Huge data leakage from the advertising company revealed 6.6 million open passwords

New day, new leak! And this time everything is much worse than all the recent leaks.

Why?

Because unencrypted passwords, user names, email addresses, as well as a large amount of other personal information of more than 6.6 million ClixSense users have flowed away.

ClixSense, a website that pays users for viewing advertisements and passing online surveys. He is a fresh victim, joining the list of "Mega-Breach", which in recent months have been including LinkedIn, MySpace, vk.com, Tumblr and Dropbox.

Hackers sell unencrypted passwords and the full source code of the site.

Personal and confidential data of more than 2.2 million people have already been posted on Pastebin over the weekend. Hackers who stole the data put up for sale another 4.4 million accounts.

In addition to unencrypted passwords and email addresses, a database dump includes first and last names, dates of birth, gender, home addresses, IP addresses, payment history, and other bank details of millions of users.

Troy Hunt (Troy Hunt), operator of the site Have I Been Pwned ? leak notification service, verified the authenticity of data taken from ClixSense.

In addition, who bought 4.4 million accounts at the highest price, hackers also offer social security numbers of hacked users, along with the full source code of the ClixSense website and 70,000 letters from the company's internal mail server, according to a message on Pastebin, which advertises stolen database.

Pastebin has already deleted the record, as well as a sample of the hacked database, which contained information about users.

How ClixSence was hacked

ClixSense acknowledged the data leakage and said that some unknown hackers were able to access the main database through the old server, which was no longer used, but at the same time, it would still be connected to the network and the main database server.

After gaining access, the hacker was able to "copy most, if not all" ClixSense user tables, launched the SQL code to change the account names to "hacked account", deleted several forum posts, and also dropped the balance of users' accounts to $ 0.00.

During a conversation with Ars Technica, ClixSense owner Jim Grago (Jim Grago) admitted that the database contained records of approximately 6.6 million accounts, and that the company became aware of the violation on September 4 and managed to regain control over their DNS during the weekend.

“It all started last Sunday, September 4, at about 5 am EST, when the lead developer called me and said that ClixSense website was redirecting to gay porn site. Hackers captured our DNS servers and set up a redirect, ”writes Grego.

“On Monday (Labor Day), they hacked our hosting provider and turned off all our servers, hacked our Microsoft Exchange server, and changed the passwords of all our email accounts. On Tuesday, they accessed the server, which was directly connected to our database server and downloaded a copy of our user table. ”

Change passwords and security issues now

Users are urged to immediately change their ClixSence account passwords, and it would be a good idea to reset passwords for all your other online services, especially those that use the same passwords.

Since ClixSense uses a large amount of personal information about its users, make sure that you change your security questions if they contain any information that you have provided to ClixSense, for example, address, date of birth, or other identifying information.

In addition, I recommend that you use a good password manager to create strong and complex passwords for various accounts on the Internet, and he will remember them all.