LivingSocial revealed last week that it was the victim of a cyber attack that compromised the account details of its 50 million customers. To address the situation, LivingSocial sent a notice to customers, and reset users’ passwords to force people to create new ones.
Don’t make the mistake of believing that changing your password is your only concern.
According to LivingSocial, the unauthorized access of its customer data servers yielded the names, email addresses, birth dates, and encrypted passwords of 50 million customers, but the company stresses that customer credit card details were not compromised because that information is stored on a separate server that the attackers did not access.
There is supposedly no immediate concern because the passwords are encrypted. LivingSocial explained that the passwords are hashed with SHA1 encryption. Unfortunately, the definition of “immediate” may not be much consolation. When Evernote experienced a similar attack, security expert Brian Krebs pointed out that cracking standard hashing algorithms is trivial for attackers, and it probably won’t slow them down for long.
To read this article in full or to leave a comment, please click here
No comments:
Post a Comment