Windows 10 News and info | Forum
July 20, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Bodybuilding.com Security Breach, All Customer Passwords Reset  (Read 49 times)
javajolt
Administrator
Hero Member
*****
Offline Offline

Gender: Male
United States United States

Posts: 30238


I Do Windows


WWW Email
« on: April 23, 2019, 02:24:37 PM »
ReplyReply

Bodybuilding.com fitness and bodybuilding fan website notified its customers of a security breach detected during February 2019 which was the direct result of a phishing email received back in July 2018.

As detailed in the data incident notification published on the company's help center, the security breach might "have affected certain customer information in our possession" and, as concluded after investigating the incident with the help of "external forensic consultants that specialize in cyber-attacks," Bodybuilding.com says that it "could not rule out that personal information may have been accessed."

The company also stated that there were no full debit or credit card numbers impacted in the security breach because it only stores only the last four digits and only for customers who opted to have their cards stored with their account information.

As precautionary measures, all Bodybuilding.com users will also have their passwords reset the next time they try to log in:

Quote
We have engaged with law enforcement and are working with leading security experts to address any vulnerabilities and remediate the incident.
We continue to monitor our systems for unauthorized access, have introduced additional security measures, and will be resetting Bodybuilding.com customers’ passwords on their next log-in.

While there is no conclusive evidence that customers' personal information has been accessed by the attackers in the security breach, in the eventuality that it did happen a potential data breach would include customers' "name, email address, billing/shipping addresses, phone number, order history, any communications with Bodybuilding.com, birthdate, and any information included in your BodySpace profile."

In addition, Bodybuilding.com's notification states that no social security numbers were accessed or misused in the security breach and that the company will be "notifying all current and former customers and users about the incident out of an abundance of caution to explain the circumstances as we understand them."

The alert also warns customers that breach notification emails designed to look like coming from Bodybuilding.com might be used in phishing attack campaigns following the disclosure of the security breach.

Quote
If the email you received about this issue prompts you to click on a link, suggests you download an attachment, or asks you for information, the email was not sent by Bodybuilding.com and may be an attempt to steal your personal data. Avoid clicking on links or downloading attachments from such suspicious emails. Any link included in our email to users directs users to insert the Bodybuilding.com FAQs URL into your browser and does not request your personal data.

Customers who receive Bodybuilding.com's security breach notification email are also advised to change their passwords and to check their accounts for suspicious activity to make sure that the attackers haven't accessed their personal information in any way.

Bodybuilding.com has also set up a call center designed to answer customer questions related to this security incident, which can be reached at "at 1-844-386-9553 between 8:00 AM – 10:00 PM CT, Monday through Friday, or 10:00 AM – 7:00 PM CT, Saturday and Sunday."

Bodybuilding.com is the world's largest fitness website, with a community of over 1,000,000 BodySpace members and more than 17,000,000 forum members, as well as over 32,000,000 orders shipped all over the world since its online shop was opened for business.

source
« Last Edit: April 23, 2019, 02:36:58 PM by javajolt » Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page July 07, 2019, 02:07:36 PM