Users are advised to immediately change their log-in credentials. If the same password was used across multiple services, especially web mail or PayPal, users are advised to immediately change those passwords, as well.
In general, the best way to keep your online accounts secure is to use a password manager that generates long, random and unique passwords for every online account you use. (Here are five password managers we like.)
In an e-mail to its users, a Trapster rep writes, “The Trapster team has recently learned that our website has been the target of a hacking attempt, and it is possible that your email address and password were compromised.”
The e-mail continues, “We have taken, and continue to take, preventative measures to avoid future incidents, but we are recommending that you change your Trapster password.”
The Trapster blog doesn’t yet have any details on how the breach occurred, what kinds of data were compromised, how usernames and passwords are stored (we certainly hope it’s not plain text), or what the company has done to beef up security.
Although it’s unlikely any black-hat hacker would actually want a Trapster user’s sign-in name and password, the redundancies between mobile app passwords, e-mail passwords, bank passwords and PayPal passwords do leave the window open for criminal profit. In a just-published report on the state of cybercrime, we show how these kinds of security breaches can lead to big business on the black market — and big losses for consumers who don’t carefully guard their own identities.