they also issued a password reset mail.Hey sushubh,
We are contacting you today because we have learned of a data breach that occurred back in December 2014. The breach involved some of your personal information such as username, email and encrypted password. Although this happened in 2014, we only recently discovered this, and wanted to promptly provide notice as part of our commitment to your privacy.
THE GOOD NEWS
To any VIPs, no payment information was included in the breach. All payment data is securely held by payment processors and never within our own servers.
Next, in January 2015, we moved from version 1 of our site to version 2. In doing so, we removed any access outsiders had to your information and accomplished three key things to strengthen our security:
We moved to a more secure algorithm for storing passwords
Our platform change removed the exploit
The new infrastructure has far tighter restrictions
Our investigation is ongoing, but we believe a PHP exploit was used to capture data from Trakt users.
WHAT INFORMATION WAS INVOLVED
We have found that the information lost included email, username, encrypted passwords, name and location.
WHAT WE ARE DOING
We have reset passwords for affected users. Although we believe that our 2015 move to version 2 of our site stopped any ongoing access to user information, we are diligently monitoring our site.
WHAT YOU CAN DO
For all affected users, we have reset your passwords and you will receive an email with a reset link. In addition to that, if you are the type of user to re-use passwords on different sites, we recommend changing your password on all other sites as well. Remember, this is a password from Dec. 2014, so if you have since changed your password, you are already protected.
FOR MORE INFORMATION
We know you trust us with your data and we failed to protect it. We're incredibly sorry that this happened and hope that you'll let us earn your trust back.
- The Trakt Team