Dailymotion video-sharing website has suffered a massive data breach, exposing 85 million accounts of users.
Dailymotion video-sharing website launched in 2005 and is considered to be the 113th most-visited website across the world.
According to the data breach notification LeakedSource, the website confirmed to have received a database of 87.6 million user accounts with unique email addresses.
The database includes email addresses, usernames and more than 18 million of the records includes password hashes. The passwords were encrypted with Bcrypt hashing algorithm, with ten rounds of rekeying and considered as secure and hard to crack.
Bcrypt hashing is a cryptographic algorithm which makes the hashing process extremely slow that would make SHA1 and MD5 password crack nearly impossible.
ZDNet also received a sample of the stolen database and confirmed that the data is indeed from the website, but Dailymotion did not respond with any comments. According to ZDNet, “We verified the data by matching up plaintext passwords with the hashed password found against the email address using a readily available online tool. In one case, the email address and password combination were unique to Dailymotion, suggesting that the data could only have come from the video-sharing site.”
According to the LeakedSource website, hackers have stolen the archive around October 20, whose identity is still unknown.
Although the passwords were hashed but the emails contained in the database could be used for potential spam campaigns, and attackers can use them in targeted phishing campaigns.
If you use DailyMotion and one of the 18 million affected users whose hashed password has leaked, you are advised to change your password on the website, and on other websites that use your same password.
LeakedSource has added the stolen Dailymotion database on its search index which you can check whether it includes your account.
Moreover, it is advised to set complex passwords where ever possible. You can use LastPass or Keypass password managers to encrypt all your passwords with a master password.
Share this article
About the Author
Peter Buttler an Infosec Journalist and Tech Reporter, Member of IDG Network. In 2011, he completed Masters in Cybersecurity and technology. He worked for leading security and tech giants as Staff Writer. Currently, he contributes to a number of online publications, including The Next Web, CSO Online, Infosecurity Mag, SC Magazine, Tripwire, GlobalSign CSO Australia, etc. His favorite areas Online Privacy, AI, IoT, VR, Blockchain, Big Data, ML, Fintech, etc. You can follow him on twitter.
More from Peter ButtlerRelated Posts
Passengers’ Data Stored on User Devices, not on DigiYatra Storage, says India Govt
KEY TAKEAWAYS Unblocking streaming content from Amazon Prime is easy only if you know the reliable V...
NCSC Chief: Clear Rules Needed to Prevent Cyberspace Conflict and Struggle
A safe and secure digital world necessitates a clear definition and enforcement of international cyb...
‘Revive’ has been upgraded to a banking Trojan on Android
This month, Cleafy’s security researchers discovered a new Android Banking Trojan in the wild....
Asian Industrial Control Systems Targeted by Hackers Using the Shadowpad Backdoor
Unpatched Microsoft Exchange servers in various Asian countries were the target of an attack campaig...
Data Breaches Could Occur Due to Kubernetes Misconfigurations That Were Leaked.
Over 900,000 Kubernetes (K8s) have been discovered to be vulnerable to malicious scans and/or data-e...
Attacks by Cybercriminals Will Become the Main Threat in 2024. Privacy Issues Tendencies
Internet Privacy is the main Concern today Advertisers track your online activities and interf...
