Hackers leaked the names and email addresses of over 200 thousand Social Bluebook influencers in a data breach that occurred in October of 2019, although only came to light recently.
Social Bluebook is a service that matches influencers with advertisers. The influencers receive paid offers from advertisers to promote branded content on social media platforms, like Twitter, Facebook, Instagram, and YouTube. In addition, customers are provided with influencer marketing classes and analytics software to help conduct their business.
TechCrunch not only reported the data breach, but also gained access to the database and reached out to Social Bluebook's co-founder, Sam Michie, to verify some of the compromised users. According to the report, the data included the names, email addresses, and scrambled passwords of over 200 thousand user accounts. This equates to most of the user base, considering Social Bluebook claims to have over 300 thousand users. Michie confirmed the data’s validity to TechCrunch while also pointing out this was the first time the company had become aware of the issue. Currently, it’s not known how the data was stolen, or by whom, but they took the California-based company’s entire database without being noticed for several months.
Social Bluebook learned of the hack in April of 2020, even though it occurred in October of the previous year. Hundreds of thousands of influencers have had their data at risk for months, due to faults in Bluebook’s cybersecurity that enabled the hack to work. While it's hard to call Bluebook’s security weak without properly being aware of what the company is doing to protect its users, it's curious how the hack was able to go unnoticed for several months. Influencers are often the target of hacks due to their high follower accounts, and any successful hack on a high-profile influencer is hugely visible, which makes strong cybersecurity increasingly important. On this occasion, the hashed passwords were at least one measure that's likely to have helped keep additional information secure.
Recently, Amazon’s line of smart-home security devices saw a severe information leak that wound up with thousands of users’ home addresses being posted to the dark web. There, Amazon pinned the blame on its users, refuting that the breaches were not the fault of Amazon’s (or Ring's) own cybersecurity. Social Bluebook’s account breach endangered its entire userbase, which, for many, influencing might have been their primary source of income. While users should take all the necessary precautions to reduce their personal risk, companies also need to do all they can to ensure data and user privacy is protected on their end.
Source: TechCrunch
from ScreenRant - Feed https://ift.tt/3atTdaQ
No comments: