Dailymotion Admits October Hack Exposed Millions of Accounts “Due to an External Security Problem”


Hackers stole data of millions of accounts of the video-sharing website Dailymotion. The stolen data reportedly includes email addresses, usernames, and associated passwords in some cases.

Dailymotion - another addition to the list of 2016 mega breaches

In yet another mega breach of 2016, LeakedSource, breach notification site, has revealed that an unknown hacker stole over 85.2 million unique email addresses and usernames associated with the video-sharing site Dailymotion - one of the biggest video platforms in the world. About one-in-five accounts also have associated passwords that were leaked in the breach. However, passwords were scrambled with the bcrypt hashing function, making them difficult to crack.

It is believed that the hack on the world's 113rd most-visited website was carried out on October 20. Dailymotion said the breach occurred due to an external security problem.

We learned that due to an external security problem at Dailymotion, the passwords of a number of accounts could have been compromised. The hack seems to be limited and would not concern any personal data.

The security of your account is extremely important to us and we take all necessary measures to identify possible gaps and remedy them. Therefore, as a precaution, we urge all our partners and users to reset their passwords now.

Considering how "obvious passwords" are used by many, Dailymotion advised its users to avoid the likes of "password1234" and use unique passwords for each service.

In the breach leaking data of 85.5 million account details, over 18.3 million passwords were also stolen. You can change your password following these steps:

  1. Go to the Dailymotion website and sign into your account.
  2. Open Settings: use the drop-down menu in the upper right corner.
  3. Select Account Settings.
  4. Enter a new password.
  5. Save the changes.

Dailymotion users are also at the risk of phishing attacks. Last week, we saw attackers using stolen data from other services to launch attacks against National Lottery operator, Camelot. Attackers had used the username, email addresses and password combination that users re-used on multiple sites.

In the case of Dailymotion hack, it is believed that damage will be limited due to password security. However, it won't hurt to change the password anyway.