Vimeo confirms data loss in Anodot breach – Computing UK

Another victim falls to ShinyHunters A data breach at software maker Anodot earlier this month is still racking up victims, with video platform Vimeo the latest to confirm unauthorised access to customer information. Hackers, reported to be ShinyHunters, breached Anodot in early April and used that access to steal data from its various customers, which included Rockstar Games and Snowflake. ShinyHunters was able to breach Anodot by stealing authentication tokens and using them to access customer environments and exfiltrate data, which it has now started offering for sale. Vimeo is a video hosting and streaming platform similar to YouTube. It has more than 300 million registered users, about 1,100 employees and an annual revenue of $417 million. The company uses Anodot as a third-party analytics platform. It says an unauthorised actor – almost certainly ShinyHunters, which recently added Vimeo to its dark web extortion portal – accessed “certain Vimeo user and customer data” as a result of the breach. Those were primarily databases containing technical data, video titles and metadata, as well as “some” customer email addresses. They did not access video content, user login credentials or payment card information. As well as threatening to leak the data, ShinyHunters somewhat
Read More