One Percent of User Base Exposed in Scribd Data Breach

Document-sharing website Scribd announced this week it was hacked, the victim of what it’s calling a “deliberate attempt to access the email addresses and passwords of registered Scribd users.”

Document-sharing website Scribd announced this week it was hacked, the victim of what it’s calling a “deliberate attempt to access the email addresses and passwords of registered Scribd users.”

In a post on the Support Desk section of its website, the San Francisco-based service claims it noticed and blocked suspicious activity earlier this week but asserts that only a fraction of its users may have been compromised by a breach. Scribd salts and hashes its passwords, a routine that the makes the company believe that only less than 1 percent of users were affected. It’s now in the process of asking those users to reset their passwords, just in case.

Scribd insists that no content, payment or sales-related data was accessed and that the one percent of those whose information was breached entails users’ emails and passwords.

While it’s in the process of sending out emails to those who may be affected, Scribd has also come up with a tool to help users verify whether their accounts have been jeopardized that can be found here.

In the post, the company reminds users that those who use the same password for multiple services could ultimately be the big victim here.

There have been a handful of high profile data breaches over the last year, but the bulk of them don’t usually involve information that’s been hashed and salted, something that could work out in Scribd users’ favor.

Regardless, Scribd claims its “implemented numerous additional safeguards” and launched a “comprehensive security review” following the breach to “proactively enhance security.”

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.