Hacker Newsnew | comments | show | ask | jobs | submit login

Skype reports this has been resolved: http://heartbeat.skype.com/2012/11/security_issue.html

    [UPDATE:14/11/2012@15:28GMT] 
    Early this morning we were notified of user concerns surrounding the security
    of the password reset feature on our website. This issue affected some users
    where multiple Skype accounts were registered to the same email address. We
    suspended the password reset feature temporarily this morning as a precaution
    and have made updates to the password reset process today so that it is now
    working properly. We are reaching out to a small number of users who may
    have been impacted to assist as necessary. Skype is committed to providing a
    safe and secure communications experience to our users and we apologize
    for the inconvenience.



Good to hear they fixed it but it was responsibly disclosed a month ago and Skype did nothing whatsoever. We really need a better way to hold a company accountable for appropriately reacting to proven security threats without requiring a public disclosure.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: