LifeLok alert for Virharmonic

Paj

Well-known member
Just in. I'll post the inquiry response from Virharmonic when they respond:

Alert Details
Dark Web Monitoring Activity Notification

Does this belong to you?
We detected identity information which may belong to you on the Dark Web, a term used which may also include the deep web or a peer-to-peer file sharing network.
The information found is usually from a “list” that’s being given away, traded or sold. The list could be old, so it’s important to see whether or not the information on it is out of date.
If you recognize information below as belonging to you, change the password associated with the affected website or service immediately. We also recommend setting up 2-factor authentication if available with that website/service. If you see a Social Security Number belonging to you, review credit reports for suspicious activity, watch financial transactions, and make sure LifeLock alert preferences settings are up to date for the account that belongs to you.
DescriptionThe site virharmonic.com has been reported in February 2019 to possibly have suffered a data exposure that could include 8035 emails and passwords
PasswordExposed Online
Email***********@******.***

Paj
8^(
 
A very quick and genuine response from VirHarmonic:

Hello *****,

Thank you for getting in touch with us. The data captcha is google captcha and while I whole heartedly agree that it can be annoying it is also a necessary evil which is an industry standard.
We have informed all our registered users that our website was breached in April 2018. A mass email informing about the breach was sent out. We reacted as soon as we have realised that the website was breached and informed all customers who had an account on our website at the time.

We were and still are genuinely sorry about the breach as sadly one of the modules we used at the time had an unknown vulnerability which resulted in a breach. We do not believe that the passwords were exposed as they are always encrypted (even we can not see what your passwords are in any readable format), but that doesn’t mean that they are uncrackable as everything encrypted can be decrypted with enough effort and resources, so we have at the time of the breach informed all our users about the breach and that they should change their passwords. We sent numerous emails regarding this at the time of the breach.

If you do not wish us to hold your account details any longer, please login to your account and follow the GDPR options in your account for complete removal of your details or upon your request via email I can remove your details from our system manually.

Once more we are very sorry and we have taken numerous actions to further improve our security, but we do understand if you wish to remove your data from our database.


Warm Regards

Alex Hyde
Customer Support
Virharmonic
Virharmonic
support@virharmonic.com



Paj
8^)
 
Back
Top