If you have a ComiXology account you haven’t checked in on in a while, perhaps you should. If you haven’t seen an email from them yet, you will soon. ComiXology is notifying customers that they performed a security review to enhance their existing security features. During the review process they found out that a database of theirs had been compromised by unauthorized access. According to the notification they sent, the table that was accessed contained usernames, email addresses and cryptographically protected passwords.
Even though their passwords are stored cryptographically, there is a remote possibility that the passwords could be unencrypted. Given that information, ComiXology is suggesting that the prudent thing for their customers to do is to change the password of any account they have that uses the same email address and password combination.
With the idea of passwords being changed in mind, ComiXology is requiring all accounts to change their passwords during their next sign in attempt. It is widely agreed that the best practices for individual security is to keep separate passwords for each one of an individual’s accounts and to rotate those passwords on a regular basis. During their security review that revealed the breach ComiXology improved their security and is impressing on users that they will continue to improve their systems on a regular and ongoing basis. ComiXology is answering any additional questions customers might have through their support email address firstname.lastname@example.org.