WeHeartIt, an image sharing website, suffered a data breach in late 2013. However, the breach was not discovered until it suddenly appeared on the web a few years later. The company stated that the data breach affected over 8 million customers.
The WeHeartIt data breach took place in late 2013 and the breached data includes email addresses, usernames and passwords. According to WeHeartIt themselves, although the passwords were encrypted, the encryption algorithm was weak:
the encryption algorithms commonly used to encrypt passwords in 2013 are no longer secure due to advancements in computer hardware.
WeHeartIt
In a blog post the company said that it has made improvements to its security protocols, password security, its database and the whole system in general. At the time the data breach was announced, the company was still hashing their customers’ passwords with a more secure password hashing algorithm – BCrypt.
The WeHeartIt data breach does not hold that many records compared to some of the other data breaches but on the other hand, it holds over 8 million records. With that many people at risk, naturally there are hundreds of email domains used by WeHeartIt customers. Here’s the top 100 email domains used in the breach:
| # | Email Domain | Quantity |
| 1 | hotmail.com | 2,588,267 |
| 2 | gmail.com | 2,324,102 |
| 3 | yahoo.com | 1,064,937 |
| 4 | live.com | 146,636 |
| 5 | aol.com | 136,488 |
| 6 | hotmail.fr | 118,576 |
| 7 | hotmail.co.uk | 108,108 |
| 8 | qq.com | 79,613 |
| 9 | mail.ru | 75,017 |
| 10 | web.de | 74,567 |
| 11 | ymail.com | 66,480 |
| 12 | hotmail.it | 62,257 |
| 13 | hotmail.de | 53,262 |
| 14 | live.nl | 43,240 |
| 15 | gmx.de | 39,798 |
| 16 | icloud.com | 36,766 |
| 17 | aim.com | 33,472 |
| 18 | msn.com | 32,750 |
| 19 | me.com | 32,651 |
| 20 | hotmail.es | 32,005 |
| 21 | googlemail.com | 30,525 |
| 22 | live.fr | 30,118 |
| 23 | rocketmail.com | 29,613 |
| 24 | live.se | 29,113 |
| 25 | live.it | 24,632 |
| 26 | yahoo.de | 23,530 |
| 27 | outlook.com | 23,372 |
| 28 | yahoo.com.br | 21,916 |
| 29 | live.co.uk | 21,192 |
| 30 | comcast.net | 20,587 |
| 31 | windowslive.com | 18,252 |
| 32 | live.no | 17,768 |
| 33 | hotmail.con | 16,779 |
| 34 | libero.it | 16,734 |
| 35 | yandex.ru | 16,515 |
| 36 | wp.pl | 16,196 |
| 37 | yahoo.co.uk | 16,114 |
| 38 | 163.com | 15,317 |
| 39 | live.de | 15,186 |
| 40 | hotmail.ca | 15,115 |
| 41 | abv.bg | 14,790 |
| 42 | live.ca | 14,455 |
| 43 | hotmail.se | 14,280 |
| 44 | seznam.cz | 14,138 |
| 45 | yahoo.fr | 13,854 |
| 46 | i.softbank.jp | 13,034 |
| 47 | hotmail.nl | 13,004 |
| 48 | hotmail.no | 12,899 |
| 49 | yahoo.co.id | 12,790 |
| 50 | live.com.mx | 12,590 |
| 51 | ezweb.ne.jp | 12,054 |
| 52 | freemail.hu | 11,482 |
| 53 | gmail.con | 10,142 |
| 54 | sbcglobal.net | 9,710 |
| 55 | yahoo.it | 9,688 |
| 56 | citromail.hu | 9,660 |
| 57 | live.com.au | 9,123 |
| 58 | t-online.de | 8,970 |
| 59 | orange.fr | 8,324 |
| 60 | inbox.lv | 8,215 |
| 61 | att.net | 7,922 |
| 62 | yahoo.ca | 7,829 |
| 63 | live.dk | 7,777 |
| 64 | walla.com | 7,770 |
| 65 | o2.pl | 7,462 |
| 66 | verizon.net | 7,050 |
| 67 | mail.com | 6,982 |
| 68 | gmx.net | 6,905 |
| 69 | 126.com | 6,745 |
| 70 | gmx.at | 6,713 |
| 71 | yahoo.con | 6,555 |
| 72 | laposte.net | 6,411 |
| 73 | hotmail.co.nz | 6,078 |
| 74 | naver.com | 6,064 |
| 75 | live.cl | 5,505 |
| 76 | hotmail.be | 5,484 |
| 77 | rambler.ru | 5,476 |
| 78 | bk.ru | 5,414 |
| 79 | softbank.ne.jp | 5,309 |
| 80 | live.com.ar | 5,139 |
| 81 | yahoo.com.ph | 4,994 |
| 82 | live.be | 4,950 |
| 83 | hotmail.com.ar | 4,835 |
| 84 | yahoo.es | 4,786 |
| 85 | yahoo.co.jp | 4,715 |
| 86 | interia.pl | 4,604 |
| 87 | cox.net | 4,528 |
| 88 | op.pl | 4,419 |
| 89 | luukku.com | 4,371 |
| 90 | hotmail.ch | 4,272 |
