Huge Data Breach: Promo Marketing Video Maker

Huge Data Breach: Promo Marketing Video Maker

Promo : Marketing Video Maker website suffered from a huge data breach. Account of more than 14 Million users got leaked in this massive data breach. Promo Video maker’s database breached on 22 June 2020 and the team got to know about this vulnerability that allowed this massive breach on July 21, 2020.

What data leaked in Promo Breach?

There are around 14,610,585 accounts leaked in this data breach on Promo database. It includes the following data that got leaked in Promo Data Breach:

  1. Email addresses: The breached database contains the email addresses of the users of this platform.
  2. IP Addresses: The breached database contains the IP addresses of the users of the Promo video maker platform.
  3. Gender: The breached database contains the gender of the users of the Promo video maker.
  4. Name: The breached database also contains the name of the users of the Promo video maker.
  5. Passwords: The breached database also contains the passwords of the users of Promo video maker, but these passwords are not in plain text but as salted SHA-256 password hashes.

Source of information: HIBP

How the company reacted to this data breach?

On July 21, 2020, Promo video maker’s team became aware that a data security vulnerability on a 3rd party service had caused a breach affecting certain non-finance related Slidely and Promo user data.

They have taken this data breach very seriously and did the following things:

  • They send alerts about this breach to every user and explained to them what to do from their end.
  • They have fixed the vulnerability and removed the third party that caused this vulnerability.
  • They’ve hired a cybersecurity firm to keep everything secured and improve their overall security.

Source: Promo Support Article

What you should do in any data breach?

After you get to know about any data breach that happened and you were part of that platform, do the following things:

  1. Change the passwords: Do not only change the password of that particular platform but also do change passwords for all the accounts where you used that same password. You can change your password for Promo from here.
  2. Implement 2FA: 2 out of 3 websites these days offer two-factor authentication, why don’t you use that. I would recommend you to use the 2FA wherever possible.
  3. Do not use the same password everywhere: Never use the same password on every website or service you use, because if one of your accounts gets breached it won’t affect your other accounts.
  4. Use a password manager: There are many password managers available in the market that you can use like LastPass, Dashlane, etc. If you’re a privacy concerned person, go for Bitwarden(open-source).

Reference:

Leave a Reply

Your email address will not be published. Required fields are marked *