cyber Breach

Social Blade LLC

May 11, 2023 1 min read
Social Blade LLC

Social Blade, a popular data analytics tool suffered a data breach incident in December 2022.

The hackers were selling the personally identifying information, including email and internet protocol (IP) addresses, hashes used to conceal passwords, client IDs, and authentication tokens for connected accounts on a dark web forum.

The individual apparently made use of a vulnerability on their website to gain access to the database.

The company immediately worked to investigate the incident and notified the affected individuals.

Source: https://cybernews.com/news/social-blade-admits-being-hacked/

TPRM report: https://scoringcyber.rankiteo.com/company/socialblade

"id": "soc2225161222",
"linkid": "socialblade",
"type": "Breach",
"date": "12/2022",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Data Analytics',
                        'name': 'Social Blade',
                        'type': 'Company'}],
 'attack_vector': 'Website Vulnerability',
 'data_breach': {'data_encryption': 'Hashed passwords',
                 'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['email addresses',
                                              'IP addresses',
                                              'hashes used to conceal '
                                              'passwords',
                                              'client IDs',
                                              'authentication tokens']},
 'date_detected': 'December 2022',
 'description': 'Social Blade, a popular data analytics tool, suffered a data '
                'breach incident in December 2022. The hackers were selling '
                'personally identifying information, including email and '
                'internet protocol (IP) addresses, hashes used to conceal '
                'passwords, client IDs, and authentication tokens for '
                'connected accounts on a dark web forum. The individual '
                'apparently made use of a vulnerability on their website to '
                'gain access to the database. The company immediately worked '
                'to investigate the incident and notified the affected '
                'individuals.',
 'impact': {'data_compromised': ['email addresses',
                                 'IP addresses',
                                 'hashes used to conceal passwords',
                                 'client IDs',
                                 'authentication tokens']},
 'initial_access_broker': {'data_sold_on_dark_web': 'Yes',
                           'entry_point': 'Website Vulnerability'},
 'investigation_status': 'Investigation initiated',
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'Website Vulnerability'},
 'response': {'communication_strategy': 'Notified affected individuals'},
 'title': 'Social Blade Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Website Vulnerability'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.