Jawbone, a prominent maker of Bluetooth headsets and other audio devices, warned customers today (Feb. 13) that a data breach had led to the theft of account information, including email addresses, encrypted passwords and customer names.
The magnitude of the theft, which affects users of Jawbone's MyTALK service, wasn't clear.
The company said the risk did not apply to all users and that there was no evidence that the stolen data was being used to commit fraud or identity theft.
The company did not mention credit-card or other financial information.
"The attack was identified within hours, and we blocked the attack and reset passwords of all compromised accounts," Jawbone told the tech blog The Verge in a statement.
In a message emailed to affected customers, Jawbone said: "In the course of this attack, limited user information related to your MyTALK account ... was compromised. … We have disabled your old MyTALK password and you can no longer use it."
Users were then instructed to reset their passwords with an included URL.
The MyTALK service allows users to customize and update Jawbone's audio products.
As in all cases of data breach, affected customers should change passwords on all accounts that share a username and password with the compromised account.
Ideally, no one should ever use a password more than once, but that's practically impossible when every new account demands a long, complicated password.
Instead, consider using a password manager that does the remembering for you, or rotating three or four easy-to-remember passwords among less important accounts.
But make sure you're always using unique, strong passwords with social media, Web mail, retail and banking accounts — any site that handles your money or your communications.