September 14, 2016
Another Day, Another Data Breach! And this time, it’s worse than any recent data breaches.
Why?
Because the data breach has exposed plaintext passwords, usernames, email addresses, and a large trove of other personal information of more than 6.6 Million ClixSense users.
ClixSense, a website that claims to pay users for viewing advertisements and completing online surveys, is the latest victim to join the list of “Mega-Breaches” revealed in recent months, including LinkedIn, MySpace, VK.com, Tumblr, and Dropbox.
More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin over the weekend. The hackers who dumped the data has put another 4.4 Million accounts up for sale.
In addition to un-hashed passwords and email addresses, the dump database includes first and last names, dates of birth, sex, home addresses, IP addresses, payment histories, and other banking details of Millions of users.
Troy Hunt, operator of Have I Been Pwned? breach notification service, verified the authenticity of the data taken from ClixSense.
Besides giving away 4.4 Million accounts to the highest bidder, the hackers are also offering social security numbers of compromised users, along with the complete source code of the ClixSense website and “70,000 emails” from the company’s internal email server, according to a Pastebin message advertising the stolen database.
PasteBin has since removed the post as well as the sample of the compromised database that contained user account information.