Scribd
Upload
443 views

Introduction: Dubsmash Is A

Dubsmash, a video messaging app, suffered a large data breach in December 2018 when an unidentified hacker stole 161.5 million user records. The hacker placed the stolen records for sale on the dark web in early 2019, alongside data from five other breaches. The stolen Dubsmash data included user IDs, hashed passwords, usernames, emails, countries and locations. By extracting this personal data due to Dubsmash's weak cybersecurity, the hacker was able to successfully carry out the attack.

Uploaded by

Marites Versoza Dimalnat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
443 views

Introduction: Dubsmash Is A

Dubsmash, a video messaging app, suffered a large data breach in December 2018 when an unidentified hacker stole 161.5 million user records. The hacker placed the stolen records for sale on the dark web in early 2019, alongside data from five other breaches. The stolen Dubsmash data included user IDs, hashed passwords, usernames, emails, countries and locations. By extracting this personal data due to Dubsmash's weak cybersecurity, the hacker was able to successfully carry out the attack.

Uploaded by

Marites Versoza Dimalnat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Choose an organization that suffered data breaches, then patronize it for what it is, then

discuss the threats, actors/motivation, and how they successfully attack.


Notes:
Each of you should not make the same choice in organizations. Discuss it on your GC to
prevent duplicate choices.

Introduction: Dubsmash is a video messaging app, Dubsmash experienced a large-scale data breach
in December 2018 when 161.5 million user records were stolen by an unidentified hacker. As we can
see, Dubsmash data breach is the biggest victim. The exact amount of leaked accounts is 161,749,950.
And it is posted for sale for only 0.549 BTC or $1,976. According to the original report, not all countries
are hit by this breach. The countries affected were found in Europe. Some are also located in China and
Malaysia.

Threats: Dubsmash is a video messaging app. The hacker then placed the records for sale on the dark
web in early 2019 alongside five other victims of a data breach by the same hacker. Entire member
databases were put up for sale to spammers and others who wanted access to personal records. When
the hack occurred Dubsmash reported that email addresses and passwords were taken but nothing
more serious like credit card numbers or addresses. The exact amount of leaked accounts is
161,749,950. And it is posted for sale for only 0.549 BTC or $1,976. Moreover, it leaked a total of 11GB
of data. It includes: User ID, hashed passwords, usernames, email address, country, geolocation.
According to the original report, not all countries are hit by this breach. The countries affected were
found in Europe. Some are also located in China and Malaysia.

Actors/motivation: An unidentified hacker placed the records for sale on the dark web to gain profit in
early 2019 alongside five other victims of a data breach by the same hacker.

How they successfully attack: Once the hacker extracts the data such as user id, hashed passwords,
usernames, email address, country and geolocation, the attack is considered successful due to weak
cyber security.

The easiest way to protect yourself from a data breach is to change your password on not only the
accounts affected but all of your accounts. Of course, it is easy to prevent this by using a password
manager and two-factor authentication. While no method will protect you fully, a password manager
and two-factor authentication will make it much more difficult for a malicious party to gain access to
your account. Securing data can help victims of data breaches who suffer from identity theft, phishing
attempts, and more.

You might also like