Vudu video service resets customer passwords after hard drives theft

Walmart’s video service Vudu has reset its customers’ passwords after it found that hard drives were among items stolen from its office.

The hard drives contained customer data including names, email addresses, mailing addresses, phone numbers, account activity, dates of birth, account passwords and the last four digits of some credit card numbers, the company said on Tuesday.

Vudu said it was resetting all passwords and notifying all customers as well as providing them automatic eligibility for identity protection services from AllClear ID, though the passwords were encrypted. The identity protection services started April 9 and will continue for one year from the date of the company’s notice to customers.

“We believe it would be difficult to break the password encryption, but we can’t rule out that possibility given the circumstances of this theft,” Vudu said. “Therefore, we have reset all customer passwords.” It said credit cards were not at risk as the full numbers are not stored on its systems.

The burglary on March 24 has been reported to law enforcement immediately, and the company is cooperating with the investigation, Vudu said. The company did not provide details about the physical break-in, but said it was introducing additional measures to protect against physical theft and increasing password strength requirements. It said it was still in the process of sending emails to customers. Customers were also warned of spam email, including emails asking for personal information, and emails asking the customer to click on links to other websites.

Vudu, a video-on-demand service, was acquired by Walmart in 2010, and operates as a wholly-owned subsidiary from Santa Clara, California.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John’s e-mail address is john_ribeiro@idg.com