Holy Data Breach, Batman! Hackers Hit Comixology

Not even superheroes are safe from data breaches.

Popular online and mobile digital-comics store Comixology informed its subscribers today (March 6) that "an unauthorized individual" had accessed its database of customers' usernames, email addresses and passwords.

MORE: How to Protect Yourself From Data Breaches

However, the passwords were encrypted, Comixology said in its email to subscribers. Even if the passwords were stolen, they shouldn't be readable so long as the encryption was decent.

Comixology also said it didn't store users' payment information on its own servers, so the intruder wouldn't be able to access Comixology readers' credit-card numbers and other payment data. 

Registered Comixology users should have received emails this morning alerting them to the data breach. Any mobile devices on which the app is loaded should have received push notifications.

If you use Comixology, you should change your account password, either via the website or the mobile app. If you use the same username or password — particularly if you use the pair together — anywhere else, you should change those as well.

It's not clear when Comixology first detected the intruder. The email alert said that the unauthorized access was discovered "in the course of a recent review and upgrade of our security infrastructure." But overall, it looks as if Comixology has done everything right, as far as reporting data breaches goes.

Email jscharr@techmedianetwork.com or follow her @JillScharr and Google+.  Follow us @TomsGuide, on Facebook and on Google+.

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
    Your comment
  • If I was going to hack Comixology, I wouldn't steal user info. I'd steal comics. Maybe set myself up with a life-time sub to everything from Vertigo and all the Wolverine titles.These hackers need to get their priorities straight.
  • thats not how it works. these hackers usually work with DDoS attacks to breach security and during the attack they steal small packets of information such as passwords and names. all this is no more than a few minutes. stealing large files such as comics is a whole different thing that isnt possible in this method. and setting up a lifetime sub is a thing of movies.
  • So long as the encryption was "decent." What a riot, that Comixology doesn't even know what encryption was used in their system. Way to inspire trust in your users, guys.