| 91 | yahoo.gr | 4,233 |
| 92 | bluewin.ch | 4,189 |
| 93 | alice.it | 4,098 |
| 94 | hotmail.fi | 4,085 |
| 95 | btinternet.com | 4,063 |
| 96 | yahoo.com.mx | 4,049 |
| 97 | onet.pl | 3,963 |
| 98 | sina.com | 3,944 |
| 99 | yahoo.com.au | 3,883 |
| 100 | gmx.ch | 3,822 |
Looking at the data, we can tell that WeHeartIt had customers from multiple countries – the TLDs alone tell a lot:
| # | Email Domain | Quantity | Country |
| 1 | bluewin.ch | 2,588,267 | Switzerland |
| 2 | hotmail.fr | 118,576 | France |
| 3 | hotmail.co.uk | 108,108 | Great Britain |
| 4 | mail.ru | 75,017 | Russia |
| 5 | web.de | 74,567 | Germany |
| 6 | hotmail.es | 32,005 | Spain |
| 7 | live.se | 29,113 | Sweden |
| 8 | live.it | 24,632 | Italy |
| 9 | yahoo.com.br | 21,916 | Brazil |
| 10 | live.no | 17,768 | Norway |
| 11 | wp.pl | 16,196 | Poland |
| 12 | hotmail.ca | 15,115 | Canada |
| 13 | abv.bg | 14,790 | Bulgaria |
| 14 | seznam.cz | 14,138 | Czech Republic |
| 15 | i.softbank.jp | 13,034 | Japan |
| 16 | hotmail.nl | 13,004 | The Netherlands |
| 17 | yahoo.co.id | 12,790 | India |
| 18 | citromail.hu | 9,660 | Hungary |
| 19 | live.com.au | 9,123 | Australia |
| 20 | inbox.lv | 8,215 | Latvia |
| 21 | live.dk | 7,777 | Denmark |
| 22 | live.com.ar | 5,139 | Argentina |
| 23 | yahoo.com.ph | 4,994 | The Phillipines |
| 24 | live.be | 4,950 | Belgium |
| 25 | hotmail.fi | 4,085 | Finland |
The WeHeartIt data breach contained email addresses beginning with numbers. Here’s the breakdown:
| The Number An Email Address Starts With | Quantity |
| 0 | 3,177 |
| 1 | 30,795 |
| 2 | 13,199 |
| 3 | 12,237 |
| 4 | 11,575 |
| 5 | 9,619 |
| 6 | 6,580 |
| 7 | 7,735 |
| 8 | 7,174 |
| 9 | 7,956 |
Here’s the breakdown of email addresses beginning with letters:
| The Letter An Email Address Starts With | Quantity |
| a | 849,437 |
| b | 395,243 |
| c | 545,333 |
| d | 354,621 |
| e | 336,285 |
| f | 226,617 |
| g | 260,492 |
| h | 257,914 |
| i | 225,872 |
| j | 473,717 |
| k | 432,979 |
| l | 599,189 |
| m | 901,829 |
| n | 333,116 |
| o | 93,303 |
| p | 284,974 |
| q | 17,981 |
| r | 301,848 |
| s | 744,387 |
| t | 323,095 |
| u | 27,246 |
| v | 185,368 |
| w | 90,045 |
| x | 69,911 |
| y | 92,432 |
| z | 70,105 |
As the breached data had also contained usernames, here’s the breakdown of usernames beginning with numbers:
| The Number A Username Starts With | Quantity |
| 0 | 7,636 |
| 1 | 24,458 |
| 2 | 8,688 |
| 3 | 7,183 |
| 4 | 4,344 |
| 5 | 4,387 |
| 6 | 2,641 |
| 7 | 4,190 |
| 8 | 3,294 |
| 9 | 4,442 |
Here’s the breakdown of usernames beginning with letters:
| The Letter A Username Starts With | Quantity |
| a | 799,366 |
| b | 411,781 |
| c | 527,253 |
| d | 354,888 |
| e | 315,451 |
| f | 245,673 |
| g | 238,174 |
| h | 276,455 |
| i | 272,739 |
| j | 437,981 |
| k | 407,330 |
| l | 616,830 |
| m | 859,625 |
| n | 324,536 |
| o | 105,614 |
| p | 282,271 |
| q | 20,637 |
| r | 285,472 |
| s | 745,826 |
| t | 343,690 |
| u | 37,564 |
| v | 174,377 |
| w | 105,421 |
| x | 93,553 |
| y | 104,884 |
| z | 69,486 |
The WeHeartIt data breach, although relatively small, is a reminder that old systems are targets of hackers too – even legacy systems that have been abandoned by developers can come back to haunt them years later.
There have been rumors about a data breach targeting Schneider Electric. Did a data breach…
There have been rumors about the Fiskars Group – the company behind Fiskars scissors and…
Russia has fined Google more than two undecillion roubles because Google has refused to pay…
Why does RockYou 2024.txt look like a binary file when you open it up? Find…
Duolicious is a dating app that connects people who are “chronically online.” Did the Duolicious…
This blog will tell you what RockYou 2024 is, how RockYou 2024.txt came to be,…