Data from more than 250 million users of the Deezer music streaming platform is currently being sold on the Internet. The hacker would have obtained this information during an intrusion into the company’s servers dating back to 2019.
Surprisingly enough, it will almost take three years to the pirate to resell his precious loot. 2023 promises to be as dangerous a year as 2022 when it comes to the security of private data. And sadly for everyone, data leaks will be very expensive in 2023.
As is often the case, data leakage was made possible due to the default of a Deezer business partner. While the streaming platform’s security measures were in perfect working order, it was through a “man-in-the-middle attack” that the hacker was able to obtain this massive amount of data. Deezer specifies the nature of the data shared by the cybercriminal: “ some of our users’ non-sensitive information has been exposed. While we are not aware of any misuse of this data, we want to provide clarity and provide potentially affected users with guidance on how to protect themselves.”
The hacker resells the Deezer user data acquired via the platform partner
Deezer offers the largest music catalog in the world, so it’s no wonder that 257 million people have an account. Not everyone shared sensitive data with the French service. In fact, most of the information made available on the web is very benign. According to Deezer, no password or payment method information was leaked. That said, the company’s blog post dedicated to this leak strongly encourages its users to consult the website of the Ministry of Economy, Finance and Industrial and Digital Sovereignty at https://www.economie .gouv.fr/particuliers/protection-usurpation- identify.
The lost data weighs no less than 260GB, but more than the size of the lost files, it is the value of a user account that should be remembered. A single person’s data can sell for $175 to $1,000depending on their nature.