Mixcloud,
a renowned streaming site, has been breached, as hackers have taken hold or
more than 20 million accounts from the site.
According to TechCrunch reporter Zach Whittaker, hackers took hold of the account s earlier this month. The suspected hacker gave Zach a copy of the files he infiltrated to prove he is the one that breached the site’s platform. Giving out sample data is what most hackers usually do to prove they are responsible for the hack in a company.
Zach
verified the hacker’s claim by using the information to validate some of the
emails in the sign-up feature of those accounts.
Although
the exact number of hacked accounts is not known, there are likely more than 20
million, as the hacker listed about 21 million accounts for sale on the dark
web.
The
hacker still had plans to carry out another attack, as it was obvious from his
communication with Zach. It is not the first time the hacker has contacted Zach
concerning his hacking activities.
In
August this year, he reached out to Zach, telling him about his plans to carry
out another attack. This time, the hacker targeted StockX, a billion-dollar
platform where users can buy or sell clothing or shoes.
The breached accounts had already gone on sale in the black web. According to Zach, the hacker wants only half a Bitcoin in exchange for the hacked data.
Although there is no payment card data in the hacked files, it still contains some valuable data, including encrypted passwords , IP addresses, profile photo links, usernames, and email addresses. These are still some pieces of valuable information the hacker can use to his advantage.
But
the Mixcloud’s encryption would be very difficult to decrypt, which is the only
positive thing about the whole hacking incident. The streaming site is powered
by SHA-2, a very strong encryption protocol to break.
It means that accounts with difficult passwords will be almost impossible to decipher. But the number of hacked accounts is something quite worrisome. There are more possibilities of hacking even the strongest platform, where the hacker holds more than 20 million accounts in that platform, no matter the strength of encryption. So, it’s almost certain the hacker would succeed in cracking some accounts if they try.
Not
everybody is careful enough to use the strongest keys to protect their
passwords. Among users who don’t use strong passwords, some are not just
bothered, while others are afraid of forgetting the details of the password.
For the second group of account holders, they want to use passwords that would
be easier for them to remember, which renders their accounts vulnerable.
As
at the time of writing, Mixcloud has not issued any statement regarding the
hack, although an investigation into the matter will follow.
According
to the GDPR rules, Mixcloud is likely going to face a £20 million fine if it
doesn’t carry out the required investigation to sort the problem. Just last
year, WindrCo injected about $11.5 million in Mixcloud to help the company
facilitate its business processes.
Lisa Rooland,  Mixclouds’ spokesperson, did not answer questions from reporters when she was contacted. She did not indicate whether the company intends to report the incident under the EU and U.S. data breach notification law.
In a similar incident involving Mariott, the hotel giant was fined about £90 million when its site was hacked last year, although this breach was larger than Mixcloud’s current. This breach appears to be a setback for a company that has been rising steadily in popularity since the cash injection.
legit dumps shop buy cc fresh