo and run it through widely available nudify apps.

Read more
Google Maps could soon order food for you using Gemini
Your next takeaway order could start inside Google Maps
Google Maps

Google Maps has steadily evolved from a navigation app into an AI-powered discovery platform, thanks to Gemini integration and features like Ask Maps. Now, the app could be preparing to take the next step by letting users order food directly through conversational AI.

According to Android Authority's Authority Insights, the latest beta version of Google Maps for Android contains references to an unreleased feature that would allow users to ask Maps to place food orders on their behalf. While the functionality isn't live yet, newly discovered code strings suggest Google is actively developing the feature.

Read more
Most Americans want kids off social media before 16, new survey shows
A new Pew Research Center survey has found broad support for banning social media for kids under 16, with even stronger backing for age verification and parental consent rules.
Child using a blue phone

A majority of US adults now support banning social media for anyone under 16, according to a new Pew Research Center survey. The finding puts American public opinion roughly in line with countries that have already acted on the idea, including Australia, which has enforced a ban, and the UK, which is currently considering one.

Support holds steady across party lines and age groups

Read more