1. Jim Walker

    Sadly, I just tested an old Disqus account from 2011 and my password still works.

    The company downplayed this in their press release, saying they’ve done forced password changes since, but that does not appear to be the case. Suffice it to say, the Disqus hack is real and folks need to listen — particularly if they are prone to using the same password everywhere…

    That said, I’m waiting to hear the how. Now that should be interesting.

    Thank you for keeping up the good fight Mr. C.


    • fwolf

      and THAT is why I’ve always been dislking Disqus. A centralized solution – meaning easy break-in if anything goes awry. Which apparently happened.

      But of corpse a fancy solution like D. is sooo much better than the decentralited regular comment system of WP .. tsk.

      cu, w0lf.


    • Ajay

      Worked for me as well and I just logged in and closed some very old accounts. Assume I wasn’t one of the 17.55m people affected.

      Guess I need to dedicate a bit of time closing a tonne of accounts that I haven’t used…


    • Cavalary

      It says that 17.5M accounts were breached and encrypted passwords were included for about a third, so your account may well not be among those affected and therefore there’d be no reason for the password to be reset. (Also, if you didn’t receive an e-mail from them one’d assume it wasn’t reset either way. Would be quite an issue if they’d reset passwords without notifying.)


    • JP

      Companies always try to downplay something when it’s bad. It becomes PR damage control at that point. So no surprise there.


  2. Rojan Tom

    I used disqus more than 5 years ago, very good comment platform but accidentally while removing discuss, all of my comments are doubled in wordpress and still it stay doubled. fate.


  3. Jeffrey

    Aren’t they supposed to contact FBI for investigation?


  4. BJ Keeton

    I hate this happened, but it’s expected. The downplaying is normal, especially with security and data breaches being so prominent, but if only 1/3 of the accounts being compromised, it’s not surprising that many of us didn’t get the email or auto-reset.

    Despite the issues, I think a system like Disqus works better in a lot of ways than other commenting systems just because of how they’re connected on a network (I get my notifications from tons of convos this way), the same with WP.com or .org logins, too.


Comments are closed.

%d bloggers like this: