We Heart It, an image-sharing site used by 40 million teens as of a couple of years ago, is informing users their personal data may have been compromised. The company was alerted to a possible security breach last week that involved over 8 million accounts, it said on Friday. The breach took place a few years ago and includes email addresses, usernames and encrypted passwords for We Heart It accounts created between 2008 and November 2013.
Although the passwords were encrypted, they are not secure, the company notes.
“…the encryption algorithms commonly used to encrypt passwords in 2013 are no longer secure due to advancements in computer hardware,” reads a We Heart It blog post detailing their findings.
The company adds that, since that time, it has made improvements to its systems, security protocols, password security and its database.
It has also taken the immediate step to encrypt all current users’ passwords with additional encryption using the secure bcrypt algorithm. This process was still underway at the time of the announcement.
Over the weekend, We Heart It sent out emails to affected users to alert them to the breach.
Users are being asked to change their password if it has not been updated since 2013, as well as change that password on any other site where it’s been re-used.
Unfortunately, the company did not proactively reset users’ passwords on their behalf, as many companies do following a security breach involving account information.
However, We Heart It says that it has not found any evidence of unauthorized logins or wrong doing at this time.
We Heart It today operates two apps in addition to the We Heart It website. Its service allows users to find and save images they love like fashion inspiration, photography, wallpapers, quotes, and more, similar to Pinterest. A couple of years ago, the company released a second app, Easel, to create images and quotes using your own photos or those a pre-set selection. These apps are primarily used by teenaged girls and young adults, ranging in age from 15 to 24, and the majority (80-90%) of whom use the service via mobile.
The We Heart It app is not quite as popular as it once was. In 2015, the app was ranked in between the 40’s through 60’s in the Top Social Networking apps list on the U.S. App Store. Today, it’s ranked #85, according to App Annie.
Though nowhere near as significant in size and scale as some of the data breaches we’ve seen in recent months, like the Equifax breach or the Yahoo one, the We Heart It breach is a reminder that even old apps you’ve since abandoned can come back to haunt to you years later.