More than 4.4 million SurveyLama users had their data compromised following a breach impacting the French-owned survey rewards platform in February, SecurityWeek reports.
Included in the exfiltrated user information were names, birthdates, email addresses, phone numbers, home addresses, and IP addresses, as well as salted SHA-1, bcrypt or argon2 hashed passwords, which could expose individuals to additional compromise if cracked, according to the Have I Been Pwned? data breach notification platform, which already has a copy of the leaked data.
On the other hand, SurveyLama disclosed that it has implemented a universal password reset campaign immediately after being notified regarding the potential data breach. SurveyLama users have been urged to immediately replace their account passwords, as well as credentials for other accounts using the same credentials.
Additional security enhancements have also been adopted by the survey rewards platform although uncertainties regarding the means of data compromise remain.