Hackers have hit the database of online ‘reputation management' company Reputation.com, exposing names, email and physical addresses, phone numbers and personal details.
According to a letter from the company, it "identified, interrupted and swiftly shut down an external attack on our secure network". It said that its network security team detected the breach shortly after it began, and took immediate steps to stop the attack before it could be completed.
“At Reputation.com, transparency and openness are part of our culture. That's why, although the extent of the breach and the limited kind of information accessed during this attack did not legally obligate us to provide notice to our users, we nevertheless felt it was important to let you know that this event occurred,” it said.
“Following the attack, our engineering and security team immediately conducted an exhaustive investigation, working closely with independent security experts to determine what information may have been accessed. We are also implementing additional security measures, beyond the high level of security that is already in place, to ensure your continued protection.”
It confirmed that financial information, social security numbers, account details, communications and "any details about the services we provided to you" were not accessed.
It also said that a list of salted and hashed user passwords for a small number of users was accessed, but while it said that "it was highly unlikely that these passwords could ever be decrypted, we immediately changed the password of every user to prevent any possible unauthorised account access".
“Based on the type of information accessed, we do not believe it's likely that you will experience any future issues as a result of this incident. However, out of an abundance of caution, we are offering free credit monitoring for a year to those affected clients who request it within the next 30 days,” it said.
“Security and your privacy remain our absolute first priority.”