UK-BASED MUSIC STREAMING SERVICE Mixcloud has fessed up to a data breach that saw 20 million user accounts exposed.
The hack, which came to light over the weekend, took place in November, TechCrunch reports, with the leaked data now being flogged on the dark web.
The up-for-grabs data includes usernames, email addresses, and passwords, though these have been with the SHA-2 algorithm, which makes it near impossible for them to be reverted back to cleartext form. The exposed information contains account sign-up dates, last-login date, IP addresses and links to profile photos.
The data, which has been verified by TechCrunch, is currently being listed for sale for $4,000 (£3,090) or about 0.5 Bitcoin, if you're really struggling for Christmas present ideas this year.
Mixcloud fessed up to the data breach on Saturday, saying in a blog post: "We received credible reports this evening that hackers sought and gained unauthorized access to some of our systems.
"Our understanding at this time is that the incident involves email addresses, IP addresses and securely encrypted passwords for a minority of Mixcloud users. The majority of Mixcloud users signed up via Facebook authentication, in which cases we do not store passwords."
The firm says that users can breathe a sigh of relief as it doesn't full credit card numbers or mailing addresses, but it's advising that users change their passwords.
"Whilst we have no reason to believe that any passwords have been compromised, you may want to change yours, especially if you have been using the same one across multiple services.
"We are actively investigating the incident. We apologize to those affected and are sorry that this has happened. We understand this is frustrating and upsetting to hear, and we take the trust you put in us very seriously." µ
Firm's first high-end speaker gets the thumbs up from us
Yes. Yes you can
A fantastic ultraportable that's almost devoid of innovation
Screen if you want to go faster