Zola Hacked, User Account Used to Buy Gift Cards
Hackers have been so unstoppable and they're targeting small and big businesses every now and then. Zola, a wedding planning startup is one of the recent victims. The firm has confirmed that hackers gained access to user accounts but has denied discontinuity of its system
The company's customers reportedly took to social media to report that their accounts had been hacked. Some reported that their funds had been bankrupt while others reported that their dollars were changed to their credit cards.
Emily Forrest, Zola spokesperson, told Techcrunch that accounts were introduced because of a credential stuffing attack. Exposed usernames and passwords were used to access accounts on different websites that share the same credentials.
Emily also said that a large number of Zola couples were not victimised. She however apologized for those who confirmed any crooked account activities. The Zola team also acted quickly to protect community couples and guests. And they were able to block attempted fraudulent transformers with immediate effect.
Zola Members On A Telegram Channel
Noirdotnews also saw the company's members on a Telegram channel discussing and posting screenshots accessing user accounts through the Zola app. One of the messages from members on Telegram says "make sure" to use the app, not the site. On the channel, hackers order Gift cards from the user's accounts. They use the credit card on file with Sola which are later sent to the hacker's email address after placing the order. Gift cards are specifically beneficial to cybercriminals because they are difficult to trace.
Eventually, Zola confirmed the gift card orders but assured the members that the company is working to correct them. Their staff reported that a large number of the gift card orders had been refunded and the remaining would be fully refunded.
Zola said that during the incident, it suspended Android apps and iOS and all user passwords were reset. Members were told to email their team <u>[email protected]</u>, for any help. Especially those who had sent a tweet regarding any gifts,credits or funds in their accounts. The team promised to ease the situation in time.
Zola couldn't tell the specific number of users whose accounts were hacked but only said it was fewer than 0.1%. It also refused to answer questions concerning lack of <u>two- factor Authentication (2FA).</u> 2FA is currently offered to users which aids in protection of accounts against credential stuffing attacks.
Do you find this content interesting?
This is just a MIRROR ! Find us via our Main TOR domain
And Let us know by leaving a comment and a rating.
Also, don't forget to follow our Official Telegram Channel to stay informed and safe by Reading NOIRdotNEWS