Late yesterday came word from various news sources like this one at ComputerWorld that Trapster - a California-based free online service that it says "allows users to share the location of police speed traps" - announced a security breach that may have exposed millions of emails.
Trapster has over 10 million registered users, and sends speed trap information to users of iPhones, iPads, Blackberrys, Androids, Nokias, Palms, Windows Mobile phones, and some GPS devices.
At Trapster's FAQ regarding the breach, it says for any registered user:
"... it’s best to assume that your e-mail address and password were included among the compromised data."
Therefore, Trapster says, users should immediately change their password.
The company also says that it knows how the breach happened, and that it has changed its software as a result.
Trapster goes on to state that:
"While we know that we experienced a security incident, it is not clear that the hackers successfully captured any e-mail addresses or passwords, and we have nothing to suggest that this information has been used."
I doubt that this breach will hurt Trapster that much, given its popularity, unless it gets hit again.
On the other hand, this reported breach certaintly beats Vodafone Australia's potentially 4 million person data breach at least in numbers (but not detail of the personal data exposed) - and we are only two-thirds the way through January. Hope these incidents are not an indication of how the rest of 2011 is going to turn out.
Robert N. Charette is a Contributing Editor to IEEE Spectrum and an acknowledged international authority on information technology and systems risk management. A self-described “risk ecologist,” he is interested in the intersections of business, political, technological, and societal risks. Charette is an award-winning author of multiple books and numerous articles on the subjects of risk management, project and program management, innovation, and entrepreneurship. A Life Senior Member of the IEEE, Charette was a recipient of the IEEE Computer Society’s Golden Core Award in 2008.