Amazon won't say how many accounts were affected in security lapse

Amazon admits that it leaked some users' email addresses and names. But it's not saying how the information was exposed, how many were affected, or otherwise talking to those affected or to the press. From the sound of things, it'll be a Christmas miracle if anyone finds out.

From TechCrunch:

TechCrunch that the issue exposed names as well as email addresses. “We have fixed the issue and informed customers who may have been impacted.” The company emailed all impacted users to be cautious.

In response to a request for specifics, a spokesperson said the company had “nothing to add beyond our statement.” The company denies there was a data breach of its website of any of its systems, and says it’s fixed the issue, but dismissed our request for more info including the cause, scale and circumstances of the error.

I guess the good news is that those who Amazon is certain of having been affected by their leaky ship have been contacted via email and told the following:

“We’re contacting you to let you know that our website inadvertently disclosed your email address due to a technical error... The issue has been fixed. This is not a result of anything you have done, and there is no need for you to change your password or take any other action.”

What a relief. After all, Who wants to know how or why a snafu that could have a deep impact on their personal finances occurred. Give me a vague explanation of a serious issue, any day. Read the rest

Air Canada hacked, user info stolen. If you're a user, change your password.

I enjoy flying with Air Canada. I did not, however, enjoy the email I received from them this morning warning me they'd been hacked. Read the rest

2015's worst password was 123456

SplashData's report on the most commonly-used passwords finds a number of traditional disastrously bad choices performing well: "123456" comes out on top, followed by "password".

Other popular choices this year were sports, like "football" and "baseball." And "starwars," a newcomer to the list, ranked as the 25th most popular breached password, probably thanks to excitement over the release of the newest movie in the franchise.

Passwords are the banes of our increasingly online lives: Nearly everything we sign up for needs a password, and creating a secure one can be a pain. Even when we come up with a good one, we always need more because reusing passwords can leave us exposed if a service we use gets breached.

Read the rest