Cyber Incident Victim: Dubizzle
Date:
Aug 2015
Location:
United Arab Emirates
Summary
A classifieds platform experienced a security breach impacting a small percentage of its UAE user database, prompting immediate password resets for all users as a precautionary measure. The compromised data did not include financial details or plain-text passwords, as such information was encrypted and stored separately by a third-party provider. The company reinforced its security infrastructure following the incident and advised affected users to update credentials on other platforms if reused. Forensic tools and practices were employed to contain the breach and protect the user community.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In late July or early August 2015, dubizzle's security team identified unauthorized access to a portion of its UAE user database, prompting immediate containment measures. The online classifieds platform notified affected customers via email over the subsequent weekend, instructing them to reset their passwords due to potential account compromise. Company representatives confirmed the breach impacted approximately 1% of their user base, characterizing it as a limited intrusion. As a precautionary measure extending beyond the confirmed compromised accounts, dubizzle proactively reset passwords for all UAE-registered users. General Manager Barry Judge emphasized that the breached database contained neither financial information nor unencrypted credentials, noting payment details were separately stored through encrypted third-party systems inaccessible to dubizzle's infrastructure. The company maintained its platform lacked credit card data storage capabilities entirely. Forensic analysis confirmed attackers obtained some user credentials, though specific intrusion vectors weren't disclosed publicly.
Dubizzle initiated security enhancements immediately following breach detection, deploying upgraded forensic tools and protocols to fortify system defenses. The response team advised users against password reuse across multiple platforms, urging those with identical credentials on other services to change them promptly. While internal investigations continued, the company maintained normal site operations throughout remediation efforts. External context from Kaspersky Lab revealed contemporaneous cybersecurity threats, with their Q2 2015 data showing 26 million unique malicious objects detected globally and 379.9 million attacks blocked during that quarter. Dubizzle's public communications focused on breach containment confirmation and reinforced their security architecture's separation between user credentials and financial data storage systems. No service disruptions or financial fraud incidents stemming directly from the breach were reported in subsequent company statements.