Last updated 1 week ago
In March 2021, the Russian online streaming service KinoKong suffered a data breach that exposed over 800,000 unique email addresses along with names, usernames, IP addresses, and MD5 password hashes. The breached data was later redistributed as part of a larger corpus of data, increasing the risk of credential stuffing attacks and identity theft against affected users. The breach highlights the risks associated with storing password hashes using outdated algorithms like MD5, which are vulnerable to rapid cracking.
Data breach later redistributed as part of a larger corpus of data
Security controls failed in protecting user data and using outdated cryptographic algorithms. Recommendations include implementing stronger password hashing algorithms (e.g., bcrypt, Argon2), regular security audits, monitoring for data leaks, and implementing multi-factor authentication to reduce the impact of credential exposure.
Company
Industry
Location
Disclosed
Records Affected
Attack Vector