Hard drives stolen from Vudu offices contained customer info

Normally when a report of an online service that's been a victim of a crime comes in, the intrusion is usually by hackers who find a way to get at data remotely via a stolen password or malware. Today, an online company announced its database had been taken, but this time it was a physical theft.

Vudu, the online video streaming and download service that's owned by retailer Walmart, sent its customers an email today with this statement:

We want to let you know that there was a break-in at the Vudu offices on March 24, 2013, and a number of items were stolen, including hard drives. Our investigation thus far indicates that these hard drives contained customer information, including names, email addresses, postal addresses, phone numbers, account activity, dates of birth and the last four digits of some credit card numbers.

Vudu's email added that the data on the stolen hard drive did not contain any full credit card numbers and that the passwords on the drive were encrypted. Vudu users who signed up to use their password on the Vudu.com website have had that password reset automatically. Vudu is also offering a year's worth of free identity theft protection.

Vudu was acquired by Walmart in 2010. In addition to its website, Vudu content can also be streamed by a number of TV set top boxes along with Sony's PlayStation 3 and Microsoft's Xbox 360 consoles.

Source: Email
Hard drive image via Shutterstock

Report a problem with article
Previous Story

Rumors about Intel's cable TV box pop up; is it a threat to Xbox?

Next Story

Bragging rights ahoy: Facebook is ‘world's best employer'

10 Comments

Commenting is disabled on this article.

Sounds like it was a inside job and who cares really I have a account with no credit card info or money in it, so they can have all the fun they want and pretty much the hard drive is encrypted good luck deciphering it.

Athlonite said,
when was the email sent out if it was today or yesterday then why has it taken so long to own up

Well.... the harddisk containing the customer data has been stolen. Actually stolen, not like pirate stolen.
Chances are they're having to re-type in your account details from the print outs they put in the dumpster last week!

Feels like the 90's

:-/
It is reaaaaaally hard to belive because customer information must be store in the datacenter and the datacenter usually has 24hx7d support and most of the time, it is strictly secure.

They owned up to it and you're finding it hard to believe? I don't think they would tell people their information was stolen just to say, "Just kidding!"

I think it's a valid thought. There was a spate of "sensitive data was exposed via a lost USB stick" cases years ago and I was suspicious that some of them used that excuse to cover an online data breach.

We could well be seeing the same here.

DonC said,
We could well be seeing the same here.

Maybe, but they're admitting it. There are a LOT of companies that will never admit any data breaches of any kind nor tell their customers. I could name a few, but to protect the guilty I won't.