Commenting service Disqus released a statement informing customers of a data breach that occurred in 2012 affecting 17.5 million user accounts. Troy Hunt, security researcher and owner of the Have I Been Pwned breach notification service, discovered the breach and notified Disqus. According to Disqus, a snapshot of their user database from 2012, including information dating back to 2007, was exposed. The snapshot includes email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5 million users. The NJCCIC recommends that users of Disqus be on alert for phishing scams related to the breach.