RevMob data breach?
Armelline
Member, PRO Posts: 5,367
Got an email from RevMob a couple of days ago, announcing they were hacked. Badly, by the sounds of it.
Text below. Breach may include bank details, home address, all the stuff you don't want out there. Pretty horrifying lack of security going on here. No word since this email. Emphasis is mine.
==
Notice of Data Breach - Publishers - December 1st, 2016
What happened?
The purpose of this correspondence is to inform you about an unauthorized access into Revmob’s systems that was detected on Monday November 28, 2016. Several files were affected by this incident and information relating to you and your account may have been affected. Since Monday, Revmob has taken immediate corrective actions to investigate and respond to the incident.
What information was involved?
To our knowledge, information in the affected files may or may not include: your name, email address, physical address, payment account details, key metrics, app data and other data related to your Revmob account. We are actively working to determine the scope of the incident. Although we have no evidence that any unauthorized individual or entities have actually used your information, we are bringing this incident to your attention so that you can be alerted to signs of any possible misuse of your account identity now and in the immediate future.
What we are doing
Revmob has taken a variety of measures in response to the incident designed to prevent any future unauthorized access and protect customer information moving forward. The company has:
Engaged specialized legal firms to help with the investigation and inform the relevant legal authorities.
Engaged leading cybersecurity firms to determine the source of the incident, and account for all potential exposure.
Activated contingency measures which include further monitoring of our network for signs of further vulnerabilities or leaks.
Participated in a full security review to ensure Revmob's system is up to the highest compliance standards, has state of the art network protection, and our users’ information remains secure and private.
Developed a system update that fixes the identified vulnerability. This was deployed today.
To ensure that our publishers and advertisers have the highest level of protection, we have established additional ongoing security measures including a cyber security committee to ensure that we have updated and strengthened our security policies and protocols and have adopted secure SDLC (Software Development Lifecycle) according to industry best practices. We are also performing regular third-party vulnerability analyses of our systems for the continuous prevention, detection and forensics of cybersecurity threats.
What you can do
That said, you should be aware that phishing scams or other forms of retrieving sensitive or personal information may occur. Please be vigilant for any attempts to retrieve this kind of information – regardless of whether they come from known or unknown sources. If in doubt, please contact the source in question via phone to verify authenticity. Revmob will not contact you to ask for personal data. If you receive any message from a non-Revmob person about this topic or if you notice any unusual activity in the ad network, please contact security@revmob.com in order for us to provide the proper support for your account. For example, backups will be available for reversion to previous states, if necessary.
We at Revmob take users’ privacy and information security seriously and we will ensure to notify you on a regular basis on our security policies.
For more information
We sincerely apologize for the situation and any inconvenience it may cause you. Please contact us at security@revmob.com with any questions you may have.
Sincerely,
Gui Schvartsman
Founder of Revmob
Contact me for custom work - Expert GS developer with 15 years of GS experience - Skype: armelline.support
Comments
@Armelline, yep, received it as well.
MESSAGING, X-PLATFORM LEADERBOARDS, OFFLINE-TIMER, ANALYTICS and BACK-END CONTROL for your GameSalad projects
www.APPFORMATIVE.com
I've not actually advertised with Revmob, but have an account set up with them, as with all advertisers, so if my data was stolen it was, it was stolen with me getting no benefit from RevMob anyway!
Contact me for custom work - Expert GS developer with 15 years of GS experience - Skype: armelline.support
also got this
never used rev mob neither just signed it up
but they should not be able to do much with bank information.
There are no passwords stored for it. Credit card would be more critical but its easy to block it and get a new one.
If they they pretend to be you and contact your bank with the data they could in the worst case get them to resend your bank information.
In which case they would need to catch the letters out of your mailing box.
It would suck if they could change the current address via phone/email tough.
But this should appear suspicious as !@#$% for the person behind the phone and probably is not a thing they do that easily.
Of course its a different story if you had a deposit of money on that very rev mob account.
My Apps
https://itunes.apple.com/de/artist/david-zobrist/id733552276
https://play.google.com/store/apps/developer?id=David+Zobrist&hl=de