Are the new certainties in life…
- changing your passwords every 3.92 months because someone or something got hacked?
As frustrating as it is, this almost seems like an inevitability for all e-commerce brands. And it appears that it is now Bonobos’ (Bonobos’s? Bonoboses’s?) turn in the “our data got stolen” pillory, as a database of theirs in the cloud was accessed by an “unauthorized third party”:
The database also includes various data far more interesting to threat actors, such as customers’ addresses, phone numbers, partial credit card numbers (last four digits), order information, password histories.
Meanwhile, Bonobos said in an email to their customers:
Your encrypted password was protected so your actual password was not visible. Payment card information was not affected by this issue… If you get an email or text asking for an account number or password, don’t respond. Bonobos would never ask you to share your personal information in an email or text.
Bonobos is forcing all of their customers to reset their passwords. They also wanted to make it clear that their corporate systems weren’t compromised, but instead it was a backup of their database stored in the cloud.
Keep your guard up. Watch your accounts. Change your passwords.
Big thanks to Reader E.H. for the tip here.