X

Comixology users must change passwords after data breach

The digital comics marketplace says it was hit by a security breach that targeted a database of usernames, e-mail addresses, and encrypted passwords.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
2 min read
Screenshot by Lance Whitney/CNET

Digital comic readers with accounts at Comixology will have to change their passwords the next time they visit the site.

In an e-mail sent Thursday to account holders, Comixology revealed that it was hit by a recent security breach. Specifically, someone hacked into a database containing usernames, e-mail addresses, and encrypted passwords. Though the passwords themselves were stored in a protected format, the site is still requiring all users to change their passwords.

Comixology users can reset their passwords through the site's change-password page.

Comixology's e-mail also stressed that payment information is not stored on its servers and that it has beefed up its security as a result of the data breach. You can read the full e-mail below.

Dear Comics Reader,

In the course of a recent review and upgrade of our security infrastructure, we determined that an unauthorized individual accessed a database of ours that contained usernames, email addresses, and cryptographically protected passwords.

Payment account information is not stored on our servers.

Even though we store our passwords in protected form, as a precautionary measure we are requiring all users to change their passwords on the comiXology platform and recommend that you promptly change your password on any other website where you use the same or a similar password. You can reset your comiXology.com password here.

We have taken additional steps to strengthen our security procedures and systems, and we will continue to implement improvements on an ongoing basis.

Please note that we will never ask you for personal or account information in an e-mail, so exercise caution if you receive emails that ask for personal information or direct you to a site where you are asked to provide personal information.

We apologize for the inconvenience. If you have any questions, please contact us by sending an email to support@comixology.com.

Sincerely,
ComiXology

Comixology isn't the only site in this predicament. On Saturday, the World Wide Web Consortium, or WC3, announced it was requiring all users to change their passwords in the wake of a security breach that accessed a user database and encrypted passwords.

Update at 7:25 a.m. PT: Comixology.com, including its change-password page, has been intermittently difficult to reach this morning.