8tracks
What was exposed
Email addressesPasswords
What to do if you were affected
- Change your password for this account, and anywhere you reused it. Turn on two-factor authentication.
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
Details
In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts. In their disclosure, 8Tracks advised that "the vector for the attack was an employee’s GitHub account, which was not secured using two-factor authentication". Salted SHA-1 password hashes for users who didn't sign up with either Google or Facebook authentication were also included. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies and contained almost 8 million unique email addresses. The complete set of 18M records was later provided by JimScott.Sec@protonmail.com and updated in HIBP accordingly.
Frequently asked questions
What is the 8tracks data breach?
In June 2017, the online playlists service known as 8Tracks suffered a data breach which impacted 18 million accounts. In their disclosure, 8Tracks advised that "the vector for the attack was an employee’s GitHub account, which was not secured using...
When did the data breach happen?
This data breach occurred around June 2017.
How many accounts were affected?
Around 17,979,961 accounts were affected.
What information was exposed?
Exposed data included Email addresses and Passwords.
What should I do if I was affected?
Change your password for this account, and anywhere you reused it. Turn on two-factor authentication. Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
Related breaches