Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Frippin' heck: Watch out, chin-stroking prog rock fans. King Crimson distributor Burning Shed says it's been hacked

Crims slope off with a slice of dabatase including emails and encrypted passwords but no credit card deets

Independent record label Burning Shed has informed musos of a digital burglary involving the partial theft of its customer database, though no payment records were accessed.

Customers were told yesterday the break-in took place on 18 December but was only discovered by the company at the end of last week on 17 April. The letter – seen by us – stated:

A hacker managed to download a section of our customer database. This consisted of some email addresses, plus the encrypted passwords for those email addresses. Our IT experts do not believe that postal addresses or any other information was accessed. However, we know that the hackers did decrypt some of the account passwords.

It added: "We can, however, guarantee that no payment information of any kind was compromised as part of this breach. We do not hold any of our credit card or PayPal details on our database."

The advice to customers with poor security hygiene is that if they used their Burning Shed password on multiple accounts with different vendors, do the right thing immediately and update them.

When the burglary became apparent at the end of last week, the record label said it enlisted a "top expert" and set the person to work "fixing the problem that caused the breach".

The route in was not specified, nor was the vulnerability, but the security gun-for-hire is "strengthening the way passwords are encrypted" and as a precautionary measure all data is being moved to a new host.

"We have taken the Burning Shed site offline for maintenance in order to complete the security updates," the letter stated. "This means that we will not be taking any orders for approximately 48 hours as of today [yesterday] and you will need to change your password when this is complete."

The Information Commissioner's Office was informed of the breach yesterday and the company said it will "comply" with any recommendation the watchdog makes.

Burning Shed was founded in 2001 and artists served by the label include Brit prog mainstays King Crimson, Marillion and Porcupine Tree, as well as ambient muso Roger Eno. ®

 

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like