Internet Radio 8tracks was shredded earlier this week and attackers managed to steal at least 18 million accounts, including usernames, passwords, and email addresses.
In a message posted on the company's blog, 8tracks confirms the hack and says it all started from Github's account of an employee who does not use two-factor authentication. IT managers were aware of the hack as soon as the attackers tried to change the Github account password, they say.
8tracks explains that only users who have signed up with E-mail affected by the hack, while everyone else, including those who use the accounts Google and Facebook to connect, they are absolutely safe.
In addition, passwords are encrypted, so hackers will have difficulty cracking them, although this does not get away with the question for the time being. As a result, users are recommended to change their passwords as soon as possible, especially if the same credentials are used in other services.
"We do not believe that this violation concerns access to database servers that are insured by public / private SSH keys. However, it allowed access to a system that contains a backup of the database tables, including those user data, "the company says in a statement.
"We've secured this account, changed passwords for storage systems, and added access log to our backup system. We check all our security practices and we have already taken steps to enforce authenticity in 2 steps in Github, to limit access to repositories and improve password encryption. "
What should be noted is that, in addition to user names, passwords, and emails, there were no other data as 8tracks does not store personal information such as credit card numbers, phone numbers, or addresses. So if you change your password, you need to be safe and it is recommended that you do so as soon as possible.