What Happened
In December 2018, the video messaging app Dubsmash suffered a major data breach affecting approximately 161.5 million user records. The stolen data included email addresses, usernames, hashed passwords, first and last names, geographic locations, phone numbers, and spoken languages. The breach was discovered in early 2019 when the compromised data was listed for sale on dark web marketplaces, bundled with data from other breached companies. The specific method used to access Dubsmash’s infrastructure was not publicly disclosed, and the data subsequently circulated more broadly among cybercriminal communities. Users were advised to change their passwords and monitor their accounts for suspicious activity following the incident.
