Trapster.com emails users that their website was hacked possibly exposing usernames and passwords

[Jake Kouns <jkouns () opensecurityfoundation org>]

Email being sent on behalf of Trapster.com to users.  No other
confirmation as to a breach at this point.

-------------------------------------

http://wl4.peer360.com/b/qUlpevGWIJlJ474GE14y/main.asp?hl=89767844

Dear Trapster User:

The Trapster team has recently learned that our website has been the
target of a hacking attempt, and it is possible that your email
address and password were compromised.  We have taken, and continue to
take, preventative measures to avoid future incidents but we are
recommending that you change your Trapster password.  As always,
Trapster recommends that you use distinctive passwords for each site
you visit, but if you use the same password on Trapster that you use
on other services, we recommend that you change your password on those
services as well.

For information on how to reset your password or improve the security
of your passwords for your Internet usage, please click FAQs.

Sincerely,

The Trapster Team

-------------------------------------------------------------

http://wl4.peer360.com/b/21149i2125JE276H0ogX/main.asp?hl=-1&utm_medium=email&utm_source=peer360&utm_campaign=Trapster+Compromised+Accounts+Messaging+-+C1&utm_content=trapster+header_600

FAQs:

How do I know if my password was hacked?
We believe it’s best to be cautious.  So, if you’ve registered your
account with Trapster, then it’s best to assume that your e-mail
address and password were included among the compromised data.
We therefore recommend changing the password on your account, and if
you used that password on any other site, you should change your
password on that site as well.

Should I be concerned about my other online accounts?  What if I used
that password on other sites?
If you used your Trapster password on any other web site you should
change the password on that site as well, particularly if you used the
same e-mail address with that site.
Additionally, it is generally suggested that password security
increases if you follow these guidelines:
At least 8 characters, and for added security, 14 or more
Avoid common words and phrases
Use both upper and lower case characters, and include numbers and symbols
Do not base your password on any personal information

How do I change my password?
Log on at Trapster.com, and then go to My Account followed by Manage
Account.  Enter your new password and then click Update Account.
If you’d like to change your registered e-mail address, again go
online and go to My Account, then Manage Account.  Click on change
e-mail and put your new e-mail in the space provided.  Then click on
Verify.  Wait for a confirmation e-mail to that address to verify your
new e-mail account.

I don’t remember my Trapster account password.  What should I do?
If you have forgotten your password, or need your confirmation e-mail
or code resent, just visit http://trapster.com/forgot-password.php.

What do you know about the incident?
This was a single event.  We understand how it occurred, and have
taken steps to help prevent it from happening again.
Please note that we are taking these actions with our users as a
precautionary measure.  While we know that we experienced a security
incident, it is not clear that the hackers successfully captured any
e-mail addresses or passwords, and we have nothing to suggest that
this information has been used.

Are you notifying those whose details may have been compromised?
We are in the process of notifying those users who registered with Trapster.

What are you doing so that this does not happen in the future?
We have already rewritten the software code to help prevent this type
of attack from happening again, and continue to implement additional
security measures to further protect your data.

What if I want to delete my account?
If you wish to delete your account, log on at Trapster.com, go to My
Account, followed by Manage Account.  Click at the bottom of the page
on “I want to cancel my Trapster account.”

If you have further questions or are experiencing difficulties in
changing your password, please e-mail us at outreach () trapster com.
Please note, for security reasons we will not be able to supply
additional details about the incident itself.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/