WTF ... IS WTF!?
We are a collective of people who believe in freedom of speech, the rights of individuals, and free pancakes! We share our lives, struggles, frustrations, successes, joys, and prescribe to our own special brand of humor and insanity. If you are looking for a great place to hang out, make new friends, find new nemeses, and just be yourself, is your new home.

DailyMotion discloses credential stuffing attack


Voorhees a jolly good fellow!
Video sharing platform DailyMotion announced on Friday that it was the victim of a credential stuffing attack, ZDNet has learned.

Credentials stuffing is a security term that describes a type of cyber-attack where hackers take combinations of usernames and passwords leaked from other sites and use them to gain illegal access on accounts on another site.

According to an email sent out to impacted customers, and seen by ZDNet, the credential stuffing started last weekend, on January 19, and appears to have been successful in some cases, with hackers gaining access to a limited number of accounts.

The company said its security team discovered the attack and it took "all necessary steps" to block it. Since last Saturday, the company has been logging off users who it believes were impacted and resetting their passwords.

The email sent to all affected customers contains a link for users to reset their password and regain control of their account.

The French company has also notified CNIL (Commission nationale de l'informatique et des libertés), France's data privacy watchdog, as demanded by Europe's new GDPR legislation.
A DailyMotion spokesperson did not reply to a request for comment ZDNet sent on Saturday, January 26, seeking additional details.

Source: ZDNet


Gimmie Pwnies
I think the question is why does every fucking website need to have a user account with it's own password so you basically have to reuse passworrds