Skip to main content

Reset those passwords — again: Over 6 million ClixSense users compromised by data breach

Hacker
Image used with permission by copyright holder
ClixSense, a site which pays users to view ads and take surveys, was the victim of a massive data breach compromising around 6.6 million user accounts.

Usually when there’s a data breach of this size, the information stolen contains usernames, passwords, and some other personal information, but due to the nature of ClixSense and the service it provided, home addresses, payment histories, and other banking details have also been compromised.

According to the message posted to PasteBin along with a sample of the stolen data, social security numbers, dates of birth, and some internal emails from ClixSense may also have been compromised.

Ars Technica reported this morning that about 2.2 million people have had their data posted to PasteBin over the weekend, reportedly just a taste of the 6.6 million user accounts that have been stolen.

ClixSense owner Jim Grago told Ars that ClixSense had been hijacked on September 4 but the firm managed to regain control of their DNS over Labor Day weekend. In addition to the user information stolen, it appears that the company’s internal email server was also compromised, including “70,000 emails” according to the post on PasteBin advertising the hack.

The hackers responsible stated in their PasteBin post that they intend to sell the user information they gathered, without disclosing a specific price. PasteBin has since removed the posts and the sample of the compromised user account information.

On September 11, ClixSense acknowledged the hack in a news post on its website, but did not disclose the extent of the data breach, nor the fact that user information had been compromised.

Users were forced to change their passwords shortly after the hack began, but if you’re a ClixSense user it would be a good idea to reset all of your current passwords for other services, and make sure your security questions don’t overlap with any of the information you provided to ClixSense — including your date of birth, address, or other identifying information.

Editors' Recommendations

Jayce Wagner
Former Digital Trends Contributor
A staff writer for the Computing section, Jayce covers a little bit of everything -- hardware, gaming, and occasionally VR.
T-Mobile investigating claims of massive hack involving customer data
T-Mobile storefront with corporate signage.

T-Mobile says it’s investigating claims of a major data breach that may affect as many as 100 million of its customers.

A message spotted on an underground forum on Sunday, August 15, came from someone claiming to be in possession of personal data belonging to 100 million people. The message made no mention of T-Mobile, but when the poster was contacted by news site Motherboard, it became apparent that the mobile company's customers were at the center of the alleged hack. The figure of 100 million would be remarkable as it's almost equal to T-Mobile's entire customer base.

Read more
T-Mobile reveals it ended 2020 with data a breach
The T-Mobile logo on a smartphone.

T-Mobile’s new year is not off to the greatest of starts after the carrier revealed details of a security breach affecting some of its customers.

A message on T-Mobile’s website says that a recently identified security incident may have allowed hackers to steal customer data such as phone numbers, number of lines subscribed to on an account, and call-related information collected as part of the normal operation of its wireless service.

Read more
Time is running out to file a claim in Yahoo data breach settlement
how to file a claim yahoo data breach settlement deadline

If you were affected by the Yahoo data breach between 2012 and 2016, you only have until July 20 to file a claim. 

People affected by the breach could be eligible for free credit monitoring services and/or up to $100.The money is part of a $117.5 million class-action settlement. After deducting for services and expenses from lawyers, that leaves about $85 million to pay out claims. 

Read more