We Heart It Data Breach Affects over 8 million Accounts

We Heart It, an image-sharing site used by 40 million teens, has contacted its users alerting them that their personal data may have been compromised. The company discovered a possible security breach last week that involved over 8 million accounts, it said.

The breached details include email addresses, usernames and encrypted passwords for We Heart It accounts created between 2008 and November 2013. Although the passwords were encrypted, they are not secure, the company notes.

Lisa Baergen, director at NuData Security, said: “This is the sort of mass email theft with login credentials that raises two giant concerns targeting teens, an especially vulnerable population.  The lesser of these two particular evils is phishing and malware distribution, both of which can do major harm to vulnerable teens just beginning their lives and envisioning college or careers.

“But, the greater threat is identity theft. Teens are just entering the workplace, which makes them a potential goldmine, figuratively speaking. Through social engineering, fraudsters can readily correlate sufficient identifying information to support viable identity theft – for personal loans, accounts, cars or even mortgages – by correlating their credentials and gleaned personal data… something the victim might not realise for months or years, given their relative inactivity in terms of credit access.

"All consumers should be protected by advanced, integrated multi-layered authentication solutions that include passive behavioural biometrics. We’re well past the point where discerning a valid and trusted identity from a fraudster is cumbersome or intrusive. In addition to providing institutions with enormous savings by thwarting fraud, this type of strategy will over the long term devalue the individual’s data and save the countless hours of work and headaches that identity theft victims must go through.”

Also Read

Stay in the know with our newsletter