A hacker going by the Twitter handle @Ur0b0r0x has breached LG Smart World, and leaked email addresses and password hashes of 11,316 users [Please see update below]. Smart World is LG’s official app store, providing apps for smart TVs, smartphones, and home appliances. The same hacker had earlier hacked 32 websites belonging to the Government of Columbia.
The hacked data dump has already been indexed by OZ Data Centa. If you want to find out if your info has been leaked, head over to ozdc.net and search for your email address. According to OZDC, the leaked information contains 11203 valid emails, out of which, 284 had already been compromised by some other data breach incident. Thankfully, LG was not storing passwords in plain text. However, I am not sure exactly what hashing algorithm it was using. If your account has been affected, immediately change your password on Smart World as well as all other websites on which you were using the same password.
Nothing on the internet is truly secure. Data and privacy breaches are often inevitable. However, you can avoid being burned by being prepared for the worst case scenario. Some of the elementary precautions are:
- Using distinct, non-guessable, and non-dictionary word passwords. You can use a password manager like Lastpass to manage your various accounts.
- Enabling two-step authentication on services like Gmail that supported it.
- Using a truly secure secret question for password reset options.
Update: LG spokeperson reached out to us stating that LG has been unable to verify a breach. “Äs far as we know, no private or sensitive information has been accessed”, he added.