(CelebrityAccess) — Popular streaming, internet radio and podcast service Mixcloud revealed that it has successfully targeted by hackers.
On Saturday, Mixcloud issued a statement that conceded: “We received credible reports this evening that hackers sought and gained unauthorized access to some of our systems.
“Our understanding at this time is that the incident involves email addresses, IP addresses and securely encrypted passwords for a minority of Mixcloud users. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords.”
According to ZDNet, who reported they were contacted by the hacker, Mixcloud’s data is available on the dark web and includes details such as usernames, email addresses, users’ country of origin, registration dates, last login dates, and IP addresses for about 21 million users.
Notably, user passwords are included in the data dump but still hashed, meaning that the actual passwords are inaccessible.
“The passwords that Mixcloud does store are encrypted with salted cryptographic hashes to ensure that they are extremely difficult to unscramble. This means that they are unlikely to be decrypted by hackers,” Mixcloud said.
According to ZDNet, the stolen data is being sold for about $2,000 in bitcoin.
While the passwords were apparently not compromised in the attack, Mixcloud advised users to update their credentials and apologized for the security faux pas.
“Whilst we have no reason to believe that any passwords have been compromised, you may want to change yours, especially if you have been using the same one across multiple services,” the statement said. “We are actively investigating the incident. We apologize to those affected and are sorry that this has happened. We understand this is frustrating and upsetting to hear, and we take the trust you put in us very seriously. “