Statista - 10/03/2014
Online statistics portal, Statista, notified customers of a data breach that occurred with their system. The breach was noticed when the company internally started receiving spam emails. The company investigated and approximately 50,000 of its customers username and password combination were compromised.The company has not said whether or not the breach goes beyond access to username and passwords, but at present, this seems to be all that has been affected.The company notified users almost immediately and assured them that the compromised passwords "cannot be used by third parties due to masking procedures". The company did not encourage customers to change their passwords. Experts are questioning how secure the passwords are for those that created accounts prior to December 2013 and have stated that "the passwords of those who signed up before this data were stored in the Statista database as MD5 hashes. As many experts will tell you, MD5 passwords can be easily cracked". The main risk for those affected would be a higher incidence of spam and phishing emails, potentially impersonating Statista.