Almost 29 million user accounts registered with Taringa!, a social network for Latin American and Spanish-speaking users that draws comparisons to Facebook and Reddit, was stolen last month in a major data breach.
HackRead was first to report on Monday that LeakBase, a subscription-based data breach notification website, was able to obtain a stolen database containing essentially 100 percent of Taringa!’s customer records –28,722,877 in total.
An advisory posted last month on the Taringa! website acknowledged that on Aug. 1, “we suffered an external attack that compromised the security of our databases and the code of Taringa!,” resulting in the apparent theft of customer information, including user names, email addresses, and encrypted passwords.
The passwords were hashed with a “weak MD5” algorithm, LeakBase reported via Twitter.
In response to the incident, Argentina-based Taringa! said it forced a password reset for all potentially affected users and emailed potential victims, and added that it plans to introduce more robust password encryption, and improve its intrusion detection and prevention, among other steps.