24/07/2018- CNIL- Sanction for Dailymotion: 50 K€

Facts: Violation of encrypted data during an attack by accessing the identifiers of an administrator account stored clearly on the collaborative development platform “Github” and exploitation of a vulnerability in the code of the platform Dailymotion on “Github”: 82.5 million email addresses and 18.3 million passwords concerned.

Obligation of security of the personal data: elementary measures could have avoided the violation: to not store clearly in the source code identifiers related to an administrator account; Set up an IP address filtering system or a VPN (Virtual Private Network) when outsiders can connect remotely to an internal computer network.

Sanction: it would certainly have been higher if the data breach had not been encrypted.

Publication of the decision: to make accountable the responsible and given the huge amount of data involved.