Freecycle suffers serious breach of user data

Penny Horwood
clock • 1 min read
Freecycle suffers serious breach of user data

Millions of users urged to change passwords urgently

Popular not-for-profit Freecycle network has confirmed it suffered a serious data breach at the end of last month.

In a  statement the organisation said it became aware of the breach last week, but the breach itself may have occurred years ago. The statement said:

"On August 30th we became aware of a data breach on Freecycle.org. As a result, we are advising all members to change your passwords as soon as possible. We apologize for the inconvenience." 

According to the organisation, the stolen data includes usernames, User IDs, email addresses, and MD5-hashed passwords. The fact that the whole point of Freecycle is giving objects away in preference to sending them to landfill means that the organisation doesn't store any user financial data.

The statement continues:

"While most email providers do a good job at filtering out spam, you may notice that you receive more spam than usual," users were advised.

"As always, please remain vigilant of phishing emails, avoid clicking on links in emails, and don't download attachments unless you are expecting them."

Commenting to The Register, Freecycle  Executive Director Deron Beal said:

"We believe a server may have been exposed a couple years ago. And it looks to be an old breach as the data samples are old. The server in question is no longer exposed.

"Still, if someone hasn't changed their password, they should do so. Even though the data on Freecycle.org is not sensitive, some individuals may be using the same password elsewhere where data is more sensitive in nature."

You may also like
Transport for London hit by cyber incident

Hacking

Services unaffected

clock 03 September 2024 • 1 min read
Researchers ID security risks in GenAI development platforms

Threats and Risks

Exposes sensitive company data

clock 29 August 2024 • 2 min read
Halliburton apparently hit by major cyberattack

Hacking

Source claims attack, but company remains tight-lipped

clock 22 August 2024 • 2 min read
Penny Horwood
Author spotlight

Penny Horwood

Associate Editor focusing on diversity in tech and sustainability content.

Most read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Microsoft offers advice on avoiding another CrowdStrike-style outage

Microsoft offers advice on avoiding another CrowdStrike-style outage

Vendors should minimise use of kernel mode, customers should make full use of integrated Windows security features

John Leonard
clock 29 July 2024 • 3 min read
'Gay furry hackers' breach conservative US think tank behind Project 2025

'Gay furry hackers' breach conservative US think tank behind Project 2025

Heritage Foundation calls group "degenerate perverts"

Tom Allen
clock 11 July 2024 • 2 min read
Why 'change' for the UK must include cybersecurity

Why 'change' for the UK must include cybersecurity

Labour needs to to get ahead and demonstrate a commitment to security from the outset

Rick Jones
clock 11 July 2024 • 4 min read