{"id":58097,"date":"2017-10-09T18:12:37","date_gmt":"2017-10-09T23:12:37","guid":{"rendered":"https:\/\/www.pcmatic.com\/blog\/?p=58097"},"modified":"2017-10-09T18:12:37","modified_gmt":"2017-10-09T23:12:37","slug":"wordpress-plugin-leaves-users-vulnerable","status":"publish","type":"post","link":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/","title":{"rendered":"WordPress Plugin Hack Went Undetected For 5 Years"},"content":{"rendered":"<h3>WordPress Plugin Leaves Users Vulnerable<\/h3>\n<p>Disqus, a popular WordPress plugin, revealed they were the victims of a data breach.\u00a0 Disqus is used for bloggers to allow individuals to comment on their articles.\u00a0 The hack began in July of 2012, and could be one of the longest undetected breaches, as it was just recently discovered.\u00a0 On October 5, 2017, Troy Hunt of <a href=\"https:\/\/haveibeenpwned.com\/\">Have I Been Pwned,<\/a>\u00a0disclosed the breach to the company and within 24 hours the organization had publicly announced the leak.<\/p>\n<p>It is suspected over 17.5 million email accounts and passwords were exposed, along with Disqus usernames and login records.\u00a0 According to <a href=\"http:\/\/www.ibtimes.com\/disqus-breach-175-million-emails-exposed-login-hack-2599013\">International Business Times<\/a>, the account data dated back as far as 2007.<\/p>\n<p>The good news is, the passwords were encrypted using an algorithm, so they were not in plain text.\u00a0 The bad news is, the algorithm used was well-known, and could be easily undone to obtain the actual passwords.\u00a0 Beyond the risk of password exposure, the email addresses were stored in plain text.\u00a0 Therefore, there is an increased risk for phishing attacks to those individuals whose email addresses were exposed.<\/p>\n<p>To find out if you were impacted by this breach, go to <a href=\"https:\/\/haveibeenpwned.com\/\">Have I Been Pwned<\/a>, and enter your email address.\u00a0 Click &#8220;pwned?&#8221;.\u00a0 If your email address has been leaked, it will tell you which breach led to the leak, and when.<\/p>\n<p>**PC Pitstop does not use this plugin for its blog.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>WordPress Plugin Leaves Users Vulnerable Disqus, a popular WordPress plugin, revealed they were the victims of a data breach.\u00a0 Disqus is used for bloggers to allow individuals to comment on their articles.\u00a0 The hack began in July of 2012, and could be one of the longest undetected breaches, as it was just recently discovered.\u00a0 On [&hellip;]<\/p>\n","protected":false},"author":54,"featured_media":55153,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[183],"tags":[4934,4410,5375,5296],"class_list":["post-58097","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tips","tag-breach","tag-data-breach","tag-disqus","tag-leak"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WordPress Plugin Hack Went Undetected For 5 Years<\/title>\n<meta name=\"description\" content=\"WordPress plugin, Disqus was the victim of a breach. The leak exposed 17.5 million email accounts, passwords, usernames, and login data...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress Plugin Hack Went Undetected For 5 Years\" \/>\n<meta property=\"og:description\" content=\"WordPress plugin, Disqus was the victim of a breach. The leak exposed 17.5 million email accounts, passwords, usernames, and login data...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/\" \/>\n<meta property=\"og:site_name\" content=\"PC Matic Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/pcmatic\" \/>\n<meta property=\"article:published_time\" content=\"2017-10-09T23:12:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"730\" \/>\n\t<meta property=\"og:image:height\" content=\"410\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kayla Elliott\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:site\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kayla Elliott\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/\"},\"author\":{\"name\":\"Kayla Elliott\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/d4a11f480158af9f8090d8d90e0de8db\"},\"headline\":\"WordPress Plugin Hack Went Undetected For 5 Years\",\"datePublished\":\"2017-10-09T23:12:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/\"},\"wordCount\":236,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"keywords\":[\"breach\",\"data breach\",\"Disqus\",\"leak\"],\"articleSection\":[\"tips\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/\",\"name\":\"WordPress Plugin Hack Went Undetected For 5 Years\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"datePublished\":\"2017-10-09T23:12:37+00:00\",\"description\":\"WordPress plugin, Disqus was the victim of a breach. The leak exposed 17.5 million email accounts, passwords, usernames, and login data...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"contentUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"width\":730,\"height\":410},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wordpress-plugin-leaves-users-vulnerable\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Plugin Hack Went Undetected For 5 Years\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"name\":\"PC Matic Blog\",\"description\":\"Tech Tips and Tricks\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\",\"name\":\"PC Matic - Top Antivirus Company in the USA.