A huge slip-up of Cyfrowe.pl. Customer data has been stolen from the photo store

Cyfrowe.pl - one of the oldest and most recognized photo / video stores - reported a leak in the data of its customers.

Just before midnight, customers of the Cyfrowe.pl store received an email in which the company informs about a data leak.

We regret to inform you that as a result of intentional action of third parties there has been unauthorized access to access data to the store of some of our customers - we read.

Unfortunately, the leak from Cyfrowe.pl is serious.

Cyfr.pl - data leakage

Not only e-mails and passwords of users were stolen, but most likely also other data placed in customer profiles, including name, phone number and even delivery address. It is worth emphasizing that the official statement refers to "stolen passwords", which sounds very dangerous. I hope that this is just a communication error and de facto hashes have leaked, not full passwords. However, if the message is true, then store customers have a serious problem if they used the same password in other services.

Cyfrowe.pl also ensures that the leak does not apply to payment related information. According to the company's announcement, third parties did not steal information about payment cards, bank logins or information provided in installment applications. As we read in the statement:

Cyfrowe.pl does not collect this data - they are collected in the databases of the payment operator and the bank.

There is another bad information. The leak may affect all customers.

Cyfrowe.pl does not hide that the matter is serious. The message reads:

There is a risk that this applies to all customers.

How did Cyfrowe.pl react? The first step was to reset customer passwords. The next time you log in, you'll need to go through the password recovery procedure.

In addition, the store proceeded to "re-review the security of the store system and related IT infrastructure." Better late than never.

If you were a customer of Cyfrowe.pl, be sure to review your passwords.

The stolen data includes both login and password. If you used the same data on other websites, you may have a big problem. If you used the same password in several services, you should change them immediately for each service.

Such situations remind us of the importance of password managers such as LastPass, 1Password, or even difficult password generators built into popular browsers, including Chrome and Safari. It is impossible to remember dozens of different passwords, so you should consider switching to a password manager. At the same time, whenever possible, enable double account verification based on codes or a one-time code sent by SMS.

Finally, I must add that I am extremely bitter as I have been a customer of Cyfrowe.pl for many years. I bought lenses, accessories and lighting there. I did not expect that a store with such high recognition, present on the market since 2003, may have such powerful vulnerabilities in the security system.



A huge slip-up of Cyfrowe.pl. Customer data has been stolen from the photo store

Comments

Post a Comment

Popular posts from this blog

What is VoLTE and how can you activate it on your Xiaomi

So you can check the battery status of your Xiaomi smartphone and how many cycles you have performed

How to exit the FASTBOOT mode of your Xiaomi if you have entered accidentally

Does your Xiaomi charge slowly or intermittently? So you can fix it

Problems with Android Auto and your Xiaomi? So you can fix it

If your Xiaomi disconnects only from the WiFi it may be because of that MIUI setting

How to change the font in MIUI and thus further customize your Xiaomi: so you can change the type, color and size of the letters of MIUI

What is the Safe Mode of your Xiaomi, what is it for and how can you activate it

Improve and amplify the volume of your Xiaomi and / or headphones with these simple adjustments

How to activate the second space if your Xiaomi does not have this option