Cyber Incident Victim: Mashable
Date:
Nov 2020
Location:
United States of America
Summary
A hacker leaked a database from Mashable's discontinued social media sign-in feature, exposing user information including names, email addresses, location data, registration dates, IP addresses, social media profile links, expired OAuth tokens, and partial birth details. The company confirmed no financial data or passwords were compromised, disabled affected accounts as a precaution, and initiated an investigation while urging users to scrutinize suspicious emails. The attacker, described as known for targeting digital platforms, publicly posted the stolen data, prompting assurances from the organization about enhanced protective measures.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On November 4, 2020, Mashable learned that a hacker had obtained and published a copy of one of its databases online. The company confirmed the breach publicly on November 8, stating the attacker was known for targeting websites and applications. The compromised database related to an outdated social media sign-in feature previously used to facilitate content sharing, which was no longer active on the platform. Exposed information included users' first and last names, email addresses, geographic locations, genders, registration dates, IP addresses, social media profile links, expired OAuth authentication tokens, and partial birthday information limited to days and months. Mashable emphasized that the database did not contain financial information or payment data, as the company did not collect or store such details from registered users.
Mashable initiated an investigation immediately upon discovering the breach and temporarily disabled access to all affected user accounts as a precautionary measure. The company stated its ongoing forensic review found no evidence that user passwords had been compromised during the incident. Mashable advised users to exercise caution regarding unsolicited emails containing unfamiliar links and to forward suspicious messages to the company for analysis. Users were also instructed to verify email authenticity through alternative channels such as phone verification. While the attacker's identity remained undisclosed, Mashable acknowledged the hacker's notoriety within the cybersecurity community. The company apologized for the incident, reaffirmed its commitment to data protection, and outlined efforts to strengthen security measures to prevent future breaches.