The popular video platform DailyMotion’s disclosed a credential stuffing attack on Friday. In response, experts with Cequence and Shared Assessments offer perspective.
Dailymotion Fights Ongoing Credential-Stuffing Attack https://t.co/wvcYH1iIFb
— Security Info (@safebits) January 29, 2019
Mike Jordan, CISSP, CRISC, CTPRP, Senior Director at The Shared Assessments Program:
“Hacking passwords on public video sites and forums could be used for troll farming and disinformation campaigns. More troubling are the breached banks and retailers where actual transactions are at risk. And don’t forget the smaller sites that don’t have the resources to detect this kind of attack. Consumers may never hear about these types of attacks, and any site can store more of your information than you may realize.
“I strongly recommend making passwords unique and storing them in a trusted password manager app. Opt into two-step or Multi-Factor sign-in where possible, whereby the website sends you a code or uses an app to log you in along with your password. Email accounts can be used to reset all your other passwords, so prioritize those along with your financial and work passwords.”
Franklyn Jones, CMO at Cequence: