Think hacking starts and ends online? Think again. Forbes took a look at the damage an identity thief can do using just the address label on the magazines you subscribe to, and the answer ain’t pretty.
Forbes‘ Kashmir Hill reports that, up until last week, New Yorker subscribers’ passwords to the magazine’s subscription management website were publicly visible to anyone who punched the info on the magazine’s address label into the subscriber website. That particular vulnerability has been fixed, but as Hill reports, that’s not the end of the story — hackers can still use the address labels on some of the most popular magazines as a key to your personal data.
So what’s the big deal? Well, as we keep learning with every successive big-time hack, people are still in the habit of using one astoundingly weak password for everything they do online . And if you were a New Yorker subscriber, and used the same password to manage your magazine subscription and your bank account, a hacker would only need the label from your snail mail book to get up to some seriously nefarious business. At that point, losing your weekly access to snooty, inscrutable New Yorker cartoons would be the least of your concerns.
Thankfully, the Forbes report contains one simple solution to protect yourself: just rip the address labels off your magazines the moment they hit your mailbox. After that, get smart about how you secure your online identity (HINT: using the same dumb password for everything is not a good idea!). And let’s hope that the magazine industry starts taking its subscribers’ personal security just a little more seriously. [Forbes]
Image: Shutterstock / Christian Mueller