LifeLock identity theft service came under severe security flaw again
LifeLock’s identity fraud insurance service experienced a security defect that put clients’ profiles in danger. The occasion forced its parent organization, Symantec, to pull its site down to settle the issue after it was informed by KrebsOnSecurity.
As per Krebs, Atlanta-based security specialist Nathan Reese found the vulnerability through a bulletin email he got from the administration. After clicking “unsubscribe,” a page that plainly demonstrated his subscriber key flew up. That enabled Reese to compose a content that sequences numbers, which could pull keys and their relating email addresses from the administration.
Reese stated:
“If I were a bad guy, I would definitely target [the firm’s] customers with a phishing attack because I know two things about them. That they’re a LifeLock customer and that I have those customers’ email addresses. That’s a pretty sharp spear for my spear phishing right there. Plus, I definitely think the target market of LifeLock is someone who is easily spooked by the specter of cybercrime.”
LifeLock’s site is by all accounts back now, yet it’s hazy if the vulnerability has just been fixed. One thing’s without a doubt, however: the administration has an unpleasant reputation with regards to keeping its clients’ sensitive data private.
In 2014, it needed to pull down its mobile applications in the wake of discovering that they might not have been consistent with payment card security principles. A year before Symantec bought the organization in 2016, the FTC likewise slapped it with a $100 million fine for not doing what’s needed to ensure personal data, including users’ social security, credit card and bank account numbers.
Read: Al is now aiming to predict and make sense of your dreams
Image via identity theft protection
RS News or Research Snipers focuses on technology news with a special focus on mobile technology, tech companies, and the latest trends in the technology industry. RS news has vast experience in covering the latest stories in technology.
