14 DAY TRIAL // Best Buy has started sending out notification emails to alert customers that hackers may be attempting to access their accounts.
Apparently, Best Buy itself hasn’t been hacked. Instead, cybercriminals are using username and password combinations obtained from older breaches to access the accounts of the retailer's clients.
“We are currently investigating increased attempts by hackers around the world to access accounts on BestBuy.com and other online retailers’ e-commerce sites,” the email sent to customers reads.
“These hackers did not take username / password combinations from any Best Buy system; they appear to be using combinations taken elsewhere in an attempt to gain access to BestBuy.com accounts,” it continues.
“Our investigation indicates that your account may have been accessed by these hackers. We are taking action now to help protect your account; we have disabled your current password, and ask that you take a few minutes to reset it.”
While it’s a good thing that Best Buy has sent out email to protect its customers, the fact that the messages came out of the blue, without any public warnings, many customers believed they were scams.
Furthermore, some users became displeased with the fact that Best Buy representatives failed to clarify in a timely manner that the notifications are legitimate and not part of a phishing campaign.
“I just did the password reset, logged in with new password and confirmed that they do not have a shipping address or any credit card info of mine,” an unhappy customer wrote.
“So I logged out and will shop elsewhere until I can be assured security has been improved at BestBuy.com, and when I know that BestBuy is responding in a better manner than they currently are with all of our important inquiries.”