Security News > 2021 > January > Hacker posts 1.9 million Pixlr user records for free on forum
A hacker has leaked 1.9 million Pixlr user records containing information that could be used to perform targeted phishing and credential stuffing attacks.
Pixlr is a very popular and free online photo editing application with many of the same features found in a professional desktop photo editor like Photoshop.
Over the weekend, a threat actor known as ShinyHunters shared a database for free on a hacker forum that he claims was stolen from Pixlr while he breached the 123rf stock photo site.
The alleged Pixlr database posted by ShinyHunters contains 1,921,141 user records consisting of email addresses, login names, SHA-512 hashed passwords, a user's country, whether they signed up for the newsletter, and other internal information.
If the same password at Pixlr is used at other sites, you should change your password at these sites and one unique for the site.
Originally, we stated 1.4 million user records, but the actual number is 1.9 million.