Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Office Break-in Prompts Vudu to Warn Customers

Vudu, a subscription-based digital entertainment service, says that crooks walked off with a number of items, including hard drives when they broke into their offices last month. The company says the delay in notification was due to a request form law enforcement investigating the break-in.

Vudu, a subscription-based digital entertainment service, says that crooks walked off with a number of items, including hard drives when they broke into their offices last month. The company says the delay in notification was due to a request form law enforcement investigating the break-in.

The company stresses that their corporate website wasn’t hacked, but that thieves broke into their offices on March 24, 2013. The next day, when the break-in was discovered, an inventory discovered a number of missing items, including hard drives containing account information.

Vudu says that the drives themselves contained names, email addresses, postal addresses, phone numbers, account activity, dates of birth and the last four digits of some credit card numbers. Complete credit card details are not maintained by the company, but they are playing it safe with regards to the other data and have reset everyone’s password.

“While the stolen hard drives included VUDU account passwords, those passwords were encrypted. We believe it would be difficult to break the password encryption, but we can’t rule out that possibility given the circumstances of this theft. Therefore, we have reset all customer passwords,” Vudu said in a statement.

“It is possible that you could get spam email, emails asking for personal information, or emails asking you to click on links to other websites. As always, you should never provide personal or account information in response to a call or email claiming to be VUDU (or anyone else) and you should avoid clicking on links in emails you were not expecting.”

In addition to the warnings, password resets, and strengthened password requirements, customers will be notified of the breach by email, and given additional instructions as to how they can enroll in a free credit monitoring service.

Not everyone qualifies for this, only those with passwords on the service will be eligible. 

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...