\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"contentUrl\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"width\":1535,\"height\":483,\"caption\":\"PC Matic - Top Antivirus Company in the USA.\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/pcmatic\",\"https:\\\/\\\/x.com\\\/pcmatic\",\"https:\\\/\\\/www.instagram.com\\\/pcmaticusa\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/pcmatic\",\"https:\\\/\\\/www.youtube.com\\\/c\\\/PCMaticVideo\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/d4a11f480158af9f8090d8d90e0de8db\",\"name\":\"Kayla Elliott\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/author\\\/kayla\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WordPress Plugin Hack Went Undetected For 5 Years","description":"WordPress plugin, Disqus was the victim of a breach. The leak exposed 17.5 million email accounts, passwords, usernames, and login data...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/","og_locale":"en_US","og_type":"article","og_title":"WordPress Plugin Hack Went Undetected For 5 Years","og_description":"WordPress plugin, Disqus was the victim of a breach. The leak exposed 17.5 million email accounts, passwords, usernames, and login data...","og_url":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/","og_site_name":"PC Matic Blog","article_publisher":"https:\/\/www.facebook.com\/pcmatic","article_published_time":"2017-10-09T23:12:37+00:00","og_image":[{"width":730,"height":410,"url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","type":"image\/jpeg"}],"author":"Kayla Elliott","twitter_card":"summary_large_image","twitter_creator":"@pcmatic","twitter_site":"@pcmatic","twitter_misc":{"Written by":"Kayla Elliott","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#article","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/"},"author":{"name":"Kayla Elliott","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/d4a11f480158af9f8090d8d90e0de8db"},"headline":"WordPress Plugin Hack Went Undetected For 5 Years","datePublished":"2017-10-09T23:12:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/"},"wordCount":236,"commentCount":0,"publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","keywords":["breach","data breach","Disqus","leak"],"articleSection":["tips"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/","url":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/","name":"WordPress Plugin Hack Went Undetected For 5 Years","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#primaryimage"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","datePublished":"2017-10-09T23:12:37+00:00","description":"WordPress plugin, Disqus was the victim of a breach. The leak exposed 17.5 million email accounts, passwords, usernames, and login data...","breadcrumb":{"@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#primaryimage","url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","contentUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","width":730,"height":410},{"@type":"BreadcrumbList","@id":"https:\/\/www.pcmatic.com\/blog\/wordpress-plugin-leaves-users-vulnerable\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pcmatic.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress Plugin Hack Went Undetected For 5 Years"}]},{"@type":"WebSite","@id":"https:\/\/www.pcmatic.com\/blog\/#website","url":"https:\/\/www.pcmatic.com\/blog\/","name":"PC Matic Blog","description":"Tech Tips and Tricks","publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pcmatic.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pcmatic.com\/blog\/#organization","name":"PC Matic - Top Antivirus Company in the USA.","url":"https:\/\/www.pcmatic.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","contentUrl":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","width":1535,"height":483,"caption":"PC Matic - Top Antivirus Company in the USA."},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/pcmatic","https:\/\/x.com\/pcmatic","https:\/\/www.instagram.com\/pcmaticusa\/","https:\/\/www.linkedin.com\/company\/pcmatic","https:\/\/www.youtube.com\/c\/PCMaticVideo"]},{"@type":"Person","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/d4a11f480158af9f8090d8d90e0de8db","name":"Kayla Elliott","url":"https:\/\/www.pcmatic.com\/blog\/author\/kayla\/"}]}},"_links":{"self":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/58097","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/users\/54"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/comments?post=58097"}],"version-history":[{"count":0,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/58097\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media\/55153"}],"wp:attachment":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media?parent=58097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/categories?post=58097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/tags?post=58097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}