Dailymotion, a widely used video sharing platform, has confirmed over the weekend that it was hit by a credential stuffing attack. This is a form of cyberattack where hackers use combinations of usernames and passwords that have leaked in earlier breaches and try to gain access through them on other websites.
Dailymotion has been sending out emails to affected users, informing them that the attack started last weekend and that hackers were able to gain access to a limited number of accounts. It also mentions that the security team was able to discover the attack and take the required steps to block it.
Since last Saturday, DailyMotion has been logging off users who it believes were impacted by this credential stuffing attack. It has been resetting their passwords to ensure that account access can be restored to the proper users. The emails that it has been sending out to the users have a link with which users can reset their password in order to get control of their account once again.
Dailymotion joins several other services that have recently been hit by credential stuffing attack. Reddit went through one just a couple of weeks ago while AdGuard, an ad blocker company, was also hit back in September last year in addition to global banking behemoth HSBC.