Millions of customer email addresses are affected by a LifeLock bug

   LifeLock represents a company that built a name for itself based on the promise of helping consumers protect their identities online. Unfortunately, the company just fixed a vulnerability on its site that allowed anyone with a Web browser to steal email addresses associated with millions of customer accounts.
    LifeLock’s Web site bug was exploited by hackers to exposed customer email addresses. This bug exploits consist in tying each customer account to a numeric “subscriberkey” that could be easily enumerated. The attackers had noticed how the format of the link in the browser address bar ends with the text “subscriberkey=” followed by a number. This “subscriberkey” number corresponds to a customer record, and the records appear to be sequential.
Soon after being discovered, the company took LifeLock{.}com offline. According to a security researcher, all LifeLock’s 4.5 million customer accounts can be exposed; he discovered the data leak after receiving an email to the address he had previously used at LifeLock, and that the message offered him a discount for renewing his membership.

Companies and individual people must take certain precautions against this growing phenomenon of malware cyber attacks; for that they should implement at least a cybersecurity solution, like an antivirus, to protect their systems. Necessary things like regularly updating operating systems, using antivirus for Windows or antivirus for Mac depending on which OS your device is using.
Companies must also hire professional cybersecurity firms to do regular checkups to their internal network a couple of times per year. These checkups must always include a penetration test and various ethical hacking test.

    For now, LifeLock’s Web site is currently offline because misconfigurations like the one described above are some of the most common ways that companies leak customer data. For example let’s not forget that earlier this year a similar flaw at Panerabread{.}com exposed tens of millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card.
    Update (07.27.2018): The LifeLock owners are saying that this issue was not a vulnerability in the LifeLock member portal; they are also saying that the issue has already been fixed and was only limited to potential exposure of email addresses on a marketing page which aside from the 70 email address accesses reported by the researcher, have no indication at this time of any further suspicious activity.
    Keep in mind that every device has a significant value that must be protected by at least cybersecurity solution like an antivirus. Depending on which OS your device is running, install an antivirus for Windows or antivirus for Mac for total protection. Companies must take an extra step and hire a professional cybersecurity firm that will run various cybersecurity tests on your company’s network to implement only the best possible cybersecurity solution. Always opt for a package that includes at least a penetration test and ethical hacking test.
For companies that exist 100% online, we recommend the using of cyber-secured web hosting services.