Attackers have launched an ongoing credential stuffing campaign against the online video streaming service Dailymotion, compromising the data of an unspecified number of users in the process.

A property of French media and entertainment company Vivendi SA, Paris-based Dailymotion said in a Jan. 25 press alert that its technical teams "successfully contained" the attack "following the implementation of measures to limit its scope." Potentially impacted users have already been contacted, as has as the CNIL, a French federal agency responsible for overseeing data protection regulations.

In a credential stuffing attack, malicious actors attempt to gain access to online websites or accounts using passwords that were previously stolen from or leaked by unrelated web services. This technique often works because many users tend to register for services with the same credentials over and over.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.