In this age of complex, multi-level corporate IT systems and web apps, missing vulnerabilities should not just be a worry, it should be expected. (iStock)
It was recently discovered that the direct to consumer identity theft service provider Lifelock had a vulnerability on its websites. The issue was reported by security blogger Brian Krebs at the end of July, and was called out by a former Lifelock customer and security researcher.
While the vulnerability was limited to potential exposure of users' e-mail addresses, it could have been ugly had it been misappropriated by fraudsters looking to launch a directed phishing campaign on Lifelock customers. Fortunately, after learning about the vulnerability, Lifelock acted quickly to fix it.
Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader
Your access to unlimited PropertyCasualty360 content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking insurance news and analysis, on-site and via our newsletters and custom alerts
- Weekly Insurance Speak podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the employee benefits and financial advisory markets on our other ALM sites, BenefitsPRO and ThinkAdvisor
Already have an account? Sign In Now
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
