Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
8tracks Hit With Breach of 18 Million Accounts
Hackers attack Internet radio user database, gaining access to email addresses and encrypted passwords.
1 Min Read
Hackers broke into Internet radio site 8tracks, resulting in a database breach of 18 million users' email addresses and encrypted passwords, according to an International Business Times report.
The online music site says in a blog post that only users who signed up for the service using their email got hit. Customers who rely on Google or Facebook to authenticate themselves did not have their passwords pilfered, 8tracks says.
The company believes an employee's Github account, which did not have two-factor authentication, served as the attack vector. When Github alerted the 8tracks employee of an unauthorized attempt to change their account password, that is when 8tracks realized a breach had ocurred.
"We do not believe this breach involved access to database or production servers, which are secured by public/private SSH-key pairs. However, it did allow access to a system containing a backup of database tables, including this user data. We have secured the account in question, changed passwords for our storage systems, and added access logging to our backup system," 8tracks states in its blog.
Read more about the breach here.
About the Author
You May Also Like
More Insights
Webinars
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024
