Mixcloud has been hacked, more than 20 million user records could have fallen into hackers

Mixcloud is the latest name to join the list of victims of large-scale online data theft attacks in 2019, with an estimated 20 million user accounts likely to fall into the wrong hands and for sale on dark web.

The breach was identified in late November when a merchant specializing in trading data on the dark web provided some information allegedly derived from Mixcloud's user profile for tech magazine TechCrunch. Here, TechCrunch experts conducted a verification and verification of the authenticity of the data and confirmed that it was the information extracted from the Mixcloud user profile.

The leaked datastore contains usernames, email addresses, passwords (messed up with the SHA-2 algorithm, making passwords nearly impossible to reorder), account registration date and time of login final. Also include the country where the user is registered, their internet address (IP) and a link to the avatar.

Security experts have verified the source of data by validating emails based on the site's registration feature, although Mixcloud doesn't require users to verify their email addresses. It is still unclear the exact number of user records leaked. The dark web merchant said that this person currently holds about 20 million records and a part was sold for $ 4,000, equivalent to about 0.5 bitcoin.

This is one of the most significant cyber security incidents in a series of large-scale data breaches recorded in the fourth quarter of 2019 to date.

Mixcloud is a British music streaming service that allows listening and distribution of radio programs, DJ and podcast mixes, and a large number of users. As a London-based company, Mixcloud is forced to adhere to the data protection rules of the United States and Europe. By leaking more than 20 million user records, Mixcloud is at risk of being fined up to 4% of its annual revenue if it is determined to violate Europe's GDPR rules with serious consequences.