Octoly Leaks 12,000 Influencers’ Personal Info In Massive Data Breach
For the latest influencer marketing news, resources, and case studies, subscribe to our weekly newsletter.
How Octoly Leaked Sensitive Personal Information For 12,000 Influencers & What The Data Breach Means For Influencer Marketing
In early January, cyber-security firm UpGuard discovered that the personal data of over 12,000 Octoly users was left exposed in a publicly accessible Amazon Web Services S3 cloud storage bucket. The unsecured files included influencer names, addresses, phone numbers, email addresses, birth dates, usernames, and hashed user passwords.
The data breach has serious implications for influencers and brands alike. Here, we break down the details and ramifications of the Octoly influencer data cloud breach influencers and marketers alike should know:
Octoly’s Data Breach Exposes 12,000+ Influencers
Octoly is a paid influencer marketing platform that provides brands access to the social media influencers registered on its site. Registered influencers can source available campaigns from brands who use Octoly.
Additional leaked items include a list of the 600 brands Octoly has collaborated with and thousands of “Deep Social” data reports, which provide detailed information and analytics based on specific influencers’ profiles.
UpGuard first detected the breach on January 4th, 2018. By February 1st, after multiple notifications from UpGuard, Octoly fully secured all data in the misconfigured files and spreadsheets. Gizmodo broke the story on February 5th, and two days later, Octoly made the decision to notify all users of the breach.
According to Octoly, there are no signs that the leaked data has been exploited in any way so far.
Related Post: The Biggest Influencer Marketing New Stories Of 2017
What Does Octoly's Data Breach Spell For Influencers?
Octoly’s data breach puts thousands of influencers (predominantly women) at risk for cyberstalking and cyberbullying, a growing problem for all internet users. Given their internet fame and large follower bases, social media influencers are particularly susceptible to online harassment as it is.
According to Chris Vickey, Director of Cyber Risk Research at Upguard, the top influencer listed in the unsecured spreadsheet has over 6 million followers.
The leakage of hashed user passwords is also particularly impactful because, if decrypted, these passwords could be used in conjunction with leaked usernames and email addresses to hack a multitude of influencers’ online accounts.
Password reuse is common, meaning the leaked information could give hackers the ability to log into several personal online accounts for each influencer.
How Will Octoly's Breach Impact Brands? Influencers?
There are risks that come along with registering for any online service, but in a young industry like influencer marketing, these risks are often heightened. Most influencer platforms have only been around for a few years, and as such, may not be well-equipped to handle sensitive brand, influencer, and campaign data.
Octoly’s leaked client list provides its competitors and brands’ competitors clear insight into their recent marketing initiatives. Additionally, the leaked Deep Social reports, which provide customized analytics on each of Octoly’s registered influencers, could provide value to client competitors. Prior to the breach, these reports were only available to brands who paid Octoly’s subscription fee.
For influencers, Octoly's data leak is a red-flag reminder to always adhere to online security best practices (e.g. using randomly generated or non-recurring passwords, providing a non-home shipping address).
Also See Our Posts On:
February 15, 2018 By Mediakix Team