Technology
Identify theft protection service LifeLock reportedly exposed customer email addresses
Symantec’s identity theft protection service, LifeLock, has reportedly exposed millions of customer email addresses due to a website bug.
LifeLock’s website was taken down briefly after alerted by security journalist and researcher Brian Krebs, who published the flaw on his blog.
The vulnerability allowed anyone with a web browser to collect customer email addresses by changing a number in the URL, which is used to unsubscribe from LifeLock’s communications.
Each sequential number corresponds to a customer record, and changing that number revealed an email address on the webpage.
Krebs was alerted of the flaw by another researcher, Nathan Reese, who was able to create a script which pulled emails from the website. Reese managed to retrieve 70 emails before stopping.
It’s an attractive vulnerability to phishers wanting to target LifeLock customers, who come to the service to protect their personal data.
When Mashable attempted access of the flaw, the vulnerability was no longer working, with the webpage requiring an email to unsubscribe from LifeLock’s communications.
Back in 2015, LifeLock paid $100 million to settle Federal Trade Commission contempt charges after failing to secure consumers’ personal data, and allegedly engaging in deceptive advertising.
LifeLock has more than 4.5 million users, according to a 2017 press release. It was acquired by Symantec in 2016 for $2.3 billion.
Symantec has been contacted for further comment.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
10 Sundance films you should know about now
What drives John Cena? The ‘What Drives You’ host speaks out
‘The Brutalist’ AI backlash, explained
OnePlus 13 review: A great option if you’re sick of the usual flagships
‘Night Call’ review: A bad day on the job makes for a superb action movie
How ‘Grand Theft Hamlet’ evolved from lockdown escape to Shakespearean success
If TikTok is banned in the U.S., this is what it will look like for everyone else
‘One of Them Days’ review: Keke Palmer and SZA are friendship goals
‘Back in Action’ review: Cameron Diaz and Jamie Foxx team up for Gen X action-comedy
‘September 5’ review: a blinkered, noncommittal thriller about an Olympic hostage crisis
What’s new to streaming this week? (Dec. 27, 2024)
2025’s public domain works and how you can use them, from Popeye to ‘The Sound and the Fury’
The greatest ’90s films on Prime Video
How to watch ‘Wicked’ at home: Release date, streaming deals, and more
CES 2025 highlights: 12 new gadgets you can buy already
‘American Primeval’ review: Can Netflix’s grimy Western mini-series greatest ‘Yellowstone’?
Tesla launched the new Model Y in China. Here’s what you need to know
Eight ways Mark Zuckerberg changed Meta ahead of Trump’s inauguration
Meta ditches fact-checking for community notes ahead of second Trump term
Space calendar 2025: Here are the moments you won’t want to miss
10 Sundance films you should know about now
What drives John Cena? The ‘What Drives You’ host speaks out
‘The Brutalist’ AI backlash, explained
OnePlus 13 review: A great option if you’re sick of the usual flagships
‘Night Call’ review: A bad day on the job makes for a superb action movie
How ‘Grand Theft Hamlet’ evolved from lockdown escape to Shakespearean success
If TikTok is banned in the U.S., this is what it will look like for everyone else
‘One of Them Days’ review: Keke Palmer and SZA are friendship goals
‘Back in Action’ review: Cameron Diaz and Jamie Foxx team up for Gen X action-comedy
‘September 5’ review: a blinkered, noncommittal thriller about an Olympic hostage crisis
-
Entertainment7 days agoWhat’s new to streaming this week? (Jan. 17, 2025)
-
Entertainment6 days agoExplainer: Age-verification bills for porn and social media
-
Entertainment6 days agoIf TikTok is banned in the U.S., this is what it will look like for everyone else
-
Entertainment5 days ago‘Night Call’ review: A bad day on the job makes for a superb action movie
-
Entertainment5 days agoHow ‘Grand Theft Hamlet’ evolved from lockdown escape to Shakespearean success
-
Entertainment6 days ago‘September 5’ review: a blinkered, noncommittal thriller about an Olympic hostage crisis
-
Entertainment6 days ago‘Back in Action’ review: Cameron Diaz and Jamie Foxx team up for Gen X action-comedy
-
Entertainment6 days ago‘One of Them Days’ review: Keke Palmer and SZA are friendship goals
