HomeUpdateFirefox confirmed WordPress gravatar data breach in mails.

Firefox confirmed WordPress gravatar data breach in mails.


We independently research, test, review, and recommend the best products—learn more about our process. If you buy something through our links, we may earn a commission. learn more

Last Updated on 06/12/2021 by TheDigitalHacker

Gravatar, which is powered by the same company as WordPress has been reported to have one of the biggest data breaches in history.

As per BuiltWith, 6,358,273 websites use gravatar to offer avatar(Profile Image) services to their users.

Stats about the hacking

167 million names, usernames, and MD5 hashes of email addresses used to reference users’ avatars were subsequently scraped and distributed within the hacking community and dark web.

114 million of the MD5 hashes were cracked and distributed alongside the source hash, thus disclosing the original email address and accompanying data.

Back around 2020, security researched Carlo Di Dato demonstrated the flaw but Automatic, The company that powers gravatar and WordPress was ignorant.

Apart from WordPress, the website list also includes popular sites likes GitHub, Slack, StackOverflow, Disqus, P2, WordPress.com, wordpress.org, and many other popular websites that use gravatar for their service.

Firefox Confirmation

Firefox confirmed WordPress gravatar data breach in mails. 1

The hacked data was rotated so much that it has now reached Firefox and https://haveibeenpwned.com/. The users are being informed about the breach.

How this data can be used?

Your fake profiles in Secret groups: This data breach will also expose the identity of users hiding their identity on different sites with different names but the same email address.

Finding which Sites You use: The breached data can also be used to find one’s account on different sites.

Targetted advertising: As the footsteps will be clear, One can use these emails to do targetted advertising by sending bulk emails or even remarketing through Facebook and google remarketing.

thedigitalhacker.com is an independent organization publishing news and information about data breach, hacking, bad actors in the industry, Our goal is to keep you updated with the latest happenings in the tech industry. You can report a breach anonymously with our report form
- Advertisment -

Must Read

Data Science Drives Personalized Marketing and Customer Engagement to New Heights...

Personalized marketing and customer engagement are crucial for businesses to thrive in the current digital era. Because data science makes it possible for marketers...