114 Million Users Compromised in Gravatar Data Leak

Gravatar, an online avatar creator and “profile add-on” service, is the latest large website to have its security compromised, with approximately 114 million users being affected in a large data leak.

Have I Been Pwned, the cybersecurity group that tracks leaks and breaches and informs victims, reported on the Gravatar leak this morning (6th December).  They state:

“In October 2020, a security researcher published a technique for scraping large volumes of data from Gravatar, the service for providing globally unique avatars … 167 million names, usernames and MD5 hashes of email addresses used to reference users’ avatars were subsequently scraped and distributed within the hacking community.”

It was from this 167 million, that the 114 million email addresses and related data has been disseminated into the hacker community. Coincidentally, the operator of Have I Been Pwned, Troy Hunt, has himself been affected.

Source: Twitter

As the news of this leak has just broken, details are sparse with investigations ongoing into what actually happened.

Protection and Prevention

With the ever-present threat of data leaks and breaches, it’s never been more important to ensure your data is protected. The cybersecurity company, Trend Micro, have recently released an app specifically designed to meet the challenges that data leaks bring.

Available on Android and iOS, ID Security scours the dark web for any mention of your data (email address, passwords, codes etc.) in the event of it being sold or maliciously shared by cybercriminals.

As ever, if you’ve found this an interesting and/or useful read, please do SHARE with friends and family to help keep the community informed. 

In the meantime, you can get the low-down on these other recent data leaks:

Huge Stripchat Leak Exposes 65 Million Users
Panasonic Admits Data Leak — Everything We Know So Far
GoDaddy Announces 1.2 Million WordPress Websites Breached