Skip to content
Data breachContained

Leak at Dailymotion

In October 2016, French video-sharing platform Dailymotion was breached, exposing roughly 85.2 million user accounts including email addresses and usernames, with bcrypt password hashes for about 18 million of them.

Victim
Dailymotion
records
85.2M

On 1 October 2016, Dailymotion β€” the Paris-based video-sharing platform β€” suffered a data breach that exposed roughly 85.2 million user accounts. The incident was disclosed in early December 2016 when breach-notification service LeakedSource obtained and reported the stolen dataset, around two months after the intrusion.

The stolen records contained 85.2 million unique email addresses and usernames. Of these, about 18 million accounts (roughly 20 percent) also had associated passwords, which were stored as bcrypt hashes using ten rounds of key stretching β€” a strong hashing scheme that made recovering the underlying plaintext passwords difficult.

Exposed data categories:

  • Email addresses
  • Usernames
  • Bcrypt password hashes (for ~18 million accounts)

The breach was attributed to a network intrusion that allowed attackers to exfiltrate the account database. Because passwords were protected with bcrypt rather than stored in plaintext or with weak hashing, the immediate credential-cracking risk was limited, though the exposed email addresses and usernames still raised phishing and credential-reuse concerns. Affected users were advised to change their passwords as a precaution.

Sources

  1. thehackernews.comhttps://thehackernews.com/2016/12/dailymotion-video-hacked.html
  2. haveibeenpwned.comhttps://haveibeenpwned.com/breach/Dailymotion
  3. securityaffairs.comhttps://securityaffairs.com/54102/data-breach/dailymotion-data-breach.html
  4. bleepingcomputer.comhttps://www.bleepingcomputer.com/news/security/dailymotion-allegedly-hacked-85-million-user-accounts-stolen/
  5. framagit.orghttps://framagit.org/aeris/bonjour-la-fuite/

Related incidents