The bookstore chain Thalia has become the target of a brute force attack. The accounts of some customers were cracked. Those affected are being informed by e-mail.
Targeted brute force attack
According to Thalia, it was a targeted attack on the accounts of customers. Over several hours, a computer program was used to enter countless combinations of names and passwords to gain access. In some cases, this procedure was successful. Thalia has also stated that the computer program was controlled from abroad. However, further details on the background of the crime are missing so far, so it is not clear who is behind the attack and why the bookstore chain became a target.
Passwords reset, affected informed
According to Thalia, those affected were informed by email about the unauthorized access to their account. To prevent further damage, the company has also had the passwords of the affected accounts reset. No unauthorized orders or changes within the accounts are said to have occurred.
For their own security, the company also calls on those affected to change their passwords at other services if the same password as the one used at Thalia has been used there. Theoretically, the people behind the attack on Thalia could also try out the determined access data at other services – and thus gain access to far more sensitive content.
Thalia has also announced that it will take the necessary IT measures to prevent further unauthorized access to customers’ accounts. So far, everything indicates that the company had not taken any precautionary measures against brute force attacks.