• atmur@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    ·
    11 months ago

    Also probably password hashes.

    The company did not make it clear from this statement if hashed passwords were accessed by the attacker.

    I don’t expect good news if they chose not to share that detail.

    • Chozo@kbin.social
      link
      fedilink
      arrow-up
      5
      ·
      11 months ago

      I’m pretty sure they’re required to disclose that, and since they’re already publicly admitting to some breaches, I doubt they’d be trying to hide parts of it while they’re already likely being looked into.

      It sounds like the data that was gathered is the sort of data that a customer support rep should have access to. They typically can only see pertinent details like what is necessary to verify a customer’s identity and their device details, which lines up with what was mentioned in the disclosure. I imagine some CSR probably got their work account phished or something.

      Passwords are probably just fine, from the looks of things.

    • Billy_Gnosis@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      11 months ago

      All that the email I received from them said was that they fixed the problem and there was nothing further I needed to do.