Apparently, a hacker compromised Mixcloud earlier this month, and is now selling data belonging to 21 million user accounts on the dark web.
Mixcloud Data Breach – More Information
The data breach was revealed a few days ago, when the hacker approached several journalists, including ZDNet and Motherboard, and shared data samples with them. In fact, Motherboard was the one to inform Mixcloud of the hack. “Company CTO and co-founder Mat Clayton said this was the first they had heard of the incident, and started investigating the issue,” Motherboard said.
The samples show that the hacker is selling the users’ data on a black market forum, including usernames, email addresses, hashed password strings, users’ country of origin, registration dates, last login dates, and IP addresses
According to ZDNet, several users have confirmed they have registered a Mixcloud account recently, meaning that the data is real. The data has been verified by other news outlets as well. The data breach was also confirmed by the company in an official statement:
Our understanding at this time is that the incident involves email addresses, IP addresses and securely encrypted passwords for a minority of Mixcloud users. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.
The good news is that the passwords that the streaming platform stores are encrypted with salted cryptographic hashes and are believed to be “extremely difficult to unscramble”. This also means that the data, currently offered for sale on the dark web for $2,000, consists of email addresses and uncrackable passwords.
Thus, the platform says it has no reason to believe the passwords were actually compromised. However, it is advisable for users to change their passwords, especially if they have been using the same across multiple accounts.
Did you know? One of the biggest data breaches which affects “an unprecedented 4 billion user accounts spanning more than 4 terabytes of data” was also recently reported. Data Viper security researchers Bob Diachenko and Vinny Troia discovered a wide-open Elasticsearch server which was unprotected and accessible through a web browser at http://184.108.40.206:9200. No password or any form of authentication was in place to protect the data.