Mixcloud Data Breach: 21 Million User Accounts Compromised
CYBER NEWS

Mixcloud Data Breach: 21 Million User Accounts Compromised


Are you a Mixcloud user? You should know that the popular digital streaming platform has been through a data breach incident.

Apparently, a hacker compromised Mixcloud earlier this month, and is now selling data belonging to 21 million user accounts on the dark web.




Mixcloud Data Breach – More Information

The data breach was revealed a few days ago, when the hacker approached several journalists, including ZDNet and Motherboard, and shared data samples with them. In fact, Motherboard was the one to inform Mixcloud of the hack. “Company CTO and co-founder Mat Clayton said this was the first they had heard of the incident, and started investigating the issue,” Motherboard said.

Related: Macy’s Data Breach Exposed Customers’ Credit Cards in Skimming Attack

The samples show that the hacker is selling the users’ data on a black market forum, including usernames, email addresses, hashed password strings, users’ country of origin, registration dates, last login dates, and IP addresses
According to ZDNet, several users have confirmed they have registered a Mixcloud account recently, meaning that the data is real. The data has been verified by other news outlets as well. The data breach was also confirmed by the company in an official statement:

Our understanding at this time is that the incident involves email addresses, IP addresses and securely encrypted passwords for a minority of Mixcloud users. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.

The good news is that the passwords that the streaming platform stores are encrypted with salted cryptographic hashes and are believed to be “extremely difficult to unscramble”. This also means that the data, currently offered for sale on the dark web for $2,000, consists of email addresses and uncrackable passwords.

Thus, the platform says it has no reason to believe the passwords were actually compromised. However, it is advisable for users to change their passwords, especially if they have been using the same across multiple accounts.


Did you know? One of the biggest data breaches which affects “an unprecedented 4 billion user accounts spanning more than 4 terabytes of data” was also recently reported. Data Viper security researchers Bob Diachenko and Vinny Troia discovered a wide-open Elasticsearch server which was unprotected and accessible through a web browser at http://35.199.58.125:9200. No password or any form of authentication was in place to protect the data.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...