Massive Data Breach Exposes 6.6 Million ClixSense Users’ Personal Information
In yet another significant data breach, ClixSense, a platform that compensates users for viewing advertisements and completing surveys, has fallen victim, exposing the plaintext passwords and personal information of over 6.6 million users. This incident marks one of the more severe breaches reported in recent months, joining the ranks of major hacks affecting services such as LinkedIn, MySpace, and Dropbox.
The compromised data includes not just usernames and email addresses, but also sensitive details like first and last names, dates of birth, gender, home addresses, IP addresses, payment records, and banking information. The breach’s gravity has been underscored by reports that more than 2.2 million records were publicly disseminated via PasteBin, with an additional 4.4 million accounts allegedly being offered for sale by the hackers.
Troy Hunt, the operator of the breach notification service “Have I Been Pwned,” has corroborated the authenticity of the data taken from ClixSense, enhancing the severity with which the incident is viewed. Along with the personal information, the attackers are reportedly selling social security numbers and the complete source code of the ClixSense website. Furthermore, they have compromised internal emails of the company.
The breach appears to stem from vulnerabilities exploited within an old server that remained connected to ClixSense’s primary database. According to ClixSense’s own disclosures, hackers were able to access the main database and copy user data by running SQL commands, which allowed them to alter account details and manipulate user balances.
ClixSense’s owner, Jim Grago, detailed the timeline of the attack, revealing that he was alerted to the breach when the platform was redirected to an inappropriate website. Subsequent investigations revealed that hackers had compromised the company’s DNS, disabled servers, and gained access to the database through inadequate security measures.
Business owners who utilize ClixSense or similar platforms are urged to take immediate action. Users should promptly update their passwords and change any security questions that may involve the personal information provided to ClixSense. Given the sensitive nature of the data involved, establishing unique passwords across various accounts is highly advisable.
Cybersecurity professionals should consider the tactics and techniques outlined in the MITRE ATT&CK framework to better understand the methodology employed during this breach. Potential tactics used include initial access through social engineering, persistence via compromised infrastructure, and privilege escalation through SQL injection techniques.
This incident serves as a stark reminder of the vulnerabilities present in online systems and underscores the necessity for heightened security measures in protecting user data from malicious actors. Organizations must remain vigilant, continuously auditing their cybersecurity defenses to safeguard against future breaches.
