SAN FRANCISCO, March 22, 2017 /PRNewswire-HISPANIC PR WIRE/ — PoliceOne announced that a recent data security incident has compromised the security of PoliceOne Forums users’ email addresses, user names, a small number of dates of birth and MD-5 hashed and salted passwords. Although there is no indication of actual or attempted misuse of this information nor was PoliceOne’s central database compromised, PoliceOne is notifying users whose information may have been subject to unauthorized access and acquisition and providing these users with information and resources that can be used to better protect against the possibility of identity theft or fraud if they feel it is appropriate to do so.
“We take this incident and user privacy very seriously as we have over the past 17 years,” Alex Ford, CEO of PoliceOne stated. “We have fully reviewed our forums, confirming the vulnerability had already been addressed, and continue to review our processes, policies, and procedures that address data security to prevent any future incidents.”
What Happened: On Friday, February 3, 2017, we were notified that the content of our PoliceOne Forum was the subject of unauthorized access and acquisition. The access and acquisition allegedly occurred in 2014, but was just brought to our attention.
What Information Was Involved: The information accessed included email addresses, a small number of dates of birth, user names, and MD-5 hashed passwords. The passwords were also salted, which adds another layer of security; however, the salt was also accessed.
What PoliceOne Users Can Do: We want to make sure you have information regarding what happened, what we are doing to address it, and what you’ll be asked to do as a result. Here’s what you need to know:
– As soon as we became aware of the potential incident, we took down the forums and set any new member login to require a password reset via email for potentially affected accounts
– On your next PoliceOne login, you will automatically receive an email with a link to change your password. We strongly recommend you go to our login page and initiate a password change immediately.
– If you use your same PoliceOne user name or email address and password for any other sites, we highly recommend changing your password on those sites.
– In general, it is a best practice to change any online password every 30 to 60 days due to the increase in hacking activity.
What We are Doing: While our investigation is ongoing, we are currently in the process of completing a security review.
For More Information: We apologize for any inconvenience. If you have any questions about this incident, please contact our Customer Service department at 1-888-765-4231. This notice was not delayed as a result of a law enforcement investigation.