Dailymotion hack exposes '85 million' user accounts

Re-used passwords suspected to be used in attack against the French video service

binary on a screen with words 'hacking attack'

A hack on French video-sharing site Dailymotion has exposed millions of user account details, with email addresses and usernames reportedly leaked online.

More than 85 million accounts were compromised in the attack, 18.3 million of which had associated passwords, according to LeakedSource, a security breach notification website that revealed the attack took place on 20 October.

Although the passwords were 'hashed', or jumbled to prevent attackers reading them easily, users are likely vulnerable to targeted phishing scams.

LeakedSource, which also discovered a recent hack on AdultFriendFinder, said the identity of the person behind the latest attack is unknown.

Dailymotion denied that any personal data had been compromised, and said the security threat came "from outside Dailymotion", possibly a reference to re-used passwords from cyber attacks on the likes of LinkedIn.

It said in a blog post today: "The hack appears to be limited, and no personal data has been compr[om]ised. Your account security is extremely important to us, and to be on the safe side, we are strongly advising all of our partners and users to reset their passwords. When defining a new password we recommend that your new password contains eight or more characters, is not obvious (EG: password1234), and not to use the same password on multiple sites."

Experts, however, have warned that the hack demonstrates that just because a company does not hold financial data, it could still be targeted for re-used passwords. Given the large volume of data reportedly stolen, attackers will be hoping to find some passwords that have been used elsewhere on other services.

This tactic was used most recently in the attack against the National Lottery group Camelot, which was forced to suspend almost 27,000 user accounts that were accessed through re-used passwords.

Dailymotion, a Paris-based video service similar to Youtube, is the 113th most popular website in the world, according to Alexa rankings.

As with any other data breach, users are encouraged to be on the look out for suspicious emails that may be phishing scams hiding malicious links. This also includes 'spear phishing' attacks, which exploit known personal information, such as bank suppliers or links to regularly visited websites.

If you believe your details could have been stolen in this, or any other attack, LeakedSource has a handy tool for tracing if your email address is included in leaked datasets.

Featured Resources

BIOS security: The next frontier for endpoint protection

Today’s threats upend traditional security measures

Download now

The role of modern storage in a multi-cloud future

Research exploring the impact of modern storage in defining cloud success

Download now

Enterprise data protection: A four-step plan

An interactive buyers’ guide and checklist

Download now

The total economic impact of Adobe Sign

Cost savings and business benefits enabled by Adobe Sign

Download now

Recommended

8 of the most secure web browsers
web browser

8 of the most secure web browsers

25 Sep 2020
Your essential guide to internet security
Security

Your essential guide to internet security

23 Sep 2020
How to enable private browsing on any device
privacy

How to enable private browsing on any device

22 Sep 2020
Third-party apps are tracking your WhatsApp activity
social media

Third-party apps are tracking your WhatsApp activity

21 Sep 2020

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020
The Xbox Series X shows how far the cloud still has to go
Cloud

The Xbox Series X shows how far the cloud still has to go

25 Sep 2020