8tracks Internet Radio Service Hacked; Details of Millions of User Accounts Stolen

8tracks Internet Radio Service Hacked; Details of Millions of User Accounts Stolen

- in Internet

8tracks Internet Radio Service Hacked; Details of Millions of User Accounts Stolen

HIGHLIGHTS

  • 8tracks confirmed breach and is urging users to change their passwords
  • It says that the hashed password can only be accessed through brute force
  • 8tracks has identified the the attack vector used by the hacker

Blame it on bad passwords or the fact that the Internet is just no longer safe, but reports of data breaches seem to have shot up in the past few years. In what seems to be a breach similar to the massive Dropbox and LinkedIn debacles of the past, popular Internet radio service 8tracks has been hacked, potentially leaving millions of accounts vulnerable.

The data breach reportedly gave hackers account details of millions of users dating back to 2008, Motherboard learned from breach notification site LeakBase. The site obtained a dataset of 6 million 8track usernames, email IDs and hashed passwords, out of a total 18 million accounts. It further found that the passwords were hashed using ageing but still widely used SHA1 algorithm, something Google recently cracked, leaving them unsecure.

8tracks is aware of the breach and explained in a blog post that the hashes are difficult to access and can only be done through brute force attacks, which is complex and unlikely. However, the company is still urging its users to change their 8tracks passwords as well as on any other site where they may have used the same password. The Internet radio service informed Motherboard that it would notify its customers and has identified the attack vector used by the hacker, securing the account in question. They also reassure that the stolen data did not include credit card information.

Those using 8tracks may want to change their passwords as well as make sure the same password is not being used elsewhere. It also advised to use a two-factor authentication and password managers like LastPass or 1password, but maybe not OneLogin.

[“Source-gadgets.ndtv”]