Acne.org, a website that provides information and a forum for the community for people afflicted with skin acne, was allegedly breached in November 2014. As a result, it was reported that 430,000 forum members’ information including their dates of birth, email addresses, IP addresses, passwords and usernames were stolen and traded on the underground forums.
When users inquired as to whether this information was accurate, the Acne.org administrator advised that they could not verify that any passwords were breached in November 2014 because they used a 2 step, 1-way encryption system and employ all top security protocols for personal data saved on their servers. As of the announcement, they were still verifying whether any email addresses were compromised.
If it turns out that there was a breach in November 2014 of the Acne.org servers, this would unfortunately not be the first time. in April 2012, Acne.org notified members that they were hacked and that parts of the website were taken down, requiring a backup of the website to be restored so that the website could function properly once again. During this breach, there was seemingly no hack of member’s personal data, simply an interruption of service on the website and anyone who had joined the website and its forums near the time of the hack may have to re-register because their profile would have been deleted as a result of the breach.
Despite believing that no personal data was breached, the Administrator recommended to members that they reset their login information for safety.