You need to change your password now if you use Dubsmash, MyFitnessPal, MyHeritage, ShareThis, HauteLook, Animoto, EyeEm, 8fit, Whitepages, Fotolog, 500px, Armor Games, BookMate, CoffeeMeetsBagel, Artsy, or DataCamp. A massive haul of 620 million accounts from these and other websites has been found for sale on the dark web, making it critical to update your login details immediately to prevent phishing, scamming, and unauthorized access. Hacking is nothing new, and these account details, taken over the past year, are enough to log into sites and change personal information. Dave’s Computers is warning customers because their details may be among them, with the entire haul priced at $20,000 in bitcoin. If you are a member of any of these websites, log in right away, change your password, initiate two-factor authentication if possible, and monitor your account. Some hacks occurred up to a year ago, but the data is only recently on sale, so you may still have time to secure your account.
Dave’s Computers isn’t into scaremongering or clickbait headlines but this haul of account details covers some very popular websites. That warrants a blog post warning all our customers that their details may be among them. The price for all 620 million accounts is $20,000 in bitcoin. Not a lot of money considering the potential value.
If you are a member of any of the following websites, you need to log into them right away and change your details. You may be too late but you should definitely try:
- Dubsmash (162 million accounts exposed)
- MyFitnessPal (151 million accounts exposed)
- MyHeritage (92 million accounts exposed)
- ShareThis (41 million accounts exposed)
- HauteLook (28 million accounts exposed)
- Animoto (25 million accounts exposed)
- EyeEm (22 million accounts exposed)
- 8fit (20 million accounts exposed)
- Whitepages (18 million accounts exposed)
- Fotolog (16 million accounts exposed)
- 500px (15 million accounts exposed)
- Armor Games (11 million accounts exposed)
- BookMate (8 million accounts exposed)
- CoffeeMeetsBagel (6 million accounts exposed)
- Artsy (1 million accounts exposed)
- DataCamp (700,000 accounts exposed)
As you can see, there are some very popular sites in that list, including fitness and dating. Both types of website will also likely contain a lot of personal data. If you want to know more about the hack, British site The Register has all the details.
If you use one of these websites, try to log in right away and change your password, initiate two-factor authentication if you can and monitor the account. Some of these hacks happened up to a year ago but the data is only recently on sale. You may still have time to get into your account and lock it down before someone else does.
What should you do if your account has been hacked?
If your account has been hacked, you should immediately try to log in and change your password to a strong, unique one, then enable two-factor authentication wherever possible. If you cannot access the account, contact the customer service desk of the site to request an account reset. For websites containing financial data, alert credit reference agencies and consider freezing your account to prevent identity theft. It's also crucial to avoid using the same username and password across multiple websites. Moving quickly to lock down your account and monitor your finances can help mitigate the risks.
If you cannot get access to the account, contact the customer service desk of the site in question. Explain what happened and that you need your account reset. If any of the websites contain financial data such as credit card details, you need to alert the credit reference agencies and put a freeze on your account. This will prevent a hacker applying for credit in your name.
This all sounds serious but it doesn’t have to be. As long as you move quickly and lock down your account if you can and watch your finances, you should be okay.