Sunday, November 19, 2017
Home / Security / Breaches / ComiXology Database Breached

ComiXology Database Breached

ComiXology (Comixology.com) was breached sometime today ComiXology announced via Twitter (Tweet can be viewed below).  The breach first came to the public’s attention after Bleeding Cool received copies of email notifications sent to both users and merchants. Apparently , hackers have accessed a database that contains customer data, which includes hashed passwords.

“In the course of a recent review and upgrade of our security infrastructure, we determined that an unauthorized individual accessed a database of ours that contained usernames, email addresses, and cryptographically protected passwords,” the emails states.

They did make it clear that payment details are not stored within the company’s servers therefore it it was not affected.

It’s unclear what alogrythim was used to hash the passwords, but users and retailers are required to change them as a precaution. ComiXology states they have increased its security methods and systems to prevent future occurrences.

As far as retailers are involved, they’re also encouraged to change their SMTP passwords and send their SMTP credentials to ComiXology should they need to email their users over the company’s service.

The site is backup and they have a warning in the header of their home page stating “We’ve updated our security and all passwords must be changed.” Which can be done via this link: https://www.comixology.com/forgot

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …