[BreachExchange] Sky customers told to change password following possible data breach

Destry Winant destry at riskbasedsecurity.com
Thu Jul 25 10:14:05 EDT 2019 

https://www.techradar.com/uk/news/has-sky-been-hit-with-a-data-breach

Sky customers have been told to change their passwords immediately,
raising fears that the company may have been hit by a data breach.

The company has sent out emails to customers across the UK urging them
to reset their passwords as part of a "security measure".

The email contains a link for users to choose a new passwords as Sky
has had to change their existing logins, raising fears that the
company has suffered some kind of breach or attack.

'Incident'

"At Sky we take the security of your data and information extremely
seriously. To help keep your account safe we have reset the password
for your Sky account," the email read.

Several Sky customers took to Twitter to ask Sky if the emails were
genuine, or part of a phishing scam, with the firm's official Sky Help
Team account replying that they were.

‘To help keep customer’s accounts safe we occasionally reset the
password for Sky accounts. Customers can reset their password online
at Sky.com,’ a Sky spokesperson said, adding that the company has not
been breached.

However the account also told some customers that the reset was linked
to "part of the incident that happened last week", possibly
referencing a recent attack.

 "We have been informed by the provider of Sky.com email that a number
of email accounts have been accessed without permission," its official
disclosure on the incident read, "as a precautionary measure these
accounts have been locked."

According to Forbes, this apparently concerns a breach of email
accounts on an unspecified date, and could even be linked to the Yahoo
2014 data breach, as the American firm provides the sky.com email.

However Sky's disclosure on the attack was undated, making it hard to
know when the incident occured. It does mention that it concerns a
"credential stuffing" attack, where hackers bombard a service with
user login details (often stolen or bought on the Dark Web) in an
attempt to breach user accounts.

Sky says it has already locked the accounts of all affected users, who
will need to contact the company to get control back.

More information about the BreachExchange mailing list