Jawbone Hacked

Jawbone recently acknowledged that its MyTalk service has been hacked, exposing users’ names, e-mail addresses and encrypted passwords.

“MyTalk is Jawbone’s Web-based tool for customizing the company’s Bluetooth devices,” writes Macworld’s Lex Friedman. “You can use the site to, say, install custom voices or toggle advanced settings on a Big Jambox, or install certain apps on earpieces, and such.”

“One customer, Dave Zatz, posted the message he received from Jawbone on Twitter,” writes VentureBeat’s Meghan Kelly. “It reads, in part: ‘Based on our investigation to date, we do not believe there has been any unauthorized use of login information or unauthorized access to information in your account.’ It continues to say that the password has been ‘disabled’ and you can reset the password by visiting the user reset page and completing emailed instructions.”

“What remains a mystery, however, is how many Jawbone customers were impacted and just how Jawbone stored the encrypted passwords,” writes Sophos’ Graham Cluley. “For instance, there’s no indication that the hashed passwords were salted to introduce a random factor that would make them significantly harder to crack.”

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles