This morning, Cineplex emailed their Connect members asking them to update their passwords, leading users to ponder if there was a hack or breach of customer data.
The email did not state a breach had occurred at the company, only to say “we want to draw your attention to recent news about thefts of user information from a number of popular online services. As a result of these incidents, a large volume of private user information, such as email addresses and passwords, has been exposed.”
Cineplex went on to say “Security experts agree that using the same username and password for multiple services is a risky behaviour.”
Users quickly reached out to Cineplex on Twitter to ask if the email was legitimate or if a had had occurred. The company responded “This is a valid email, we are being pro-active to help our users stay secure.”
To change your password, you need to login to Cineplex’s website, click on the Security tab and follow password change instructions.
Was Cineplex hacked or breached? Doesn’t sound like it, but they want users to update their passwords anyways.
Earlier, it was reported a bug with Cloudflare had potentially exposed critical user information, but that has since been patched by the company. Also this week, we saw Loblaws reset customer passwords after a breach resulted in PC Plus points stolen from some members.
Want to see more of our stories on Google?
P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!
There is no security tab when I click on the link. Tried on computer and phone. Anybody else have success with this?
Also, right now, http://www.cineplex.com/connect just takes forever to load.
You have to click on your name and select Manage Profile before you can see the Security tab (on computer)
Cool thanks. It was different earlier. It’s working now.
I tried to do it but the navigation is terrible and the speed of their website is painful.
Nice of them to send out this notice and then be totally unprepared technologically to deal with it.
Wow. That is such a bad email from SCENE. They should not only never direct link to pages requesting security details, they should announce they will never do such a thing. Sending something like this only supports the phishers/spammers to mimic the same thing and steal information. Everything on that email can be faked, along with the landing page asking for information to reset the password.
Starting to get login attempts. There must have been a hack.
o_0
Same thing just happened to me.
My “Account Activity” page shows failed logins from Chrome 60.0.3112 – Windows 8.1, location unknown. This happened around 4AM so it definitely wasn’t me.