Jump to content


Welcome to DBSTalk


Sign In 

Create Account
Welcome to DBSTalk. Our community covers all aspects of video delivery solutions including: Direct Broadcast Satellite (DBS), Cable Television, and Internet Protocol Television (IPTV). We also have forums to discuss popular television programs, home theater equipment, and internet streaming service providers. Members of our community include experts who can help you solve technical problems, industry professionals, company representatives, and novices who are here to learn.

Like most online communities you must register to view or post in our community. Sign-up is a free and simple process that requires minimal information. Be a part of our community by signing in or creating an account. The Digital Bit Stream starts here!
  • Reply to existing topics or start a discussion of your own
  • Subscribe to topics and forums and get email updates
  • Send private personal messages (PM) to other forum members
  • Customize your profile page and make new friends
 
Guest Message by DevFuse

Photo

VUDU Corporate HQ Break-In


  • Please log in to reply
4 replies to this topic

#1 ONLINE   Blurayfan

Blurayfan

    Hall Of Fame

  • DBSTalk Club
  • 1,749 posts
  • LocationIllinois
Joined: Nov 16, 2005

Posted 09 April 2013 - 05:32 PM

We want to let you know that there was a break-in at the VUDU offices on March 24, 2013, and a number of items were stolen, including hard drives.

Our investigation thus far indicates that these hard drives contained customer information, including names, email addresses, postal addresses, phone numbers, account activity, dates of birth and the last four digits of some credit card numbers. It's important to note that the drives did NOT contain full credit card numbers, as we do not store that information. Additionally, please note if you have never set a password on the VUDU site and have only logged in through another site, your password was not on the hard drives.

While the stolen hard drives included VUDU account passwords, those passwords were encrypted. We believe it would be difficult to break the password encryption, but we can't rule out that possibility given the circumstances of this theft. So we think it's best to be proactive and ask that you be proactive as well.

SECURITY PRECAUTIONS:

If you had a password set on the VUDU site, we have taken the precaution of expiring and resetting that password. To create a new password, go to www.vudu.com. Click the "Sign In" button at the top of the page. Enter your current username and current password when prompted, then follow the instructions to reset your password securely. Also, if you use your expired VUDU password on any other sites, we strongly recommend that you change it on those sites as well.

As always, remember that VUDU will never ask you for personal or account information in an e-mail. Please use caution if you receive any emails or phone calls from anyone asking for personal information or directing you to a web site where you are asked to provide personal information.

As an added precaution, we are arranging to have AllClear ID protect your identity for one year at no cost to you. We have FAQs on our web site (vudu.com/passwordreset) to answer questions on the incident and to more fully describe how to use the AllClear ID service. We have reported this incident to law enforcement and are cooperating fully with their investigation. We want you to know that we take this matter very seriously, and we apologize for any inconvenience this may have caused you.

Thank you,

Prasanna Ganesan
Chief Technology Officer, VUDU


...Ads Help To Support This SIte...

#2 OFFLINE   P Smith

P Smith

    Mr. FixAnything

  • Registered
  • 20,044 posts
  • LocationMediterranean Sea
Joined: Jul 25, 2002

Posted 09 April 2013 - 05:38 PM

Umm, they moved to new place, where Arrow company been before ... Cheap on security, duh !

#3 OFFLINE   Mark Holtz

Mark Holtz

    Day Sleeper

  • DBSTalk Club
  • 9,926 posts
  • LocationSacramento, CA
Joined: Mar 23, 2002

Posted 10 April 2013 - 12:44 AM

OK, who flunked physical security on the system administrators exam?
"In many ways, this opera does fulfil my often quoted description of what most operas is about. The tenor is trying to sleep with the soprano, and the baritone is trying to stop them." - Sean Bianco, KXPR At The Opera
Check out my list of links.

#4 OFFLINE   dpeters11

dpeters11

    Hall Of Fame

  • DBSTalk Club
  • 13,481 posts
  • LocationCincinnati
Joined: May 30, 2007

Posted 10 April 2013 - 05:02 AM

Exactly. The only drives that should have that info are server drives, which should be in a secure server room at a minimum. I'm surprised they were on site at all.

They should be encrypted and salted. But it also shows that everyone really should use a different password for every site at a minimum.

#5 OFFLINE   Christopher Gould

Christopher Gould

    Icon

  • Registered
  • 827 posts
Joined: Jan 14, 2007

Posted 10 April 2013 - 06:42 AM

Owed by Walmart. Have to do everything on the cheap side.




Protected By... spam firewall...And...