Symantec’s identity theft protection service, LifeLock, has reportedly exposed millions of customer email addresses due to a website bug.
LifeLock’s website was taken down briefly after alerted by security journalist and researcher Brian Krebs, who published the flaw on his blog.
SEE ALSO: Google announces its first foray into the security key market
The vulnerability allowed anyone with a web browser to collect customer email addresses by changing a number in the URL, which is used to unsubscribe from LifeLock’s communications.
Each sequential number corresponds to a customer record, and changing that number revealed an email address on the webpage. Read more…
More about Tech, Cybersecurity, Symantec, Lifelock, and Tech