As we approach the end of 2016, the rate of data breach – or more accurately data breach discoveries – doesn’t appear to be slowing.
The BBC reported on Tuesday (here) that the Dailymotion subsidiary of French media company Vivendi had details of more than 85 million users stolen, including usernames, email addresses and passwords, although the passwords had been encrypted using the Bcrypt algorithm.
Dailymotion said the impact of the breach was limited and no personal information had been lost.
It’s perhaps worrying that Daily Motion were advised of the breach by an external agency – Leakedsource.
It said: “It has come to our attention that a potential security risk, coming from outside Dailymotion may have comprised the passwords for a certain number of accounts.”
Mark James, a security specialist at security firm ESET commented: “Check and change your passwords on this site, if you have used that same password on any other site then change those immediately and possibly consider a password manager if you’re not already using one.”
He added: “Without further information about what was or was not stolen, we won’t know the extent of the damage – but needless to say more data being added to your already overflowing online profile floating around the web is not good for any of us.”
The BBC added, scarily – “This year has seen a series of massive data breaches, with experts saying there are now 1.5 billion stolen credentials available to hackers and attackers online.”
And, once again, let’s look at the potential post GDPR fines, had personal data been leaked – Vivendi’s revenue last year was €10.76 billion, a 4% fine would be €430 million – ouch!
Is your company preparing for GDPR?
We can help, get in touch.