Cloud

6/30/2017
01:10 PM
100%
0%

8tracks Hit With Breach of 18 Million Accounts

Hackers attack Internet radio user database, gaining access to email addresses and encrypted passwords.

Hackers broke into Internet radio site 8tracks, resulting in a database breach of 18 million users' email addresses and encrypted passwords, according to an International Business Times report.

The online music site says in a blog post that only users who signed up for the service using their email got hit. Customers who rely on Google or Facebook to authenticate themselves  did not have their passwords pilfered, 8tracks says.

The company believes an employee's Github account, which did not have two-factor authentication, served as the attack vector. When Github alerted the 8tracks employee of an unauthorized attempt to change their account password, that is when 8tracks realized a breach had ocurred.

"We do not believe this breach involved access to database or production servers, which are secured by public/private SSH-key pairs. However, it did allow access to a system containing a backup of database tables, including this user data. We have secured the account in question, changed passwords for our storage systems, and added access logging to our backup system," 8tracks states in its blog.

Read more about the breach here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
7/3/2017 | 6:41:05 AM
TFA/MFA and trusting people to self-assess
Here's the thing about attacks like these. They rely on users' undereducation about where they and their employees are vulnerable -- through non-intuitive parts of the attack surface.

The employee here clearly didn't think his GitHub account was important enough to secure with MFA. But, at least for his/her employer, it was.

This is where security training for employees comes into play. It's not just about training employees in corporate policy straight out of the handbook. It's also about educating employees in self-assessment skills for managing security and risk in their day-to-day lives. 
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.
CVE-2018-11472
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
CVE-2018-11473
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
CVE-2018-11474
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
CVE-2018-11475
PUBLISHED: 2018-05-25
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.