123RF BreachDate: November 2020

123RF is a stock photography company. It sells royalty-free imagery to anyone willing to buy and has been expanding since 2020 to help include the growing web-based content market.

What Was the Breach?

The breach was an attack on the photo-managing site. The site’s owner, Inmagine Group, immediately contacted authorities and found that the violation affected certain account information, including passwords. Inmagine assured users that the passwords were hashed, but Bleeping Computer could easily unencrypt the passwords of several accounts.

How Did the Breach Occur?

The breach occurred when a third party accessed 123RF’s internal systems. These systems housed customers’ emails, names, company names, hashed passwords, addresses, phone numbers, IP addresses, and PayPal emails if the victims used PayPal. Now, the hacker has access to the personal information of these people.

When Did This Breach Occur?

This breach occurred in November 2020.

Who Does the Breach Impact?

The breach impacts a good portion of the 123RF consumer base. The hacker could quickly launch multiple attacks on the victims, including phishing attacks and other types of scams. Anyone victimized by the breach must remain vigilant and keep themselves safe.

How Many Files Does the Breach Affect?

The breach affects over 8.3 million consumer files. The data was copied from the system, not stolen, so 123RF still had access to the information when customers used the site. Therefore, the customers can still use the site, though the owners are recommending anyone affected by the breach change their password to decrease risk.


Recent Breaches

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address