Millions of accounts associated with video-sharing site Dailymotion, one of the biggest video platforms in the world, have been stolen.
A hacker extracted 85.2 million unique email addresses and usernames from the company's systems, but about one-in-five accounts -- roughly 18.3 million-- had associated passwords, which were scrambled with the bcrypt hashing function, making the passwords difficult to crack.
The hack is believed to have been carried out on Oct. 20 by a hacker, whose identity isn't known, according to LeakedSource, a breach notification service, which obtained the data. Dailymotion launched in 2005 and is currently the 113rd most-visited website in the world, according to Alexa rankings. A sample of the data was provided.
Experts verified the data by matching up plaintext passwords with the hashed password found against the email address using a readily available online tool. In one case, the email address and password combination were unique to Dailymotion, suggesting that the data could only have come from the video-sharing site.
Experts also reached out to a number of people whose email addresses were found in the data, but nobody responded by the time of publication. But because of the password security and that only a portion of the accounts had associated passwords, the damage is somewhat limited for Dailymotion customers. In any case, it can't hurt to change your password to be safe. Earlier adult dating site company Friend Finder Networks was hacked, exposing the private details of over 412 million accounts and making it the largest data breach ever recorded.