Dailymotion brought to a Standstill
Thu 12 Jan 2017
The final days of 2016 seemed to bring with them news of yet another celebrity death. Away from the spotlight, 2016 also brought with it data breach upon data breach upon data breach. One of the last – and biggest of 2016 – was the news that one of the planet’s biggest video platforms, Dailymotion, in which users upload, share and watch videos, had been hacked and the details of over 85 million user accounts exposed. While this is a rough 15 million short of the 1 billion mark achieved by the hack launched against Yahoo, it still makes this one of the biggest hacks of last year.
Four Weeks to Sell and Circulate
The Dailymotion breach took place in October 2016, but not discovered until a month later, giving hackers four weeks to circulate, buy and sell appropriated data. The stolen data comprised of over 85 million unique email addresses and usernames and around 20 out of every hundred of the accounts had hashed passwords tied to them. The passwords were protected using the Bcrypt hashing algorithm with ten rounds of rekeying, making it difficult for hackers to obtain users’ actual password. Bcrypt is a cryptographic algorithm that makes the hashing process impossibly slow; it would take hundreds of years to brute-force a user’s password.
Dealing with Hackers – before they strike
In spite of this, even those Dailymotion users who have not had their passwords leaked online would be wise to be careful, as online criminals could still use their email addresses and usernames to craft spear-phishing attacks or launch spam campaigns designed to steal further details or spread malware. The best advice is to use a good password manager to securely store your passwords, randomly generate new ones, and consign weak and reused passwords to the dustbin. Where possible, enable two-step authentication in order to give hackers an additional hurdle to gain access to your account – in many cases it will be enough to stop them dead in their tracks and find a softer target.
Comments are closed.