Kentucky Fried Chicken has announced that its website has been hacked, exposing multiple accounts. The hackers who broke into the coup were not after the finger licking good chicken, but rather the reward accounts that allow customers to collect Chicken Stamps and earn their way to free food rewards. Robert Capps, VP of Business Development at NuData Security commented below.
Robert Capps, VP of Business Development at NuData Security:
“This is precisely the type of hack that consumers may not take seriously due to the fact that it seems unlikely to impact users in any meaningful way. What’s important to remember, however, is that hackers are often after more data than your username and password and simply changing these may not protect you down the road. Poor password security on behalf of users, specifically reuse of passwords across multiple sites, can give hackers a toe-hold into other, unrelated accounts. It’s important to use different passwords on different sites to reduce this risk and use strong passwords. A good password manager like Last Pass, 1Password, Dashlane, or KeePass can help manage passwords while online or offline.”
“The onus should not all be on consumers as merchants should make every effort to protect consumer data as well. Merchants can also adopt passive biometric technologies that identify users instead of outdated single-point verification methods. User behavior can accurately identify users, even when correct credentials are offered. If more merchants would adopt such methods for all their account based programs, it wouldn’t matter if hackers got their hands on your credentials or other identifying information, they simply wouldn’t be able to get in the door because they don’t behave like the genuine user.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.