Breach, Threat Management, Data Security, Incident Response, Network Security, TDR, Vulnerability Management

Gyft resets some customer passwords following breach

Passwords have been reset for a number of Gyft users as a precaution after a trove of account data was reported for sale on an underground forum.

Krebs on Security, the blog of cyber journalist Brian Krebs, reported that the Mountain View, Calif.-based gift card website denied that its site was breached and assigned blame to a third party.

Gyft did not disclose how many accounts were affected, but an insider said the figure was a single-digit percentage of customers, Krebs reported.

Bitcoin users should take notice as Gyft has been an easy way to redeem the virtual currency at retailers. "As the Bitcoin network itself cannot be attacked in traditional ways, assailants have to take the other route by targeting services dealing with digital currency payments," according to

Gyft currently does not employ multifactor authentication, though company founder Vinny Lingham reportedly stated the firm was considering it.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.