Sky customers told to change password following possible data breach

Sky customers have been told to change their passwords immediately, raising fears that the company may have been hit by a data breach.

The company has sent out emails to customers across the UK urging them to reset their passwords as part of a "security measure".

The email contains a link for users to choose a new passwords as Sky has had to change their existing logins, raising fears that the company has suffered some kind of breach or attack.

'Incident'

"At Sky we take the security of your data and information extremely seriously. To help keep your account safe we have reset the password for your Sky account," the email read.

Several Sky customers took to Twitter to ask Sky if the emails were genuine, or part of a phishing scam, with the firm's official Sky Help Team account replying that they were.

‘To help keep customer’s accounts safe we occasionally reset the password for Sky accounts. Customers can reset their password online at Sky.com,’ a Sky spokesperson said, adding that the company has not been breached.

However the account also told some customers that the reset was linked to "part of the incident that happened last week", possibly referencing a recent attack.

 "We have been informed by the provider of Sky.com email that a number of email accounts have been accessed without permission," its official disclosure on the incident read, "as a precautionary measure these accounts have been locked." 

According to Forbes, this apparently concerns a breach of email accounts on an unspecified date, and could even be linked to the Yahoo 2014 data breach, as the American firm provides the sky.com email. 

However Sky's disclosure on the attack was undated, making it hard to know when the incident occured. It does mention that it concerns a "credential stuffing" attack, where hackers bombard a service with user login details (often stolen or bought on the Dark Web) in an attempt to breach user accounts.

Sky says it has already locked the accounts of all affected users, who will need to contact the company to get control back.

Source of the article – TechRadar

Show More

Related Articles

%d bloggers like this: