Cyber Incident Victim: Social Blade

Social media analytics provider Social Blade confirmed a data breach in December 2022 after a threat actor advertised stolen user databases for sale on a hacking forum. The company discovered the incident on December 14th when notified about the hacker's attempt to sell the data, with samples posted publicly that Social Blade verified as authentic. Investigation revealed attackers exploited a vulnerability on the company's website to gain unauthorized access to internal databases. Compromised information included user email addresses, password hashes protected by bcrypt encryption, client identifiers, business API access tokens, authorization tokens for connected social media accounts, and various non-personal operational records. The breach did not expose financial information such as credit card details according to company statements. Social Blade initiated customer notifications on the same day confirming the intrusion and detailing the scope of impacted data.

In response to the breach, Social Blade implemented immediate containment measures including credential cycling for all business API tokens and third-party authorization tokens to invalidate stolen credentials. The company advised users to proactively reset passwords despite employing bcrypt hashing for stored credentials, though no system-wide password reset was mandated. Internal forensic analysis found no evidence of threat actors abusing authentication tokens prior to revocation, noting that third-party tokens typically expired within one hour of creation under normal operations. Impact notifications emphasized heightened phishing risks following the incident and recommended vigilance against fraudulent communications impersonating Social Blade. The organization maintained all payment processing systems remained isolated from compromised infrastructure throughout the event.