Hackers sock smartphone earpiece star Jawbone

Feb 13, 2013
Jawbone on Wednesday warned users of its earpieces and Jambox speakers that hackers stole names, email addresses and encrypted passwords from accounts used to make the wireless devices smarter.

Jawbone on Wednesday warned users of its earpieces and Jambox speakers that hackers stole names, email addresses and encrypted passwords from accounts used to make the wireless devices smarter.

The San Francisco-based company did not disclose how many MyTalk website accounts were affected, saying that the number was "limited" and that the attack was blocked within hours of breaching its computer system.

"Based on our investigation to date, we do not believe there has been any unauthorized use of login information or unauthorized access to information in your account," Jawbone said in messages emailed to affected users.

Jawbone disabled access to accounts and called on people to reset passwords.

"Of course, just choosing a new isn't enough," Graham Cluley of Sophos firm said in a blog post about the hack.

"You should also ensure that the old password (the one that may now be in the hands of hackers) is not being used by you anywhere else on the internet."

If successful at decrypting stolen password data, hackers could try using it to get into other accounts associated with swiped email addresses, Cluley warned.

"That could be disastrous for if, for instance, you were using the same password on—say—your actual email account," the security blogger wrote.

A MyTalk website lets people customize Jawbone wireless earpieces and speakers with mini-applications or features such as personalized voice notifications.

Explore further: China a likely factor in North Korea cyber prowess: experts

add to favorites email to friend print save as pdf

Related Stories

Password breach spreads beyond LinkedIn

Jun 07, 2012

More websites admitted security breaches Thursday after LinkedIn said some of its members' passwords were stolen, and experts warned of email scams targeting users of the social network. ...

Recommended for you

Streaming release of 'Interview' test for industry

Dec 25, 2014

Sony's "The Interview" has been a hacking target, a punchline and a political lightning rod. Now, with its release online at the same time it debuts in theaters, it has a new role: a test for a new kind of ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

PhyOrgSux
1 / 5 (3) Feb 13, 2013
Of course even 10 million hacked accounts is, after all, "limited". And "hours" is more than enough time to copy nearly any amount of passwords elsewhere.

Would probably be better if trash like Jawbone would not be allowed to harvest account details.
kochevnik
5 / 5 (1) Feb 13, 2013
Crackers, not hackers. That Jawbone doesn't know the difference is more worrying than a minor database breech. Moreover Jawbone shouldn't be keeping passwords but only the hashes. That's the real security problem
PhyOrgSux
1 / 5 (2) Feb 14, 2013
In any case it does not look like those passwords needed to be saved centrally anywhere. Unless Jawbone now plans on providing a service where user can share e.g. music with someone else across the Internet. But sharing your music between your devices in your own home does not necessitate the uploading of passwords to some Jawbone server.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.