Breach May Have Exposed Millions of Client Accounts

Monday, January 24, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

Smartphone application developer Trapster.com has issued a warning to customers that hackers have compromised a database of email addresses and passwords.

Trapster.com, which developed a smartphone application to help users avoid speed traps, has not confirmed if the data was accessed in a recent hacking attempt, but warns customers to err on the side of caution by asking users to change their login credentials.

The following issues the following message with a link to a page with more information:

Dear Trapster User:

The Trapster team has recently learned that our website has been the target of a hacking attempt, and it is possible that your email address and password were compromised.  We have taken, and continue to take, preventative measures to avoid future incidents but we are recommending that you change your Trapster password.  As always, Trapster recommends that you use distinctive passwords for each site you visit, but if you use the same password on Trapster that you use on other services, we recommend that you change your password on those services as well.
 
For information on how to reset your password or improve the security of your passwords for your Internet usage, please click FAQs.

Sincerely,

The Trapster Team

Trapster.com recommends customers follow good authentication protocol by using unique passwords for every website account, that the passwords be at least eight characters long, and contain numbers as well as both upper and lower case letters.

NGS Secure's technical director Paul Vlissidis told SC magazine:

“Website owners should declare if they store your passwords using strong hashing. This is a simple process and not any more expensive to implement, however unfortunately websites not using this method of cryptography is something we see all too often and this can only be down to developers' laziness or ignorance. In the case of Trapster, it would appear that they didn't encrypt or hash so the hackers got the crown frakels."

Trapster.com is in the process of notifying individual account holders of the breach.

Source:  http://www.scmagazineuk.com/passwords-of-up-to-ten-million-smartphone-users-may-be-exposed-after-app-developers-hacked/article/194690/

Possibly Related Articles:
8005
Breaches
Email Passwords Databases Smart Phone Headlines hackers breach Trapster
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.