DailyMotion is Under Attack by Credential Stuffing Hackers

• DailyMotion warns that a stuffing attack is currently underway and that users should reset their passwords.
• The attackers have probably gotten their hands to millions of credentials in the recent “Collection #1” leak.
• Using different passwords and two-factor authentication is the best way to protect yourself from this type of attacks.

The French video-sharing platform has issued an official announcement, informing its userbase which consists of many millions of people from 35 countries, that it is being subject to a large-scale attack that their technical teams discovered on January 19. As of today, the attack is still ongoing, but the company has managed to isolate the problem, limit its scope, while they are currently feverishly working to mitigate the effectiveness of the attacks by reinforcing their user data protection system. Users who had their accounts compromised received an additional message by DailyMotion as an emergency notice, while the company has already informed the French Data Protection Authority (CNIL) as it required by law.

DailyMotion has detected a sudden outpour of credentials guessing attempts, which points to the possibility of hackers using passwords that they got from other credential data dumps like the most recent “Collection #1” archive that comprised over 773 million email addresses and their associated passwords. As many people follow the dangerous practice of using the same credentials across multiple online platforms, the hackers hope to gain access to the corresponding DailyMotion accounts by entering the same credentials, or iterations of them. DailyMotion has isolated the instances by blocking the IPs that attempted to gain access to accounts by trying a large number of combinations, and also by imposing more stringent geo-locational checks. Users who had their accounts afflicted have been automatically logged out from the platform and had their passes reset.

@troyhunt Got this mail from @dailymotion (translated from french) pic.twitter.com/uotgq7K6Ju

— Seblor (@Seblor571) January 26, 2019

The same users who have also received the personal message are not prompted to follow the reset instructions, use a new password that they have never used before, and also set up the two-factor authentication. If the access to the account is entirely lost, and if a new email address has been registered, users are advised to send an email to DailyMotion with the details, so that further protective measures may be implemented. If you are uncertain about whether your credentials have been leaked by the recent credential’s disclosure or a previous incident, you can always check on “haveibeenpwned.com” and figure out.

Have you been affected by the attack? Let us know about the juicy details in the comments below, and don’t hesitate to share your thoughts with our vivid online community on Facebook and Twitter.