Our first data breach occurred earlier this year. This means that we’re important enough to be hacked. Unfortunately, it also means that we were hacked. But, we’ve taken many steps since then to improve our posture and protect our users. Here is the note we’ve shared with our members.
We are writing to you because of a data breach associated with accounts on our website www.beltchecker.com. Although we are unaware of any actual misuse of your information, we are providing notice to you and other potentially affected customers
about the incident.
A collection of 13 billion email addresses and encrypted passwords from more than 23,000 allegedly breached websites was leaked on a forum for hackers. We were informed on December 29th, 2020 that around 5600 records from beltchecker.com should be included. We have not been able to verify this, but it is our best estimate that the user data was extracted on February 2nd, 2020.
What Information Was Involved?
The breach allegedly included email addresses and password fields. Password fields on www.beltchecker.com are encrypted. It looks like the accounts in question are those created on or before February 2nd, 2020 (member id lower than 5800).
What Are We Doing?
Shortly after the attacks, we upgraded our system with a firewall. We continue to work on improving and securing our system on a daily basis. The data breach has been reported to the EU authorities.
What You Can Do?
To find out if your account was included in a data breach, you can look it up on haveibeenpwned.com. While your beltchecker account should not be compromised due to encryption of the password field, it is still always a good idea to change your password. We generally recommend using a password manager and not reusing any passwords.
For More Information
If there is anything else that we can do to assist you, please feel free to contact us on email@example.com at any time.
Our apologies for this. We know it’s not a good look and we are constantly striving to do better. Thank you for your continued support.