Trapster users’ passwords may be exposed

Trapster is an online service that warns iPhone users (and Android & Blackberry) of speed traps. They have recently started warning users that the service has been compromised and potentially millions of email addresses and passwords have been stolen.

The company has published an FAQ about this breach saying, “If you’ve registered your account with Trapster, then it’s best to assume that your e-mail address and password were included among the compromised data.” The way it’s worded makes it seem like they are just being cautious as they go on to add, “While we know that we experienced a security incident, it is not clear that the hackers successfully captured any e-mail addresses or passwords, and we have nothing to suggest that this information has been used.” It could be that they are trying to ensure that users don’t just panic and abandon the service.

The Trapster service is available as an iPhone app, but you do not actually need to register to be able to use the service. The company says that in reality, very few of their users do actually register with email, so although there are reports surfacing about many of their 10 million users possibly being affected, Trapster says that it definitely won’t affect all the users. Users do have to register in order to submit new speed traps.

This security alert is being compared to what we saw with the Gawker hack where 400,000 account details were stolen, so even if not all users were registered, it will still most likely end up to be a way larger number. Although there is no real danger from any information used on the account with that email and password combo, the issue will be if someone has used that same combination on other sites or services.

Advice given has always been to not use the same email / password combination on other sites, but many people do, and it may be that if these hacks get more regular and more data is compromised, people will have to take more precautions.

One security firm advises that, “People really should be changing their passwords twice a year,” said Andrew Storms, the director of security operations for nCircle Security. “Not because someone could have compromised it, but because someone has compromised it. Maybe we should all just assume all public site passwords will be compromised and accept it as a new fact of life.” It may be something to consider now that we all seem to be living more and more of our lives online.

Have you had one of your accounts hacked? Were you affected by this or the Gawker hack? Do you use iPhone apps that ask you to log in so that you can use them? Is this something that makes you not want to use the service?

Article Via Macworld

Header Photo Credit: kreg.steppe

Chatty Canadian in the UK. Dancing queen in my head. Digital Communications Lecturer. Mac computer fan. Mac makeup fan. iOS developer. Popcorn eater. Was producer & host of quirky app review show Apps & Hats.