The comic book industry was mildly flustered this morning with digital comics company comiXology sent out an email to retailers users advising them to change their passwords, claiming that the site had been hacked and passwords stolen, along with the ability to capitalize the correct letters in their name. Here's the retailer letter, courtesy of Outhouser Old Curmudgeon:
Dear Comics Retailer,
In the course of a recent review and upgrade of our security infrastructure, we determined that an unauthorized individual accessed a database of ours that contained usernames, email addresses, and cryptographically protected passwords.
Even though we store our passwords in protected form, as a precautionary measure we are requiring all users to change their passwords on the comiXology platform and recommend that you promptly change your password on any other website where you use the same or a similar password. You can reset your comiXology.com password here.
We have taken additional steps to strengthen our security procedures and systems, and we will continue to implement improvements on an ongoing basis.
Please note that we will never ask you for personal or account information in an e-mail, so exercise caution if you receive emails that ask for personal information or direct you to a site where you are asked to provide personal information.
Cyber-attacks and password theft are becoming more and more common nowadays, but who would do such a thing to a poor digital comics company? Responsible investigative journalists that we are, The Outhouse has compiled a list of the top five most likely suspects, and we've asked Professor of Cyber-Security for Digital Comics Studies at the prestigious University of Phoenix, Thaddeus T. Puffinbottoms, to help us figure out who's behind it.
#5. CoBRA - The Comic Book Retailer Alliance
Just yesterday, The Outhouse reported on the formation of a secret cabal of comic book retailers with big plans to shake up the comic book industry. Could these retailers, led by the charismatic Dennis Barger Jr., be behind the comixology attack?
"It's certainly possible," admitted Puffinbottoms. "But CoBRA isn't planning their first meeting until May. There wouldn't be enough time to coordinate a hacker attack on this scale. And besides, this isn't really their style. CoBRA would be more likely to create synthoid doppelgangers of comiXology brass and use them to infiltrate the company and install mind control messages in the digital comics."
So probably not CoBRA?
"Probably not," Puffinbottoms confirmed.
#4. OSSM Comics
Why would OSSM Comics, the makers of Thaniel, be involved in stealing passwords from comiXology? They wouldn't, but they've purchased ad space on The Outhouse, and we feel we should bring their name up more often.
"I agree," Puffinbottoms told us. "And though I also think it's unlikely that OSSM had anything to do with these attacks, to be safe, we should all probably take a moment and click on the Thaniel ad banners to the top and right of the page. Just to be sure."
Good idea, Puffinbottoms. Go ahead, readers. We'll wait here for you.
#3. Mark Waid
As the founder of Thrillbent, superstar writer Mark Waid is one of comiXology's biggest competitors. Not only that, but Waid recently opened up a comic book store of his own, becoming a brick and mortar retailer, which we all know is the natural enemy of digital comics. So Mark Waid has twice the motive to take comiXology down.
"It's true that Waid would benefit greatly from the downfall of comiXology," theorized Puffinbottoms, "but if Mark Waid wants to destroy digital comics, wouldn't he start with Thrillbent first? He's already got a man on the inside."
We like the way you think, Professor.
"Besides," Puffinbottoms went on, "hacking just isn't Mark Waid's style. He's more likely to threaten to have comiXology readers eating through a straw for the rest of their lives than he is to steal their passwords. He's a hothead, not a thief."
#2. DC Comics
It's a well known fact that DC Comics doesn't like anybody spreading negative information about DC Comics. It's why they blacklisted The Outhouse, removed their exclusive interview series from Comic Book Resources and onto their own in-house blog, and recently told Newsarama not to cover their products at all. Well, if DC doesn't like people ruining its reputation, they must hate a company that distributes DC's books to readers on digital devices? Getting those Nu52 stinkers in the hands of readers does more to damage DC's reputation than any satirical article on a moderately popular website. So perhaps DC hacked into comiXology to prevent people from reading their own books.
"The reasoning is sound here, but could DC Comics really pull off a hacking attack?" Puffinbottoms reasoned. "Dan Didio is lucky he's able to tie his own shoes in the morning. The chances of coordinating a cyber-attack on this scale are very low, at least without comically screwing it up and having it blow up in their face."
Good point. They've got the motive, but not the means. And by means we mean basic competence.
#1. Vladimir Putin
Putin has weighed in on comic book related matters before when he addressed the American people about casting Ben Affleck as Batman in an open letter published in the New York Times. The Russian president could use a win in the escalating conflict over the Ukraine, and what better way to score an easy one than by going after comiXology, which has ties both to the United States and to Western Europe?
"I think this the most likely scenario," Professor Puffinbottoms agreed. "Putin has shown he will stop at nothing to achieve his goals, and what better way to disrupt the free world than by temporarily preventing their access to cloud-based digital comics?"
"Russia has a long history, dating back to the cold war, of planting undercover KGB agents on US soil and using them to further Russia's goals through espionage and sedition" he continued. "Or at least, that's what I've learned from watching the FX television show The Americans. Could it be possible that this cyber-attack came from someone on the inside? A sleeper agent?"
It's possible, but who could pull off such a well-planned deception?
"They tell me, Vlad, infiltrate the American comic book industry, get job as unpaid intern at multiple comic book publishers, work for free for years, and then when boss least suspect it, steal comiXology passwords," said Lead Unpaid Digital Password Security Intern at comiXology Vlad Kozinkerov. "So that is what I do."
If you have a comiXology account, head over to their website and change your password now. You will probably also want to change your password at any site where you use the same one, but you wouldn't be stupid enough to use the same password at multiple sites, would you? Would you?!
Oh, for shame, Outhouse readers. Never use the same password. For instance, we sell all our passwords to Bulgarian viagra salesmen every month. How do you think we pay the bills around here?