
VUDU office break in - josephscott
http://www.vudu.com/pressroom.html
======
josephscott
Got an email from VUDU about this, several things were stolen form their
offices, includes hard drives:

"Our investigation thus far indicates that these hard drives contained
customer information, including names, email addresses, postal addresses,
phone numbers, account activity, dates of birth and the last four digits of
some credit card numbers. It's important to note that the drives did NOT
contain full credit card numbers, as we do not store that information.
Additionally, please note if you have never set a password on the VUDU site
and have only logged in through another site, your password was not on the
hard drives.

While the stolen hard drives included VUDU account passwords, those passwords
were encrypted. We believe it would be difficult to break the password
encryption, but we can't rule out that possibility given the circumstances of
this theft. So we think it's best to be proactive and ask that you be
proactive as well."

As is the case in almost every password breach, it would be nice to know
exactly how they "ecnrypted" the passwords.

