Technology
Identify theft protection service LifeLock reportedly exposed customer email addresses
Symantec’s identity theft protection service, LifeLock, has reportedly exposed millions of customer email addresses due to a website bug.
LifeLock’s website was taken down briefly after alerted by security journalist and researcher Brian Krebs, who published the flaw on his blog.
The vulnerability allowed anyone with a web browser to collect customer email addresses by changing a number in the URL, which is used to unsubscribe from LifeLock’s communications.
Each sequential number corresponds to a customer record, and changing that number revealed an email address on the webpage.
Krebs was alerted of the flaw by another researcher, Nathan Reese, who was able to create a script which pulled emails from the website. Reese managed to retrieve 70 emails before stopping.
It’s an attractive vulnerability to phishers wanting to target LifeLock customers, who come to the service to protect their personal data.
When Mashable attempted access of the flaw, the vulnerability was no longer working, with the webpage requiring an email to unsubscribe from LifeLock’s communications.
Back in 2015, LifeLock paid $100 million to settle Federal Trade Commission contempt charges after failing to secure consumers’ personal data, and allegedly engaging in deceptive advertising.
LifeLock has more than 4.5 million users, according to a 2017 press release. It was acquired by Symantec in 2016 for $2.3 billion.
Symantec has been contacted for further comment.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
2024: A year of digital organizing from Palestine to X
Should you buy the 2024 Kindle Paperwhite Signature Edition?
Mars is littered with junk. Historians want to save it.
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
Review: Is the $499 Bose Smart Soundbar worth it?
CES 2025 preview: What to expect
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
Polyamorous influencer breakups: What happens when hypervisible relationships end
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
Black Friday Ninja deals: Ninja Slushi in stock, plus the Creami and air fryers on sale
Intel’s 20-year-old AI ethicist, who graduated high school at 11, discusses the future
Yoto Player review: This screen-free speaker keeps kids entertained and engaged
‘A Complete Unknown’ review: Timothée Chalamet infuriates as Bob Dylan
Bluesky can learn from Twitter’s early mistakes
Greatest Cyber Monday streaming deals 2024: Save up to 90% on Hulu, Peacock
HP Omen 17 review: This gaming laptop stays cool under pressure
Greatest post-Cyber Monday deals 2024: Shop Amazon, Greatest Buy, Target, more
Apple Black Friday deals 2024: Amazon has record-low prices
Amazon Black Friday laptop deals: Shop record lows on M3 MacBook Air, Microsoft Surface Laptop 7
2024: A year of digital organizing from Palestine to X
Should you buy the 2024 Kindle Paperwhite Signature Edition?
Mars is littered with junk. Historians want to save it.
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
Review: Is the $499 Bose Smart Soundbar worth it?
CES 2025 preview: What to expect
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
Polyamorous influencer breakups: What happens when hypervisible relationships end
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment6 days agoWordPress.org’s login page demands you pledge loyalty to pineapple pizza
-
Entertainment7 days agoRules for blocking or going no contact after a breakup
-
Entertainment6 days ago‘Mufasa: The Lion King’ review: Can Barry Jenkins break the Disney machine?
-
Entertainment5 days agoOpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment4 days ago‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment5 days agoHow to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment4 days agoPolyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment3 days ago‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
