2 min read

Chatbooks security breach. Users told to change their passwords

Graham CLULEY

May 11, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Chatbooks security breach. Users told to change their passwords

Customers of Chatbooks, a photo book-making company that turns users’ Instagram posts into books, have been warned that their data has fallen into the hands of hackers.

In a statement posted on the Chatbooks website, the company’s CEO Nate Quigley described how the firm had learned last week that information related to users had been stolen from its database.

According to an investigation conducted by third-party experts called in by Chatbooks, the security breach is thought to have occurred on March 26 2020.

Although the majority of the data stolen consisted of users’ names, email addresses, salted and hashed passwords, a “small proportion” of affected records also included users’ phone numbers, Facebook IDs, and social media access tokens.

Users are being advised to change their passwords as soon as possible:

“Even though the stolen Chatbooks passwords were not stolen in plain text format, as a precaution we recommend that you change your password at your earliest convenience.”

What’s disappointing, however, is to see no advice given to users to ensure that they are not using the same passwords on any other websites. Past breaches have proven, time and time again, that many people are in the habit of using the same password at different websites, meaning that a password breach at one site could lead to a hacker also gaining access to other online accounts.

For instance, you may not care a great deal if your Chatbooks account password is breached, but you certainly do not want a hacker to be able to use the information to also unlock – for instance – your email account.

Fortunately, payment card information which customers may have used to purchase photo books has not been compromised – for the very simple reason that Chatbooks does not store such details in its database. Furthermore, the company says that it has not seen any evidence that photographs were accessed by the hackers.

ZDNet reported this weekend that a hacking group known as ShinyHunters is claiming to be responsible for the Chatbooks breach and is offering to sell 15 million breached user records for US $3,500 via an underground criminal website.

The same hacking gang claim to have stolen millions of user records from the Zoosk dating app, the Home Chef food delivery service, the online art and design marketplace Minted, and others.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read