Identify theft protection service LifeLock reportedly exposed customer email addresses

Symantec’s identity theft protection service, LifeLock, has reportedly exposed millions of customer email addresses due to a website bug.

LifeLock’s website was taken down briefly after alerted by security journalist and researcher Brian Krebs, who published the flaw on his blog.

The vulnerability allowed anyone with a web browser to collect customer email addresses by changing a number in the URL, which is used to unsubscribe from LifeLock’s communications. 

Each sequential number corresponds to a customer record, and changing that number revealed an email address on the webpage. Read more…

More about Tech, Cybersecurity, Symantec, Lifelock, and Tech
Source: Mashable | Identify theft protection service LifeLock reportedly exposed customer email addresses