A couple of days ago we’ve learned how the file hosting and online storage site FileDen was breached by a hacker called xdev@b4lc4nh4ck who managed to leak 4,500 customer account details. The website is currently down for maintenance and its administrators are working on securing user data.
After learning of the hacking operation, we contacted FileDen to see if they’re aware of the breach and to find out if they’re doing anything to secure their customers' assets.
A Security Operations team member responded to our inquiry and revealed that a hacker got past their security protocol and gained access to usernames, passwords and email addresses right as they were preparing to migrate their clients’ files to a more secure platform.
“Once the possible security breach was discovered we took immediate action to protect our users data. At no time did the hacker have access to credit card or other financial data, nor is that data stored on our site,” FileDen’s Jason said.
Currently, they’re in the process of notifying users of the security breach advising them to take immediate measures to protect their accounts.
FileDEN customers are recommended to reset their accounts with a strong password, preferably a combination of characters, numbers and symbols, both in lower and uppercase.
Judging by the leaked data, the hackers obtained only the MD5 hashes of the passwords, but these hashes are really easy to decrypt, especially if the passwords that hide behind them are something like “123456”.
“It is an unfortunate reality that in the world in which we live there are those who seek to harm, therefore we want our users to know we are committed to the security and integrity of their data and we will be in touch with them constantly as new information becomes available,” Jason concludes.