Aldohn Domingo, Tech Times

Monetized survey completion platform SurveyLama, has reportedly been alerted by data breach alerting service Have I Been Pwned (HIBP) after it found that a hacking incident has exposed the sensitive data of 4.4 million SurveyLama users, first reported by Bleeping Computer.

SurveyLama pays registered users to dosurveys. The website, which is owned by the French company Globe Media, is well-known for its quick payments, several withdrawal choices, and large rewards (up to $20). 

Russian Hackers Allegedly Behind Sweden Ransomware Attack

(Photo: ROB ENGELAAR/ANP/AFP via Getty Images) Sweden has grappled with disruptions in their online services following a ransomware attack attributed to a Russian hacker group.

Troy Hunt, the man behind HIBP, learned about a data breach affecting the service at the beginning of February. The breach affected a variety of data types, including phone numbers, email addresses, IP addresses, full names, passwords, dates of birth, and physical addresses. 

SurveyLama responded to HIBP's inquiry over the veracity of the data by stating that they had already emailed affected users to confirm the security problem. Since the data set was added to HIBP yesterday and includes details on 4,426,879 accounts, impacted consumers ought to have already gotten an email notification.

Read Also: Cyber Safety Review Board Blames Microsoft's "Inadequate" Security for 2023 Data Breach 

SurveyLama's Limited Data Breach

According to the platform, the passwords that were exposed were not directly useable cleartext because they were saved as salted SHA-1, bcrypt, or argon2 hashes.

Hunt informed Bleeping Computer that as far as he knew, the hacked data had not been made available to the public, therefore its exposure was currently restricted. 

SurveyLama's data breach follows several hacking incidents currently plaguing cyberspace. Just a week ago, sensitive data, including passcodes, social security numbers, and addresses, belonging to millions of AT&T customers, both past and present, has been compromised. The massive telecommunications company has acknowledged the vulnerability and taken action to fix it.

Prominent Current Data Breach

The estimated 73 million people that are included in the disclosed data are made up of 65.4 million previous AT&T account holders and 7.6 million current account holders. Details including complete names, email addresses, and dates of birth are also included in the breach, which looks to have happened in 2019 or earlier.

Resetting existing users' passcodes and starting to notify impacted customers is AT&T's quick response. The business hasn't found any proof, though, of how the data was taken.

Even if there is no call history or financial information in the hacked data, the disclosure of personal information raises questions about potential misuse and identity theft. Customers who are impacted are urged by AT&T to exercise caution and keep an eye on their credit reports and account activity.

AT&T has experienced other difficulties this year in addition to the data leak, such as a significant outage in February that interfered with cellular service for thousands of customers nationwide. Rather than being the result of a hostile attempt, the corporation blamed the outage on a technical coding issue.

Related Article: Finland Points to China-Linked Hackers for 2021 Breach of Parliament

Written by Aldohn Domingo

(Photo: Tech Times)

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags: Data Breach Data Breaches SurveyLama Cybersecurity Cyberattack Data Leak
Join the Discussion