AOL has warned its users that a “significant number” of their accounts have been hacked. The firm said the security breach affected its network and systems, allowing hackers to gain access to a variety of user data.
This data includes email and postal addresses, encrypted passwords and answers to security questions. AOL also said "certain employee information" was hacked, but gave no further details. The firm urged users to change their passwords and security questions.
“AOL's investigation is still underway, however, we have determined that there was unauthorised access to information regarding a significant number of user accounts,” said the firm in a blog post. “AOL is working with best-in-class external forensic experts and federal authorities to investigate this serious criminal activity.”
AOL said it began its investigation following an increase in spoof emails coming from roughly two percent of AOL Mail addresses. “Importantly, we have no indication that the encryption on the passwords or the answers to security questions was broken,” said the blog.
“In addition, at this point in the investigation, there is no indication that this incident resulted in disclosure of users' financial information, including debit and credit cards, which is also fully encrypted.” It is currently unclear how big the AOL security breach is.
Last year was marked by two major security attacks. Adobe admitted in October that details on 38 million active users had been compromised. Meanwhile a breach that affected US retailer Target, thought to have occurred between 27 November and 15 December, saw over 40 million credit and debit card accounts hacked.
The framework has suffered from security flaws, including being used to create false clicks
An official announcement is expected soon
Issue demonstrates the importance of digital rights management
Good phone, shame it's so ugly