The image sharing website Imgur is a fascinating place that contains its own ecosystem similar to that of Reddit, but that ecosystem suffered a bit of a shock at the weekend.

The website’s chief operating officer Roy Sehgal explained in a blog that Imgur had suffered a security breach in 2014 that affected some 1.7 million users.

The data breach was discovered by none other than security researcher and creator of HaveIBeenPwned.com, Troy Hunt. The researcher and Sehgal worked together to determine the whether the data related to Imgur users.

It was discovered that the data was compromised in 2014 and included email addresses and passwords secured with SHA-256. Users that had an account on Imgur in 2014 should update their passwords because SHA-256 encryption is known to be rather susceptible to brute-force attacks.

“We are still investigating how the account information was compromised,” said Sehgal in a statement.

Users who have questions about the breach can contact Imgur support but, in the interim, update your passwords.

“We take protection of your information very seriously and will be conducting an internal security review of our system and processes. We apologize that this breach occurred and the inconvenience it has caused you,” concluded the Imgur COO.

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.