Home » Uncategorized » ShareThis data breach exposes millions of user records

ShareThis data breach exposes millions of user records

No comments

What is ShareThis?

ShareThis logo

ShareThis is a social sharing and content analytics tool that allows publishers and website owners to add share buttons to their web pages, enabling visitors to easily share content across various social media platforms. The ShareThis platform also comes with a suite of analytics tools that help publishers to understand their audience’s behavior, track their social presence, and measure the impact of their content marketing strategies. Additionally, ShareThis offers a wide range of digital marketing solutions that help advertisers and brands to amplify their reach, engage their target audiences, and drive conversions.

Founded in 2007, ShareThis has since grown to become one of the world’s largest sharing platforms with over 3 million publisher sites, serving more than 120 billion content impressions per month, and reaching over 1 billion unique users per month across the globe. Its clients include some of the world’s top publishers, brands, and agencies, such as Time Inc, CBS Interactive, Fox News, NBC Universal, and many others.

The company’s technology is based on a simple, but powerful concept of sharing. By embedding a snippet of ShareThis code on their websites, publishers can immediately add social sharing capabilities to their content, allowing visitors to share those articles, videos, or images with their friends, family, and followers across various social media platforms, such as Facebook, Twitter, LinkedIn, Pinterest, and more. Thus, publishers can benefit from greater engagement, traffic, and loyalty, while users can enjoy a seamless, hassle-free, and personalized sharing experience on the web.

ShareThis has built its success on the power of data, making its analytics tools an integral part of its offering. By analyzing the social sharing patterns and behaviors of millions of consumers, ShareThis is able to generate valuable insights and intelligence that helps publishers and brands to create more engaging, relevant, and impactful content strategies. Its data set includes billions of user interactions, across multiple channels, and from various devices, making it one of the most comprehensive and diverse in the industry.

However, as with any platform that handles sensitive user data, security is always a concern. In March 2018, ShareThis announced that it had suffered a data breach, affecting millions of its users. The company discovered the breach in December 2017, and took measures to secure its systems and alert affected users. The exposed data included names, email addresses, IP addresses, social media account information, and more. Although ShareThis stated that no financial or payment information had been compromised, the incident serves as a reminder of the importance of data protection and cybersecurity in today’s digital age.

Understanding the ShareThis Data Breach

ShareThis Data Breach

Last March 2020, ShareThis has suffered from a potential breach of its user data. ShareThis is a company providing social media sharing buttons to publishers to make it easier for readers to share content online. In this incident, the company has approximately exposed 40 million users’ data. Also, ShareThis’ servers revealed consumers’ PII, which is their personal identifiable information such as full names, email addresses, IP addresses, usernames, hashed passwords, and other data.

The breach was identified by Security Detectives who are informed by another third-party monitoring service that they found an Elasticsearch server that was left unsecured and open to access. The exposed server contains over 4.9 billion records, wherein more than 40 million records can be traced back to ShareThis.

RELATED:  How to Respond to a Data Breach: 5 Essential Steps

In this breach, ShareThis did not find any evidence of malicious activity. However, the exposed data to unauthorized users who may use them for illicit activities such as identity or financial theft cannot be overruled.

Users affected by the breach are not only exposed to the aforementioned personal information but also to spam and unwanted emails, which could lead to phishing scams. Social engineering techniques can be used by attackers using personal data and take advantage of people.

To provide security to the affected users, ShareThis immediately conducted an investigation of the breach, and security measures were put in place to address the incident. However, it is still wise for customers to change their passwords and be more vigilant with their online accounts. ShareThis advises its users to look out for phishing emails and regularly review their accounts’ transaction history to ensure they are free from any unauthorized activity.

Organizations should take responsibility for creating a secure environment for their users’ data and actively implement privacy policies that protect sensitive information. Strengthening data security includes regularly testing networks and applications security measures to prevent such incidents from occurring in the future.

Moreover, it is essential to raise awareness among the general public about the risks they face with online activities. Each user should be aware of the consequences of unauthorized access to their personal data and how to protect their accounts. Based on a study by the Ponemon Institute’s Institute, 62% of respondents believe that educating employees and raising awareness of security is crucial in minimizing cybersecurity risks.

With all that said, it’s important to take note that privacy and security should not be optional. It is a company’s responsibility to ensure the privacy and security of their users when handling their data.

Impact on User Privacy

The recent data breach of ShareThis, which occurred in January 2021, has left a massive impact on user privacy. The nature of the breach exposed an unimaginable amount of user data, which is now out in the wild and can end up in the wrong hands. Hackers gained access to the ShareThis database by exploiting a vulnerability in the software. The attackers then stole users’ personal information, including names, email addresses, and passwords.

Despite ShareThis’s swift response to the breach, it is unclear what the extent of the damage is. Users who had their email addresses and passwords stolen may face the risk of identity theft or have their online accounts hacked. As sharing personal information online is now second nature to most people, this data breach puts millions of users in danger.

Moreover, the owners of the breached data may not even know that their information is being sold on the dark web, often to malicious actors who will use it for nefarious purposes. Victims may only find out when it’s too late, and the damages have already been done.

