The streaming video service Vudu on Tuesday began resetting its customers’ passwords after thieves broke into the company’s Santa Clara, Calif. headquarters and stole a number of items, including hard drives holding customer data.
“Our investigation thus far indicates that these hard drives contained customer information, including names, e-mail addresses, postal addresses, phone numbers, account activity, dates of birth and the last four digits of some credit card numbers,” according to a message in a FAQ format on the company’s Web site. “It’s important to note that the drives did NOT contain full credit card numbers, as we do not store that information.”
The burglary occurred March 24, and the company conducted a probe before contacting customers through an e-mail and its Web site this week. Only those who set up passwords through Vudu’s site were at risk, not those customers who logged in from another site. And although passwords stored on the stolen hard drives were encrypted, to reduce the risk of having them decrypted, the company announced Tuesday it was resetting all customer passwords as a precaution.
Vudu officials warned that victims should be mindful of an increase in e-mail spam and phishing scams linked to malicious Web sites. Vudu also is offering a year of free identity theft protection from AllClear ID.
Among subsequent actions since the break-in, the company said it now requires stronger passwords to further protect customers against any future thefts.
Vudu was acquired by Walmart for $100 million in 2010. It now delivers Web-based films and other media services using numerous third-party devices that include Blu-ray players, game consoles, Android devices and iPad tablets.