Freecycle Confirms Data Breach Impacting Over 7 Million Users

Freecycle, a well-known online forum dedicated to promoting the exchange of used items to reduce waste, has officially confirmed a major data breach that has affected more than 7 million of its users.

The nonprofit organization disclosed that it became aware of the breach on August 30th, several weeks after a threat actor initially placed the stolen data for sale on a hacking forum on May 30th. Users who may have been affected by the breach have been strongly advised to change their passwords immediately to safeguard their accounts.

The incident is particularly concerning because screenshots shared by the threat actor responsible for the breach indicate that not only were user credentials compromised, but the personal information of Freecycle's founder and executive director, Deron Beal, was also stolen. This access potentially provided the threat actor with full access to member data and forum posts.

Deron Beal, in a notification prominently displayed on Freecycle's homepage, addressed the breach and urged all members to take immediate action to protect their accounts. His statement reads, "On August 30th, we became aware of a data breach on Freecycle.org. As a result, we are advising all members to change their passwords as soon as possible. We apologize for the inconvenience and would ask that you watch this space for further pending background."

The breach is a reminder of the growing threats to online security and the importance of vigilance in protecting personal information. Freecycle is working diligently to investigate the breach and enhance its security measures to prevent such incidents from occurring in the future.