HomeNews listOBJECTIVE PRESSZola says user accounts were hacked, but still doesn’t offer 2FA

Zola says user accounts were hacked, but still doesn’t offer 2FA

  • May 23, 2022
  • Posted by: AliensFaith
  • Category: OBJECTIVE PRESS
No Comments

Zola, a wedding planning startup that allows couples to create websites, budgets, and gift registries, has confirmed that hackers gained access to user accounts but has denied a breach of its systems.

The incident first came to light earlier over the weekend after Zola customers took to social media to report that their accounts had been hijacked. Some reported that hackers had depleted funds held in their Zola accounts, while others said they had thousands of dollars charged to their credit cards and gift cards.

In a statement given to TechCrunch, Zola spokesperson Emily Forrest confirmed that accounts had been breached as a result of a credential stuffing attack, where existing sets of exposed or breached usernames and passwords are used to access accounts on different websites that share the same set of credentials.

“The vast majority of Zola couples were not impacted, but we are deeply apologetic to those who detected any irregular account activity,” Forrest said. “Our team acted as quickly as possible to protect our community of couples and guests, and we were able to block all attempted fraudulent transfers.” 

In a tweet, the company urged users who have seen funds stolen or fraudulent transactions to email its support team. Forrest told TechCrunch that “all funds, credit cards, and bank info continue to be protected” and that “all cash funds have been restored”. 

The company temporarily suspended its iOS and Android apps during the incident, and reset all user passwords out of an “abundance of caution.”

Zola declined to say how many users were affected by the breach and declined to answer our questions regarding the lack of two-factor authentication (2FA) currently offered to users, which helps to protect accounts against credential stuffing attacks.

“Our support team is working tirelessly to respond to every impacted customer, and we truly appreciate their patience,” Forrest added. “We guarantee that any outstanding customer issues will be resolved and addressed.”

Stop saying, ‘We take your privacy and security seriously’

      



Author: AliensFaith
HighTech FinTech researcher, university lecturer & Scholar. He is studying his second doctoral degree at the Hague International University. Studying different fields of Sciences gave him a broad understanding of various aspects of life. His recent researches covered AI, Machine-learning & Automation concepts. The Information Technology Skills & Knowledge gave his company a higher position over other regional high-tech consultancy services. The other qualities and activities which can describe him are a Hobbyist Programmer, Achiever, Strategic Thinker, Futuristic person, and Frequent Traveler.

Discover more from Maheri Network

Subscribe now to keep reading and get access to the full archive.

Continue reading