LifeLock’s Customer emails made Vulnerable

Per Krebs, “Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers”.

Here’s what we know so far:

  • LifeLock, an identity protection company, has put millions of customer emails at risk for phishing and identity theft attacks, thanks to a bug on its website.

 

  • The bug enabled customer email addresses to be harvested by simply changing one number in the URL of a web page used by customers to unsubscribe from LifeLock communications.

 

  • It’s important to note that this is not a breach, but it is a vulnerability to pay attention to, since ID thieves can use email addresses to steal other personal info.

How to protect your info:

Here are some tips to help you protect yourself:

 

  • Be skeptical of email communications urging you to take immediate action or claiming that they are privacy policy updates.

 

  • Do not click on any suspicious-looking links in those messages and instead forward any suspicious email to the company itself. Call the company directly to confirm whether any such messaging is actually from them.

 

  • Do not enter any personal info or credentials via links in emails. If you need to make updates, go directly to the company’s website to do so.

 

  • Check your credit report regularly to keep an eye on any unauthorized activity.

 

  • Consider locking your credit file to help prevent potentially fraudulent access.

 

Reference:

LifeLock Bug Exposed Millions of Customer Email Addresses – https://krebsonsecurity.com/tag/lifelock/

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.