Establishing Digital Trust: Don't Sacrifice Security for Convenience
Scribd yesterday announced that its operations team had "discovered and blocked suspicious activity" on its network that appeared to have been aimed at accessing registered users' e-mail addresses and passwords (h/t The Hacker News).
"Because of the way Scribd securely stores passwords, we believe that the passwords of less than 1 percent of our users were potentially compromised by this attack," the company stated. "We have now emailed every user whose password was potentially compromised with details of the situation and instructions for resetting their password."
The company says only user names, e-mail addresses and encrypted passwords were accessed -- no other data was compromised.
Users who want to check if their account information may have been accessed are advised to visit the following link: http://www.scribd.com/password/check.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"Following this incident, we have implemented numerous additional safeguards," the company noted in its announcement. "Not only have we taken steps to address the specific issues that led to this incident, but we are also conducting a comprehensive security review and are implementing more general measures to proactively enhance security."