Hackers have exposed millions of accounts linked to video sharing website Dailymotion, swiping over 85 million unique usernames and email addressed according to data breach notification site LeakedSource.
The hack happened back in October 20, with 18 million encrypted passwords pinched along with the other data, but luckily for the users the password were scrambled using Bcrypt hashing algorithm which should make it more difficult for the hackers to access the accounts.
The French video website and pseudo YouTube rival noted that no personal data had been stolen in the hack attack.
“It has come to our attention that a potential security risk, coming from outside Dailymotion may have comprised the passwords for a certain number of accounts,” Dailymotion said.
“The hack appears to be limited, and no personal data has been comprised. Your account security is extremely important to us, and to be on the safe side, we are strongly advising all of our partners and users to reset their passwords.”
Security firms have slated the breach, with Emily Orton, director at machine learning security specialist Darktrace, noting that the website has been slow on bringing the breach to light.
“With 87 million accounts compromised, the Dailymotion hack is of a significant size, but the larger question is – when was the attack discovered? And why are we only just hearing about this data breach now?,” she said.
“If companies could see precisely what was happening on their network, in real time, then attacks such as this could be detected in their nascent stages, before they escalated into damaging data breaches. As it is, public confidence in Dailymotion’s ability to defend its customers’ data has been shaken.”
Mark James, IT security specialist at ESET, noted that problems run deep with such sites and their potential for data breaches.
“The internet has now made streaming content so easy, music and videos are readily available and cover all aspects of our daily lives,” said James.
“But of course to be part of this revolution you have to sign up, you need to choose a username and password, often give over personal information just to be a member of the site you’re signing up to. You have no choice in their security, no control over how, who or what they do as regards to keeping your data safe but your only real choice is “do I want your service or not?
“When or if your data gets compromised you need to check a few things and act quickly. Check and change your passwords on this site, if you have used that same password on any other site then change those immediately and possibly consider a password manager if you’re not already using one. Without further information about what was or was not stolen we won’t know the extent of the damage but needless to say more data being added to your already overflowing online profile floating around the web is not good for any of us.”
This year has been a bumper year for data breaches, what with the massive Yahoo hack coming to light. Such hacks are becoming so prevalent that we have a rundown of the top 10 big data breaches that have cropped up over the recent years.
How well do you know network security? Try our quiz and find out!
After previously expressing its concern, the British Government now confirms a national security review of…