A massive ClixSense data breach has occurred that has resulted in a treasure trove of user data being obtained by hackers. In total, the ClixSense data breach impacts more than 6.6 million users, 2.2 million of which have had their sensitive data dumped online. The data of the remaining 4.4 million users is being offered for sale online.
ClixSense is an online service that pays its members to take part in online surveys. Due to the nature of the service, any individual signing up to take part must provide highly sensitive information such as bank account details. The hackers were also able to steal up-to-date user data. Some of the compromised accounts were only created a month ago. That makes this breach far more serious that the cyberattacks at LinkedIn and MySpace.
Data obtained by the hackers include names, dates of birth, Social Security numbers, email addresses, sex, IP addresses, home addresses, payment histories, account balances, usernames, and plaintext passwords.
The owner of ClixSense, Jim Grago, has confirmed that hackers succeeded in compromising servers, domain name settings, and email accounts. The attack was discovered by ClixSense on September 4, when the lead developer discovered the ClixSense website was redirecting users to a gay porn site.
On September 5, the hackers succeeded in turning off the company’s servers and they also changed all of the passwords on the company’s MS Exchange server. By Tuesday September 5, they obtained access to the user database and stole the data of 6,606,008 users. The hackers also reset user account balances to zero, deleted forum posts, and changed account names to “hacked account”.
The database was not accessed directly, instead access to user data was gained from an old database that was no longer in use. However, that database was connected to the company’s current database server.
According to a post on the company website, account balances have now been restored and the changes that were made to the accounts have been reversed, although users are required to enter their names again when they login. A password reset has also been performed. The breach notice also states, “To say this past week was a bit stressful is an understatement.”
ClixSense has been working on improving site security and has confirmed that the site is now much more secure. Any ClixSense user that has shared their password on multiple websites has been strongly advised to update all of their passwords.