Websites with many members are always a precious target for hackers
The website of Care2, an organization that’s all about living a healthy, green lifestyle, has been breached in the last days of December by an unknown hacker team that managed to access the login information belonging to a number of the site’s members.The official statement released by the company claims that only a limited number of Care2 member accounts were accessed by the cybercriminals, but as a precaution measure, all their 17,911,623 account holders are forced to change their passwords on their next log-in.
“We sincerely apologize for this inconvenience. Given our large membership size, we have become a significant target for spammers and hackers over the past few years, and this was the first hacking attempt that successfully breached our protective walls,” Care2 representatives wrote on the site’s blog.
The vulnerabilities which the hackers used to penetrate the site’s defenses were immediately patched up to prevent further access, but the incident is still being investigated to determine the full extent of the breach.
The FBI has been contacted to investigate the matter, but so far, the only clues to point to the identity of the attackers are some IP addresses from Russia. This, however, doesn’t necessarily prove that the attack was launched from there. It could be that the hackers compromised devices from this certain location.
Since no financial information is stored in the site’s databases, the hackers may have targeted Care2 in order to obtain passwords which they can later use to gain access to other accounts, including ones that contain more sensitive data.
This is exactly why customers are advised not only to change their passwords on the breached site, but also on others that share the same credentials. This procedure has to be done in the shortest time since after they get their hands on the loot, the crooks will try to make the best of it before their victims get to do anything about it.
Customers who experience issues in recovering their passwords are advised to contact Care2 customer support for help.