ComiXology Hacked, Sends Out E-Mail Warnings Requiring Password Changes

unnamed

On the eve of their prominent appearance at SXSW, popular digital comics distributor and publisher, ComiXology, has sent out a number of e-mails regarding loss of information after a hacking incident.

The following letter went out to readers,

Dear Comics Reader,

In the course of a recent review and upgrade of our security infrastructure, we determined that an unauthorized individual accessed a database of ours that contained usernames, email addresses, and cryptographically protected passwords.

Payment account information is not stored on our servers.

Even though we store our passwords in protected form, as a precautionary measure we are requiring all users to change their passwords on the comiXology platform and recommend that you promptly change your password on any other website where you use the same or a similar password. You can reset your comiXology.com password here.

We have taken additional steps to strengthen our security procedures and systems, and we will continue to implement improvements on an ongoing basis.

Please note that we will never ask you for personal or account information in an e-mail, so exercise caution if you receive emails that ask for personal information or direct you to a site where you are asked to provide personal information.

We apologize for the inconvenience. If you have any questions, please contact us by sending an email to support@comixology.com

Sincerely,

ComiXology

While comic book retailers who host ComiXology portals on their own site received the following half an hour before,

Dear Comics Retailer,

In the course of a recent review and upgrade of our security infrastructure, we determined that an unauthorized individual accessed a database of ours that contained usernames, email addresses, and cryptographically protected passwords.

Even though we store our passwords in protected form, as a precautionary measure we are requiring all users to change their passwords on the comiXology platform and recommend that you promptly change your password on any other website where you use the same or a similar password. You can reset your comiXology.com password here.

We also encourage you to change your SMTP password and will need your SMTP credentials again if you wish to continue emailing your users through our service.

We have taken additional steps to strengthen our security procedures and systems, and we will continue to implement improvements on an ongoing basis.

Please note that we will never ask you for personal or account information in an e-mail, so exercise caution if you receive emails that ask for personal information or direct you to a site where you are asked to provide personal information.

We apologize for the inconvenience. If you have any questions, please contact us by sending an email to support@comixology.com

Sincerely,

ComiXology

As the map above shows, that’s a lot of affected people… and from the lag time on the site, it could be a while getting through people resetting their password here – and anywhere else they may have used that password.

cxology