If you do any photo editing online, odds are good that you use PIXLR. It is one of the most popular such sites on the web because it offers many of the features you find in professional photo editing tools like Photoshop and is available for free (there’s also a premium version of the service that unlocks even more features).
Unfortunately, recently, the PIXLR site was hacked. According to the company, the hackers made off with data from nearly two million PIXLR users.
The hackers have been identified as the group that goes by the name of “ShinyHunters,” who are well known for stealing databases from high profile companies and selling stolen databases on the Dark Web. In recent months, the company has breached Homechef, Chatbooks, Promo, Mathway, Wattpad, and many others, making PIXLR the latest in a very long line of the group’s conquests.
In all, the database posted contains user records of 1,921,141 PIXLR users, including the user name of each account holder, their email address and a hashed version of the user’s password. Additionally, the database contains more esoteric details such as the user’s country, whether they’ve signed up to receive PIXLR’s newsletter and related details.
To date, PIXLR has not acknowledged or formally announced that a breach has occurred. Based on an analysis of the data performed by BleepingComputer, this appears to be a legitimate breach as the tested emails contained in the database have been confirmed to be valid PIXLR user email addresses.
If you use the service, the first, best thing you can do would be to change your password immediately. When you do this, it’s important to remember to change the password to something unique, as opposed to recycling a password you use on other websites you visit. That way, even if a hacker guesses or gains access to your password on this account, the damage will be limited.