Jawbone says hackers stole MyTalk user information
Another day, another company’s user information stolen by unknown attackers. Jawbone—the company behind various Bluetooth earpieces, the Jambox speakers, and the Up fitness band— notified customers early Wednesday that logins for the company’s MyTalk system had been compromised.
MyTalk is Jawbone’s Web-based tool for customizing the company’s Bluetooth devices. You can use the site to, say, install custom voices or toggle advanced settings on a Big Jambox, or install certain apps on earpieces, and such.
In the email, Jawbone writes, “We recently learned that login information for your Jawbone MyTalk account was compromised by an isolated attack on our system. In the course of this attack, limited user information related to your MyTalk account—specifically your name, email address, and an encrypted version of your password (not the actual letters and numbers in your password)—was compromised.”
Depending upon the level of encryption, many “encrypted” passwords may well be compromised, too, though Jawbone didn’t respond immediately to Macworld’s request for clarifications on whether the stolen encrypted passwords were salted—a technical term relating to using extra security measures aimed at making passwords much more difficult to crack.
“Based on our investigation to date, we do not believe there has been any unauthorized use of login information or unauthorized access to information in your account,” Jawbone says, though the company did disable users’ MyTalk passwords, and requires that users reset their access through specific links that rely on their MyTalk email addresses.