Online storage service provider divShare sent out emails today telling all their users that their servers have been compromised by some hacker. Although Financial information is safe, email addresses and basic personal information has been accessed by the hacker. If that basic profile information also includes passwords then most of its users are in trouble. I guess they might be using some encryption like md5 hashing something like that, but do you know md5 hashing can be decrypted.
email text
Dear xxxxxx,
Thanks for being a part of DivShare. Late last night we were alerted of a security breach that allowed a malicious user to access our database, which included user e-mail addresses and other basic profile information. No financial information has been accessed by any unauthorized parties. We have taken extreme measures to secure the site in the last 24 hours and are currently in the process of rolling out new security precautions, which is why many files were unavailable earlier today. We apologize for this inconvenience and for the oversights that allowed this security breach to take place. We take the security of all data and files very seriously and are embarrassed and regretful that an intrusion was allowed to take place on our watch.
Please rest assured that no financial information whatsoever has been compromised. While we are not aware of what data has actually been accessed or copied, the database included user e-mail addresses and other data you may have saved to your profile, such as your first name. We are not aware of any files being accessed without permission, but we recommend that you change your account password and the passwords on any private folders as a security precaution.
We can’t apologize enough for allowing this breach to take place. We know how important security is for all our members and their files, and we are taking every precaution available to ensure that this doesn’t happen again. We ask for your patience as we roll out new security upgrades in the coming days, and we pledge to keep your files and user information under the tightest security possible from here on out.
Please don’t hesitate to contact us at support@divshare.com with any questions or concerns. Yours,
The DivShare Team
www.divshare.com
These are the real world problems if you are relying on a third party network to save your data or personal information. Always remember to not to use the same passwords you use for your private email ids, bank accounts in any third party services.
If you are a divShare user change your password and remove any sensitive files you have on your account. I am looking a way to delete my account altogether from divshare.
[…] courage to communicate and admit the security breach at the first place, speak for a great deal of professionalism, since the short term negative impact […]