Popular Internet Radio 8tracks Hit by Cyber Attack Targeting User Information

Media Division | June 29, 2017

The news reports of cyber attacks keep coming in like an endless cascade. With the large amounts of money and digital assets that we keep stored through electronic means, cyber security is one of the most important factors within an organization. Unfortunately, many organizations continue to neglect security points, which leads to vicious attacks and data breaches. And then there are also zero day exploits that continue to catch organizations off guard and leave many scrambling to patch the vulnerability before others are affected. In yet another cyber attack, the popular internet radio service 8tracks has been hit, and it resulted in the potential exposure of millions of user accounts.

How the Breach Occurred

According to reports, the breach had provided hackers with user account information dating back to 2008. 8tracks had said in a blog post that they received credible reports that a copy of their database had been leaked, and it had included email addresses and encrypted passwords from users who had signed up for the service with email addresses. They said that those who signed up through Google or Facebook authentication were not affected. The passwords that were stolen were encrypted using one-way hashes. While it can take some time and resources, these types of passwords can still be decrypted. Sources say that the passwords were hashed using an older but still widely employed algorithm called SHA1, which Google had recently cracked, showing that this method is unsecure. 8tracks has said that they have identified the vector of attack, and have since secured it. They are pushing the fact that the passwords are encrypted and difficult to crack, but the internet radio service is still urging customers to change their passwords on the site, as well as on any other site where the same password is employed. They said that no further information than the above was affected, as they do not store credit card details, addresses, or phone numbers.

Cases like this really display the necessity for employing updated methods, as there are more modern methods of encryption and security that have supplanted SHA1 and provide better protection. SHA1 is now used much less than it was in the past but is still employed by many organizations around the globe. But, with the amount of information and passwords that we store in the digital world, it is time for organizations to start looking toward more effective and secure methods.

Remediating a Cyber Attack with Data Breach Solutions

As mentioned above, cyber attacks and data breaches have become more common than ever, and the reports of new breaches are endless. Obviously, the best practice is to maintain comprehensive security and regular updates to prevent attacks in the first place, but there also comes the matter of being able to address an incident through data breach solutions. A single breach, if not handled adeptly and rapidly, can factually cause an organization to fail. The immediate data and fund loss is not the only concern in a breach, as it can also result in damage to reputation and consumer trust. There are several necessary steps to take in the event of a breach, such as mitigating the immediate damage, patching the vulnerability, notifying those affected, and tracing the source, all of which comes under the heading of data breach solutions. An organization needs to be able to display to their public that they are properly and quickly addressing a breach to prevent further damage and loss. Massive Alliance’s data breach solutions can help an organization to address all sides of an incident, as well as thoroughly remediate it.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.