Dailymotion hack exposes '85 million' user accounts

Re-used passwords suspected to be used in attack against the French video service

binary on a screen with words 'hacking attack'

A hack on French video-sharing site Dailymotion has exposed millions of user account details, with email addresses and usernames reportedly leaked online.

More than 85 million accounts were compromised in the attack, 18.3 million of which had associated passwords, according to LeakedSource, a security breach notification website that revealed the attack took place on 20 October.

Although the passwords were 'hashed', or jumbled to prevent attackers reading them easily, users are likely vulnerable to targeted phishing scams.

LeakedSource, which also discovered a recent hack on AdultFriendFinder, said the identity of the person behind the latest attack is unknown.

Advertisement
Advertisement - Article continues below

Dailymotion denied that any personal data had been compromised, and said the security threat came "from outside Dailymotion", possibly a reference to re-used passwords from cyber attacks on the likes of LinkedIn.

It said in a blog post today: "The hack appears to be limited, and no personal data has been compr[om]ised. Your account security is extremely important to us, and to be on the safe side, we are strongly advising all of our partners and users to reset their passwords. When defining a new password we recommend that your new password contains eight or more characters, is not obvious (EG: password1234), and not to use the same password on multiple sites."

Experts, however, have warned that the hack demonstrates that just because a company does not hold financial data, it could still be targeted for re-used passwords. Given the large volume of data reportedly stolen, attackers will be hoping to find some passwords that have been used elsewhere on other services.

This tactic was used most recently in the attack against the National Lottery group Camelot, which was forced to suspend almost 27,000 user accounts that were accessed through re-used passwords.

Dailymotion, a Paris-based video service similar to Youtube, is the 113th most popular website in the world, according to Alexa rankings.

As with any other data breach, users are encouraged to be on the look out for suspicious emails that may be phishing scams hiding malicious links. This also includes 'spear phishing' attacks, which exploit known personal information, such as bank suppliers or links to regularly visited websites.

If you believe your details could have been stolen in this, or any other attack, LeakedSource has a handy tool for tracing if your email address is included in leaked datasets.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/mobile/5g/354286/why-5g-could-be-a-cyber-security-nightmare
5G

Why 5G could be a cyber security nightmare

6 Dec 2019