Thinkful sends e-mail notifications that an unlawful customer has been allowed to access the credentials of their staff accounts. As a result, all users need to reset their passwords the next time they login.
According to Thinkful’s emails, an unauthorized user had access to credentials for employees and altered his passwords to these accounts instantly. Due to this safety infringement, they decided to reset all user accounts out of caution.
“We recently discovered that an unauthorized party may have gained access to certain Thinkful company credentials so, out of an abundance of caution, we are notifying all of our users. As soon as we discovered this unauthorized access we promptly changed the credentials, took additional steps to enhance the security measures we have in place, and initiated a full investigation.”
While Thinkful’s media contact has not answered our security breach questions, their email continues to say that no financial data or government ID numbers would have been available from the hacked accounts.
The email also indicated that there is no proof that user data is being accessed and will continue to examine them.
“Additionally, at this time we have no evidence of any unauthorized access to any other Thinkful user account data or user information. However, as a measure of added precaution, we are requiring all users to reset their Thinkful passwords.”
With so little accessible data, this could simply have caused an worker to fall into phishing attack or to reveal his credentials during a credential assault. In parallel, as we have seen with the StockX hack in the past, notifications like this could lead to more data about the future.
For the moment, it is suggested that you change passwords in other accounts which use the same login credentials if you receive these emails. It is also advisable to monitor fraud in any financial statements.
A complete copy of the email sent to thoughtful customers is available below.