Social-planning website Evite has revealed a security incident that potentially involved unauthorized access to its systems.
Evite first became aware of the security incident back in April 2019. It responded by retaining a data forensics firm to launch a thorough investigation into the event. This effort uncovered malicious activity that had been present on its systems since 22 February 2019.
On 14 May 2019, the investigation determined that an unauthorized party had acquired access to an inactive data storage file. This resource potentially contained users’ account information including their names, email addresses and passwords as well as personal data like birth dates and phone numbers which they might have provided. That being said, the file did not contain any user information more recent than 2013. It also didn’t store more sensitive details like Social Security Numbers.
Evite clarified in a web statement that its investigation into what happened remains ongoing:
Once we became aware of the incident, we quickly took steps to determine the nature and scope of the issue. We are working with a leading data security firm to assist in our investigation and remediation. We have also notified and are coordinating with law enforcement authorities.
While it works to make security enhancements to its systems, the social-planning website said that it would be providing users with information on how to protect themselves. It specifically mentioned that it would be requiring users to change their passwords. Towards that end, this resource provides several valuable tips through which users can create a strong combination for each of their web accounts.
Just in case unauthorized individuals did gain access to their personal information, Evite users should also consider protecting themselves against identity theft. They can begin this effort by activating two-step verification on any and all of their web accounts that (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/evite-security-incident/