Dailymotion Data Breach: What to Do Right Now

Dailymotion, AKA "that site you use when YouTube doesn't have the video," has become the latest in a long line of high-traffic websites to suffer a data breach — in this case, possibly compromising 85 million user accounts.

Credit: Dailymotion

(Image credit: Dailymotion)

If you're a Dailymotion registered user, you'll need to follow the data-breach drill. Log into your account, change your password to something strong and unique, and hope against hope that if the attackers got ahold of your password and username, you didn't use those credentials for every other account online. Since Dailymotion doesn't offer two-step verification, that’s the best you can do for now.

The company posted a security notice (in both English and French; they say pretty much the same thing) on its blog, informing users that "a potential security risk ... may have comprised [sic] the passwords for a certain number of accounts."

While the notice states that the attack did not steal any personal information, that information could be stolen from other websites if a Dailymotion customer used the same username and password for other, more important accounts, such as those for email, social-media or financial services.

MORE: Best Antivirus Software

ZDNet asserted that the breach went far beyond a "potential security risk." An unknown hacker, ZDNet claims, made off with 85.2 million usernames and 18.3 million passwords on Oct. 20. The passwords were hashed with the very strong Bcrypt algorithm, meaning that even the most dedicated hacker could probably not crack them.

However, we were not able to independently verify the number of compromised accounts cited by ZDNet. The publication claimed that its information came from LeakedSource, a data-breach tracking group, and the LeakedSource Twitter account stated 87 million Dailymotion accounts were compromised.

But because LeakedSource has not provided any hard data on Dailymotion's woes, and Dailymotion itself has not shared any numbers, the most we can say definitively is that something went down at Dailymotion, and users would be wise to change their passwords.

Luckily, doing so is very easy. On Dailymotion's website, log into your account, select Account Settings from the drop-down menu in the upper right, enter a new password and then click Save. Dailymotion recommends that viewers choose something a little less obvious than "password1234."

You may also want to consider using a password manager to remember all those complicated passwords. There's really no excuse not to use one now that industry leader LastPass is mostly free.

Last year, Vivendi, the French multimedia conglomerate, purchased 90 percent of Dailymotion from the cellular carrier Orange, which retains 10 percent. This means that Dailymotion is the ward of two gigantic tech corporations, both of which should be better at protecting users from data breaches. The company could at least offer some two-step verification; maybe that will be its next step.

TOPICS
Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi.