April 9, 2013
VUDU, the popular streaming video service, is reporting that a break-in had occurred at their offices in March. Among those items stolen were hard drives that contained customer information, including names, email addresses, phone numbers, and more. The Walmart subsidiary has reset all customer passwords. They have also stressed that credit card numbers were never stolen. The full statement from VUDU is as follows:
There was a break-in at the VUDU offices on March 24, 2013, and a number of items were stolen, including hard drives. Our investigation thus far indicates that these hard drives contained customer information, including names, email addresses, postal addresses, phone numbers, account activity, dates of birth and the last four digits of some credit card numbers. It's important to note that the drives did NOT contain full credit card numbers, as we do not store that information. If you have never set a password on the VUDU site and have only logged in through another site, your password was not on the hard drives. While the stolen hard drives included VUDU account passwords, those passwords were encrypted. We believe it would be difficult to break the password encryption, but we can't rule out that possibility given the circumstances of this theft. Therefore, we have reset all customer passwords.VUDU says that it will offer a year of AllClear ID identify protection services to their customers free of charge. This is available once you generate a new password and is available on the "Accounts" page on the VUDU website. For more information, be sure to take a look at VUDU’s FAQ page.