Data breach hits Freecycle, affecting over 7 million users

Freecycle, an online platform for exchangin and reusing items within local communities, has confirmed a data breach impacting over 7 million users. The breach was discovered when the stolen information was put up for sale on a hacking forum on May 30. In response, Freecycle urged its users to change their passwords immediately.

The compromised data includes usernames, User IDs, email addresses, and MD5-hashed passwords. The company (and we) recommend that users check if their data has been compromised using data breach tools such as Have I Been Pwned. Screenshots posted by the hacker revealed that Freecycle's founder and executive director, Deron Beal's credentials were also compromised, granting full access to user information and forum posts.

Upon the breach discovery, Freecycle alerted its users and recommended password changes, particularly for those using the same login details on other platforms. Users could reset their passwords via profile settings or email, although email resets may be delayed due to high traffic. Freecycle also reported the breach to the authorities and warned users of potential phishing attempts and spam emails.