ComiXology realizes it was hacked, requires password reset for all users

Digital comic service says usernames, e-mails and passwords were stolen.

Digital comic book junkies will need to reset their ComiXology passwords following a security breach.

In an e-mail to users, ComiXology says it discovered the breach during "a recent review and upgrade of our security infrastructure," but doesn't disclose exactly when the hack occurred. Although the attacker made off with usernames, e-mail addresses, and encrypted passwords, payment information is apparently safe because it is not stored on ComiXology servers.

As a precautionary measure, ComiXology is requiring all users to reset their passwords, and suggests changing passwords on any site where the same password is used. Encrypted passwords aren't immediately visible to a hacker, but they can be cracked with enough effort, and weaker passwords are particularly susceptible.

ComiXology has also warned against potential phishing attacks, reminding users that it will never ask for personal information or passwords via e-mail.

In other words, it's all standard operating procedure for a company that's been hacked, right down to the obligatory "We apologize for the inconvenience."

A recent New York Times story noted that security tends to be far down the list for tech startups compared to acquiring users, adding features and raising money. Companies instead tend to tackle security after the fact, as we've seen with beaches at SnapChatKickstarter and Tinder. While ComiXology says it was in the process of upgrading its security infrastructure when it discovered the breach, even that effort was apparently too late.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags hackingintrusionnew york timescomics

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jared Newman

Latest Videos

More videos

Blog Posts