Hackers sock smartphone earpiece star Jawbone

February 13, 2013
Jawbone on Wednesday warned users of its earpieces and Jambox speakers that hackers stole names, email addresses and encrypted passwords from accounts used to make the wireless devices smarter.

Jawbone on Wednesday warned users of its earpieces and Jambox speakers that hackers stole names, email addresses and encrypted passwords from accounts used to make the wireless devices smarter.

The San Francisco-based company did not disclose how many MyTalk website accounts were affected, saying that the number was "limited" and that the attack was blocked within hours of breaching its computer system.

"Based on our investigation to date, we do not believe there has been any unauthorized use of login information or unauthorized access to information in your account," Jawbone said in messages emailed to affected users.

Jawbone disabled access to accounts and called on people to reset passwords.

"Of course, just choosing a new isn't enough," Graham Cluley of Sophos firm said in a blog post about the hack.

"You should also ensure that the old password (the one that may now be in the hands of hackers) is not being used by you anywhere else on the internet."

If successful at decrypting stolen password data, hackers could try using it to get into other accounts associated with swiped email addresses, Cluley warned.

"That could be disastrous for if, for instance, you were using the same password on—say—your actual email account," the security blogger wrote.

A MyTalk website lets people customize Jawbone wireless earpieces and speakers with mini-applications or features such as personalized voice notifications.

Explore further: Sony PlayStation Network hacked again by resetting user passwords

Related Stories

Password breach spreads beyond LinkedIn

June 7, 2012

More websites admitted security breaches Thursday after LinkedIn said some of its members' passwords were stolen, and experts warned of email scams targeting users of the social network.

Recommended for you

Drone market to hit $10 billion by 2024: experts

October 3, 2015

The market for military drones is expected to almost double by 2024 to beyond $10 billion (8.9 billion euros), according to a report published Friday by specialist defence publication IHS Jane's Intelligence Review.

Radio frequency 'harvesting' tech unveiled in UK

September 30, 2015

An energy harvesting technology that its developers say will be able to turn ambient radio frequency waves into usable electricity to charge low power devices was unveiled in London on Wednesday.

Professors say US has fallen behind on offshore wind power

September 29, 2015

University of Delaware faculty from the College of Earth, Ocean, and Environment (CEOE), the College of Engineering and the Alfred Lerner School of Business and Economics say that the U.S. has fallen behind in offshore wind ...


Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (3) Feb 13, 2013
Of course even 10 million hacked accounts is, after all, "limited". And "hours" is more than enough time to copy nearly any amount of passwords elsewhere.

Would probably be better if trash like Jawbone would not be allowed to harvest account details.
5 / 5 (1) Feb 13, 2013
Crackers, not hackers. That Jawbone doesn't know the difference is more worrying than a minor database breech. Moreover Jawbone shouldn't be keeping passwords but only the hashes. That's the real security problem
1 / 5 (2) Feb 14, 2013
In any case it does not look like those passwords needed to be saved centrally anywhere. Unless Jawbone now plans on providing a service where user can share e.g. music with someone else across the Internet. But sharing your music between your devices in your own home does not necessitate the uploading of passwords to some Jawbone server.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.