
Online developer bootcamp company Thinkful is sending out email notifications that state an unauthorized user was able to gain access to employee accounts credentials. Due to this, they are requiring all users to reset their passwords the next time they login.
According to Thinkful's email, they discovered that an unauthorized user had gained access to employee credentials and immediately changed the passwords to those accounts. Due to this security breach, out of caution they decided to reset all user's accounts.
"We recently discovered that an unauthorized party may have gained access to certain Thinkful company credentials so, out of an abundance of caution, we are notifying all of our users. As soon as we discovered this unauthorized access we promptly changed the credentials, took additional steps to enhance the security measures we have in place, and initiated a full investigation."
While Thinkful's media contact has not replied to our queries regarding this security breach, their email goes on to say that that no financial information or government identification numbers would have been accessible from the hacked accounts.
The email also stated that there is no evidence that any user data was accessed at all and that they wil continue to investigate.
"Additionally, at this time we have no evidence of any unauthorized access to any other Thinkful user account data or user information. However, as a measure of added precaution, we are requiring all users to reset their Thinkful passwords."
With so little information available, this could simply have been the cause of an employee falling for a phishing attack or having their credentials revealed during a credential stuffing attack. At the same time, as we have seen in the past with the StockX hack, notifications like this could lead to more concerning information being released in the coming days.
For now, if you receive these emails it is suggested that you change any passwords on other accounts that utilize the same login credentials. It is further recommended that you monitor any financial statements for fraud.
A full copy of the email being sent to Thinkful users can be seen below.

Thx to Daljeet for the tip!
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now