VerticalScope Breach; 45 Million Users Affected

Bad news for users in the automotive industry as 45 million accounts from Vertical Scope got stolen!

VerticalScope, an Internet media company, known for its automotive and sports vertical market-related content suffered a massive data breach earlier  this year in February. However, it seems  the company preferred to hide the data breach rather than inform affected users and advise resetting of their passwords. 

The data was discovered by Leaked Source, an online platform which collects leaked data from security breaches (including but not limited to recent LinkedIn and MySpace leaks).

According to Leaked Source, Vertical Scope and all of their domains including over 1100 websites and communities were hacked in February of 2016 and as a result, hackers stole 45 million records including email address, a username, an IP address, one password and in some cases a second password.

Moreover, researchers also noted that in most cases passwords were not stored in a secure manner. Less than 10% of the targeted domains were using proper encryption methods to secure passwords. Other data which consist of over 40 million records were not protected by any means as they consist of MD5 with salting which is a huge security risk and easy to break.

According to the blog post, Leaked Source revealed that Vertical Scope acknowledged the breach in April this year when a reporter from ZDNET contacted the company. VerticalScope has since posted a “security update” publically confirming the breach and asking users to reset their passwords. 

“VerticalScope is aware of the possible issue and our internal security team has been investigating and we will be collecting information to provide to the appropriate law enforcement agencies. We believe that any potential breach is limited to usernames, user ids, email addresses, IP addresses and encrypted passwords of our community users. In response to increased Internet awareness of security-related incidents, including potential incidents on our communities, as a precautionary security measure, we are implementing changes to strengthen our password policies and practices across all of our communities.”

The year 2016 has already seen some massive security breaches including Twitter, Tumblr, MySpace, LinkedIn and VK.com.

Here is a list of top 15 most used passwords on VerticalScope: