UK-based IP Telephony service VoIPtalk warned customers of a potential data breach over the weekend. The firm has implemented tighter security controls and advised customers to change their passwords in response to the suspected hacker incident, which is still under investigation. Mark James, Security Specialist at ESET commented below.
Mark James, Security Specialist at ESET:
“It’s always difficult in these situations to determine if a company has done enough, and when we say enough are we talking about enough for the end user protection or enough to damage the blow of a data breach?
The usual advice of changing passwords should also be backed up by the advice of changing any other site passwords that you may have shared with this site. I know we always say never reuse the same password on other sites but it happens so often especially from older reused passwords, so you should consider this. In the case of a data breach it is customary to offer some kind of identity theft cover for a number of future years to protect against future abuse of the stolen details if they do indeed admit to losing your data. And of course it would be nice to see a report on what and how the attack happened along with the admitted changes and new procedures in place. Data breaches are an all too common occurrence these days that sadly you can do nothing about. Your only options are whether you stay with the breached company and what precautions you take moving forward.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.