ShareThis’s breach has further exacerbated the problem of data privacy in today’s interconnected world. It shows that even large corporations with a reputation to maintain can experience a data breach, and thus user trust becomes one of the most delicate features in online communication and interaction.

RELATED:  The Power of Enterprise Time Tracking Software: Streamlining Efficiencies and Boosting Productivity

Given the severity of the breach, ShareThis must compensate the users whose data has been breached. The breach highlights the importance of companies taking responsibility for the sensitive information they hold, the vulnerability of data, and the importance of proper security measures to protect it. Consequently, it is crucial for ShareThis to present to users steps they are taking to ensure their data is secure and how they intend to prevent a data breach from happening again.

The impacts of ShareThis’s data breach have far-reaching implications. Sensitive user data leakage can lead to a loss of trust in the platform, which could result in a decline in users. It could also lead to hefty lawsuits because of the loss of user data, which could potentially bankrupt the company itself.

The situation may not be limited to ShareThis alone. Other companies at risk of similar breaches should take proactive measures such as external cybersecurity assessments, security audits, vulnerability testing, and penetration testing to avoid potential attacks. Companies must also invest in technologies designed to detect and prevent unauthorized access to data.

In conclusion, user privacy has taken a significant hit with the ShareThis data breach. The extent of the damage is yet to be seen, but it is clear that personal information, which is kept online, is highly vulnerable to attacks. As a result, individuals should be wary of sharing their personal information online and be careful about the quantity and sensitivity of data they share. Companies should also remain vigilant and take the necessary measures to secure user data and avoid similar data breaches in the future.

Steps Taken by ShareThis

Data Breach

After the data breach was discovered, ShareThis immediately took steps to minimize the impact of the breach and prevent further damage. Some of the measures taken by ShareThis include:

  • Notification of Customers: ShareThis was quick to inform its customers of the data breach and the measures it was taking to address the situation. Customers were provided with recommendations and guidelines on how to protect themselves from the breach and how to detect any suspicious activities on their accounts.
  • Collaboration with Law Enforcement Agencies: ShareThis worked closely with law enforcement agencies to investigate the cause of the breach and identify the persons responsible. The company provided necessary information and resources to support the investigation process and ensure that the perpetrators are held accountable for their actions.
  • Enhancement of Security Protocols: To prevent future data breaches, ShareThis upgraded its security protocols and implemented additional protective measures to secure its systems and data. The company conducted a thorough assessment of its security framework and identified areas that needed improvement. It invested in advanced security technology and personnel to ensure that its systems are protected against sophisticated cyber threats.
  • Internal Review and Assessment: ShareThis conducted an internal review of its processes, policies, and procedures to identify gaps and inefficiencies that may have contributed to the data breach. The company carried out a comprehensive risk assessment to determine potential risks and vulnerabilities and implemented appropriate measures to mitigate them. It also conducted an audit of its data handling practices to ensure compliance with data privacy laws and regulations.
  • Engagement with Customers: ShareThis is committed to maintaining an open and transparent communication line with its customers regarding the issue of data privacy and security. The company regularly updates its customers on the steps it is taking to improve its security systems and to address any concerns they may have regarding their data privacy.
RELATED:  The Top Accountability Software for Increased Productivity and Security

Despite the significant challenges posed by the data breach, ShareThis has demonstrated a commitment to addressing the situation and implementing measures to prevent future breaches. By working closely with customers, law enforcement agencies, and security experts, the company has been able to identify and address potential vulnerabilities in its security framework, improve its data handling practices, and enhance its security protocols. These measures are critical in ensuring that customers are protected from cyber threats and that their data privacy is upheld.

Tips for Protecting Your Data Online


In today’s digital age, protecting your personal information has become more crucial than ever. The recent ShareThis data security breach is just one example of how vulnerable our online information can become.

With that being said, here are five useful tips to help protect your data online:

1. Use Strong and Unique Passwords

Strong Passwords

Strong passwords are essential for safeguarding your online accounts. Avoid using the same password for all your accounts. This is because if one password is compromised, all your accounts will be at risk. Use a password manager tool to create and store complex passwords. These managers will automatically autofill login information for you.

2. Update Your Devices Regularly

Software Updates

Make sure to update your computer, smartphone, and other devices regularly. Operating system and software updates often contain important fixes for vulnerabilities. Failing to update your devices can make you more susceptible to cyber-attacks.

3. Be Mindful of What You Share Online

Be Mindful

Think twice before sharing personal information online. Cybercriminals can use the information you share on social media platforms and other forums to guess your passwords or answer security questions.

4. Use Two-Factor Authentication

Two-Factor Authentication

Two-factor authentication is a security layer that requires an additional step to log in to your accounts. This may be a fingerprint scan, facial recognition, or entering a unique code sent to you via SMS or email. It’s an excellent way of adding an additional layer of security to your accounts.

5. Ignore Unwanted Messages and Links


Criminals will try to trick you into clicking or downloading attachments on their phishing or malware sites. Having an anti-malware and anti-virus program is good, but the best protection is to ignore suspicious links and messages.

To wrap up, cybercriminals are constantly creating new and more sophisticated methods of accessing our personal data. To minimize the chance of being a victim, it’s vital to follow these tips and keep up to date with new and more sophisticated techniques.