Web based businesses need to protect themselves, and their customers info, from both cyber criminals and the real life variety as well. This is no small task as many find out. One such company, VUDU the online video giant, recently had some data stolen when their physical security protocols were not enough to protect the customer data contained on some hard drives taken by thieves on the 24th of March.
An e-mail sent out by the folks at VUDU assures us that complete credit card numbers were not stored in the drives. The data contained on the drives DID include: names, e-mail & physical addresses, phone numbers, account activity, dates of birth and the last four digits of some credit card numbers.
VUDU also admitted user passwords were among the data stolen but followed by saying they were encrypted as well. No word on the type or strength of encryption used was mentioned, but to be fair that info would be meaningless to most people.
No mention was made on how many people were affected by this security breach. So what has VUDU done about this? First, they are making you reset your password. Next time you log in you should see the password reset prompt & e-mail confirmation shown below.
Secondly, they are footing the costs of identity protection of the affected for a full year. Services to be provided by AllClear ID.
You can find further info at an FAQ they setup here
Now to the point of the article other than to warn anyone who uses VUDU. I preach all the time to not reuse passwords and to have a strong password on any and all e-mail accounts associated with online accounts/businesses.
Why? Because companies will send you password resets via e-mail. So no matter how difficult and complex your banking password may be, all I need to do as a criminal is gain access to your e-mail account to lock you out of your online accounts or worse to use them as my own.
Do you reuse passwords? Do you change your passwords on a regular basis? Can you remember your passwords? Do you use the same login info across multiple sites you wouldn’t want someone other than yourself to have access to? Would you like some help with managing the post-its/notebook your logins/passwords live in?
Let me help you with your passwords before you have a personal cautionary tale.
Liam –
(903) 686 0200