DailyMotion is a video sharing platform which is available worldwide in 18 languages. It is one of the most visited sites on the internet with a rank of #134 on the Alexa traffic ranking. The video sharing platform announced on January 25, 2019, that it has been hit by a credential stuffing attack.
Credential stuffing attack is a type of cyber attack where attackers use a combination of usernames and passwords that have been stolen from other online sites where the credentials have been exposed. Attackers use the stolen credentials to gain unauthorized access on users accounts.
What was the immediate action taken?
DailyMotion learned about the incident from its security team who discovered the attack.
Contents of the email
The notification read that DailyMotion suffered a credential stuffing attack which started on January 19, 2019. In the notification, DailyMotion confirmed that the attack has been successful in some cases, with attackers gaining access to a limited number of accounts.
The company also notified that its security team has taken necessary action to block the attack.
The notification email sent to impacted users also contained a link for users to reset their passwords and regain control of their account, ZDNet reported.